After horrifying the entire world in ‘IT’, PennyWise seems to have taken on a new avatar. This time it will not lure you with red balloons but bitcoin mining software and convince you to install them into your devices. So, what is the digital PennyWise malware?
New YouTube Malware Stealing Information: PennyWise
Security researchers have recently discovered that cybercriminals are misusing YouTube to spread potent malware that is capable of stealing all kinds of information from your device. After various cases of malware fraud were discovered on WhatsApp and Google Play Store, new ones have popped up on YouTube. This malware steals passwords, Telegram messages, and even takes screenshots. If you are scrolling down YouTube videos, you need to be cautious as some of these videos can hack into your devices!
Hackers are using YouTube as a medium to spread a new stealer malware, called ‘PennyWise’, intending to learn all possible information about you. PennyWise has been discovered by cyber researchers of the Cyble Research Labs who uncovered over 80 videos on YouTube with the potential to endanger users. The malware focuses on stealing sensitive browser data as well as cryptocurrency wallets from the victim’s device.
How did researchers find PennyWise?
Cybersecurity Researchers discovered these videos with only a few views belonging to the same YouTube account. The majority of these videos demonstrate how a piece of bitcoin mining software works in an attempt to entice users to download the software via a shared downloadable link in the video description. To make it more legitimate, the file is password-protected and includes a link to VirusTotal, which confirms the file as “clean” and safe to use. Surprisingly, it also displays a warning that some antivirus software may generate a false positive alert.
When a user downloads this file, the PennyWise malware is installed in the system. PennyWise, according to cybersecurity experts, is capable of stealing almost any type of data! It can obtain the path for a variety of browsers, including more than 30 Chrome-based browsers, 5 Mozilla-based browsers, Opera, and Microsoft Edge.
What is PennyWise capable of?
PennyWise is capable of stealing data ranging from system information to login credentials. Cookies, encryption keys, master passwords, Discord tokens, and Telegram sessions are all at risk. It can also take screenshots while scanning the device for potential cryptocurrency wallets or cryptocurrency-related browser add-ons. When the hackers have finished collecting all of the data, it can be compressed into a single file.
Surprisingly, the malware attempts to identify the victim’s country, and if the country belongs to Russia, Ukraine, Belarus, or Kazakhstan, all operations are halted. According to reports, it is possible because hackers are attempting to avoid detection by law enforcement agencies in these countries for unknown reasons.
How can I stay safe from PennyWise?
Here are a few ways you can protect yourself from the malicious PennyWise:
- If you are interested in bitcoin, you should be cautious and not click on any link you find on the internet. You should never download pirated software from unknown websites.
- You must have a strong password and keep it updated at regular intervals to keep it safe from such malicious activity.
- To improve security, you must implement multi-factor authentication.
- Never, ever open unknown links or email authenticity.
Read Also : ‘Lockdown Mode’, Apple’s Latest Security Tool for High-profile Users Introducing
Anwesha has been a creative writer for a while. Currently, on her pursuit of tech writing, she is diving into the realms of technology to produce better content on the forever-changing world of technology. In her free time, you’ll find her humming tunes of her favourite shows or reading a book.