Home News Crypto News Microsoft Warns Crypto Investors About Anubis Malware Targeting Windows
Crypto News

Microsoft Warns Crypto Investors About Anubis Malware Targeting Windows

  • by
  • September 8, 2020
  • 0 Comments
  • 3 minutes read
  • 353 Views
  • 4 years ago
Microsoft Warns Crypto Investors About Anubis Malware Targeting Windows
Microsoft (Courtesy: Twitter)

Microsoft has issued a critical alert to crypto investors and Windows users about a new malware named Anubis that is actively stealing sensitive financial information, including cryptocurrency wallet data, system credentials, and credit card details.

Microsoft’s Security Intelligence (MSI) team, through a series of tweets, revealed that Anubis has evolved from the infamous Loki malware and is being distributed via limited campaigns.

This article explores the threat posed by Anubis, its capabilities, and how users can protect themselves.

What is Anubis Malware?

Anubis is a newly identified info-stealing malware designed to infiltrate Windows systems and harvest sensitive data. Although it shares the name of a well-known Android banking malware, Microsoft confirms that this variant is unrelated and specifically targets Windows users.

Key Capabilities of Anubis Malware:

  1. Data Theft: Steals credentials, system information, credit card details, and cryptocurrency wallet data.
  2. Code Origin: Derived from the Loki malware, a notorious tool in cybercriminal circles.
  3. Targeted Campaigns: So far, the malware has been deployed in limited attacks through a handful of known download URLs and command-and-control (C2) servers.

How Does Anubis Malware Work?

Anubis is distributed through malicious download links, often embedded in fake software updates or phishing emails. Once installed, it begins extracting sensitive information from the system.

Attack Steps:

  1. Infection: Users unknowingly download and execute the malware via compromised links.
  2. Harvesting Data: The malware collects data from:
    • Cryptocurrency wallets.
    • System credentials and files.
    • Saved credit card information.
  3. Exfiltration: The stolen data is sent back to the malware’s command-and-control (C2) servers for misuse.

Microsoft’s Response and Recommendations

Microsoft’s Defender ATP security suite has been updated to detect and block the Anubis malware.

Detection and Protection

  • Threat Detection Name: PWS:MSIL/Anubis.G!MTB.
  • Capabilities: Microsoft Defender ATP can identify and neutralize Anubis upon detection.

Microsoft Security Intelligence assures users that:

“We will continue to monitor this threat for the possible expansion of these campaigns.”

How to Protect Against Anubis Malware

1. Enable Microsoft Defender

  • Use Microsoft Defender ATP to monitor and block potential threats in real-time.
  • Keep your antivirus software updated for the latest threat detection capabilities.

2. Avoid Suspicious Links

  • Do not click on links from unknown sources or download files from untrusted websites.
  • Verify software updates through official channels only.

3. Strengthen System Security

  • Enable firewalls and disable unnecessary system features.
  • Regularly update Windows and software to patch security vulnerabilities.

4. Secure Cryptocurrency Wallets

  • Use hardware wallets or cold storage for sensitive crypto holdings.
  • Avoid storing wallet credentials and recovery phrases on your computer.

5. Educate Yourself on Phishing Scams

  • Be cautious of emails or messages urging you to download software or provide sensitive information.

FAQs About Anubis Malware

1. What is Anubis malware?
Anubis is a Windows-targeting malware derived from Loki malware. It steals sensitive information, including cryptocurrency wallets and credit card details.

2. How does Anubis spread?
It is distributed through malicious download links or phishing emails.

3. Can Microsoft Defender protect against Anubis?
Yes, Microsoft Defender ATP detects and blocks Anubis as PWS:MSIL/Anubis.G!MTB.

4. Is Anubis malware widespread?
Currently, Anubis is being deployed in limited campaigns, but it has the potential to expand.

5. How can crypto investors protect their wallets?
Use hardware wallets, avoid storing credentials on devices, and only download wallet-related software from official sources.

Conclusion

Microsoft’s warning about the Anubis malware highlights the growing threats to crypto investors and Windows users. By targeting sensitive financial data, Anubis poses a significant risk to both individual and corporate users.

However, with proactive measures such as enabling Microsoft Defender ATP, avoiding suspicious downloads, and using secure storage solutions for cryptocurrency, users can mitigate the risks.

Stay vigilant, and ensure your systems are fortified against emerging malware threats like Anubis.

To stay informed about the latest cybersecurity developments, explore our in-depth guides and security updates.

Disclaimer: The information provided is not trading advice, Bitcoinworld.co.in holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decisions.

Tags:

Share This Post: