HackBoss malware is using Telegram to steal cryptocurrency from other hackers

Hackers stealing from wannabe hackers using fake software

Hackers are distributing cryptocurrency-stealing malware over a Telegram channel to would-be hackers in a scam that has racked up $500,000, according to security researchers.

According to cyber security firm Avast, Hackers are running a Telegram channel called “Hack Boss” to distribute malicious software for other hackers to use. Unfortunately for the hackers who download it, the software won’t help them spread malware. Instead, it’ll infect their systems with cryptocurrency-stealing malware.

Researchers dubbed the malware HackBoss after the Telegram channel they discovered it on. The channel claims to provide “The best software for hackers (hack bank/dating/bitcoin).” The software that is supposed to be published on this channel varies from bank and social site crackers to various cryptocurrency wallet and private key crackers or gift card code generators.

“However, although each promoted application is promised to be some hacking or cracking application, it never is. The truth is quite different — each published post contains only a cryptocurrency-stealing malware concealed as a hacking or cracking application. What is more, no application posted on this channel delivers promised behavior: all of them are fake,” said researchers.

In investigations, researchers found HackBoss is delivered as a zip file. When opened, the executable launches a user interface. No matter what the hacking tools claim to be, the user interface decrypts and installs the cryptocurrency-stealing malware on the victim’s system. The executable runs once the victim clicks any button.

The malware searches the victim’s system for any cryptocurrency wallets and replaces them with its own.

“The malicious payload keeps running on the victim’s computer even after the application’s UI is closed. If the malicious process is terminated — for example via the Task manager — it can then get triggered again on startup or by the scheduled task in the next minute,” said researchers.

“Such behavior can be easily overlooked by a less observant victim and may lead to a significant monetary loss.”

So far, researchers have found over 100 cryptocurrency wallet addresses belonging to HackBoss authors. These are the wallets the HackBoss malware puts in place of the victim’s crypto wallet. The malware authors have amassed $560,000 from victims since the scam started in November 2018.

While the HackBoss authors promote their fake hacking tools through other media, Telegram appears to be its main distribution path.

Featured Resources

BCDR buyer's guide for MSPs

How to choose a business continuity and disaster recovery solution

Download now

The definitive guide to IT security

Protecting your MSP and your customers

Download now

Cost of a data breach report 2020

Find out what factors help mitigate breach costs

Download now

The complete guide to changing your phone system provider

Optimise your phone system for better business results

Download now

Recommended

TsuNAME vulnerability could enable DDoS attacks on major DNS servers
distributed denial of service (DDOS)

TsuNAME vulnerability could enable DDoS attacks on major DNS servers

7 May 2021
What are SSH keys?
cyber security

What are SSH keys?

7 May 2021
Google’s about to push everyone into two-factor authentication
Security

Google’s about to push everyone into two-factor authentication

6 May 2021
Defense Dept. expands vulnerability disclosure program to all publicly accessible defense systems
ethical hacking

Defense Dept. expands vulnerability disclosure program to all publicly accessible defense systems

5 May 2021

Most Popular

KPMG offers staff 'four-day fortnight' in hybrid work plans
flexible working

KPMG offers staff 'four-day fortnight' in hybrid work plans

6 May 2021
Dell patches vulnerability affecting hundreds of computer models worldwide
cyber security

Dell patches vulnerability affecting hundreds of computer models worldwide

5 May 2021
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

29 Apr 2021