A report released by Bleeping Computer shows that there are scam and malware campaigns on YouTube which uses videos to promote a “bitcoin generator.” These videos promise free bitcoins for its users, however, in reality, it is just a scam in pushing Qulab information-stealing and clipboard hijacking Trojan.
Cybersecurity expert Frost discovered these videos and tracked them down for over a couple of weeks. Even though Frost reports these videos to YouTube and the streaming giant takes action against them, they re-upload similar videos to a new channel.
How does it work?
The way these campaign works is the bad actor will upload a series of videos that promote a so-called free “bitcoin generator” tool. In the videos, description will also be linked to download this tool, which is actually a Trojan, and a link for the
https://freebitco.in site. When a user clicks on the download link in these videos, they will be brought to a page offering a Setup.exe file. However, these are actually Qulab Trojan.
How does Qulab Trojan Affect Your Computer?
The Qulab Clipper is a Trojan that is used to collect information from its victims. It is designed to monitor the infected computer’s clipboard, waiting for the victim to copy a digital currency wallet address or other information associated with digital currency transactions. This trojan will then replace this information, as well as collect it and other data. In fact, the Qulab Clipper also is capable of gathering private data from the victim’s computer.
The malware seems similar to previous threats that carried out similar tactics but has various other features that make it a more advanced version of the same threat kind. The Qulab Clipper was developed by Russian programmers and is being distributed on hacking forums currently.
The effect of Qulab on digital novices can be extremely devastating. Considering that people it is being targeted to install “free bitcoin generators” on their computers, means that they are not too good with their cybersecurity.
Notably, the following cryptos are vulnerable to be threatened by Qulab: Bitcoin, Bitcoin Cash, Bitcoin Gold, Bytecoin, Cardano, Lisk, Dash, Doge, Electronium, Ethereum, Graft, Litecoin, Monero, Neo, QIWI, Qtum, Stream Trade Link, Straits, VIA, WME, WMR, WMU, WMX, WMZ, Waves, Yandex Money, and Zcash.