Security researchers at Intezer Labs had discovered a Remote Access Trojan (RAT). The attacker behind this operation has enticed cryptocurrency users to download trojanized applications by promoting them in dedicated online forums and on social media.
The campaign was revealed in December 2020, but researchers suspect the group began spreading their malware as early as January 8, 2020.
A new undetected RAT malware is written in Golang programming language. The malware was named ElectroRAT, compiled to target multiple operating systems: Windows, Linux and MacOS.
The Operation
The attacker behind the campaign lured cryptocurrency users to download trojanized applications. The attacker has created three different trojanized applications, each with a Windows, Linux and Mac version.
These applications are directly related to cryptocurrency. For instance, the experts purport “Jamm” and “eTrade” are cryptocurrency trade management applications and “DaoPoker” is a…