The Echelon malware is silently dropped into Telegram chat groups, which can automatically steal security information and e-wallets on the device.
The CIA Officer of the security firm SafeGuard Cyber announced that they have discovered a new malicious code capable of capturing information about non-custodial digital wallets (the type of wallet customers keep their own keys instead of leaving them on exchanges). This malware is named Smokes Night.
Smokes Night is a new version of the Echelon malware that has stolen millions of dollars in crypto over the years. The CIA Officer said this malicious tool was first discovered in a Telegram channel specializing in cryptocurrencies.
A special feature is that it is tweaked the code to automatically access data, steal privacy, and secure code on the device without the user having to click, download or open the file. Malicious code is distributed in Telegram chat groups, taking advantage of the automatic file download feature on the application to access activity history, take screenshots of the device.
According to Utoday , users of several non-custodial wallets like AtomicWallet, Electrum, Exodus were stolen. The most targeted cryptocurrencies are Bitcoin, Litecoin, ZCash, Monero…
To avoid the Smokes Nights malicious code on Telegram, users need to go to the settings, turn off the automatic download feature with the effect: Settings -> Data & Storage -> Automatic Media Download -> Disabled All . On the computer, users go to Settings -> Advanced -> Automatic Media Download -> Private chats, groups, channels -> Files -> Disabled.
According to Chainalysis , crypto scams have increased sharply in 2021. An estimated $7.7 billion was stolen in the past 12 months, an increase of 81% year-over-year. Another Atlas VPN report shows that in the third quarter of 2021 alone, more than a billion dollars of cryptocurrency was stolen through 146 attacks. From the first quarter to the third quarter, the average American lost about $3.5 million in cryptocurrency to cyberattacks.