SquirtDanger malware: takes screenshots, steals crypto-currencies and passwords

It seems like we are informed of new cyber threats daily. Deceptive programs aim to trick us into unknowingly installing viruses like the Stresspaint malware. In other instances, we are forced to see that hackers do not have to struggle through moral dilemmas or consider whether taking advantaging of the Syrian crisis is not sinful. Furthermore, we are constantly informed of bugs in popular online services like LinkedIn and Drupal. Therefore, keeping track of the newest cyber threats becomes a very huge responsibility, and you should be attentively patching everything that requires patching.

Security researchers have discovered a new malware family, possibly originating from Russia. Specialists from Palo Alto announced about their findings in a blog post, and stated that this cyber threat is a botnet malware, capable of taking screens of users’ activity, stealing money from users’ crypto-currency wallets, deleting files and so much more.

TheBottle develops SquirtDanger malware and sells it

SquirtDanger malware

Palo Alto researchers also have evidence, proving who the owner of SquirtDanger malware is. It was reported that a notorious malware-creator from Russia is the main suspect. The unidentified hacker goes by the name of “TheBottle”. The mastermind behind the SquirtDanger malware has been detected to sell his/her newest project in underground markets. TheBottle is famous for such activity and has been described as the developer of such malware families like Evrial, Ovidiu Stealer and Odysseus project. Now, the list is edited to include the sophisticated SquirtDanger infection.

The Palo Alto’s Unit specialists have also described the new botnet malware family as “Swiss Army Knife Malware” and the virus is distributed through illicit software downloads. According to the original report, once the SquirtDanger malware infects a computer, the virus will be able to commit various crimes. As we have mentioned, users will be constantly monitored because the malware will take screenshots. This could mean that if you access your online banking account while your computer is invaded by SquirtDanger malware, the hackers are going to be able to steal your banking account information.

Additionally, the malware can also delete other infections, clear browser cookies, kill various processes (for instance, anti-malware programs), and retrieve saved passwords from your browser. One of the more interesting features is that SquirtDanger malware is capable of stealing crypto-currencies straight from users’ wallets. Considering the majority of different function of this malware, we are sure that it is very popular in the underground market.

TheBottle hacker has communicated with security researchers

TheBottle has admitted to be the creator of various malware families, but has also expressed apologies for his/her actions. Researchers were also able to detect a Telegram channel, consisting of 900 individuals. The majority of them appear to be Russian, just like TheBottle. A Twitter account, belonging to the mysterious hacker, has also been found. MalwareHunterTeam engaged in an exchange of tweets with this person. Unluckily, the crook claimed that he/she should not be held responsible for the actions of people who buy the programs (or in other words, malware) that TheBottle designed. In our opinion, both parties should be equally responsible.

Leave a Reply

Your email address will not be published. Required fields are marked *

Recent Posts

Security Guides

Recent Comments