← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Crypto malware in patched wallets targeting Android and iOS devices | WeLiveSecurity
WHITE mohdrennis 2022-03-25 Modified: 2022-04-24
190
IOCs
HIGH VOLUME
ESET Research has uncovered a sophisticated scheme that distributes trojanized Android and iOS apps posing as cryptocurrency wallets, which it believes could be used to steal users’ funds. and is mainly targeting Chinese users.
distributionjaxx libertyandroidgoogle playtelegramtrust walletapp storeeset researchmetamaskbitpiefacebookalliancepatchedgeneralpanda
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
Indicators of Compromise (19 / 190 total)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain hostname
TYPEINDICATORDESCRIPTIONCREATED
hostname admin.metamaskio.vip 2022-03-25
hostname admin.token2.club 2022-03-25
hostname api.metamasks.me 2022-03-25
hostname api.tipi21341.com 2022-03-25
hostname appapi.imtoken.porn 2022-03-25
hostname bh.imtoken.sx 2022-03-25
hostname bp.tkdt.cc 2022-03-25
hostname crp.jaxwalet.com 2022-03-25
hostname ds-super-admin.imtokens.money 2022-03-25
hostname imtokenss.token-app.cc 2022-03-25
hostname jaxx.libertycryptowallet.ltd 2022-03-25
hostname jaxx.podzone.org 2022-03-25
hostname metamask.tptokenm.live 2022-03-25
hostname mm.tkdt.cc 2022-03-25
hostname ok.tkdt.cc 2022-03-25
hostname two.shayu.la 2022-03-25
hostname update.imdt.cc 2022-03-25
hostname update.xzxqsf.com 2022-03-25
hostname wallet.cryptojx.store 2022-03-25
References (1)
↗ https://www.welivesecurity.com/2022/03/24/crypto-malware-patched-wallets-targeting-android-ios-devices/