Cybercriminals are exploiting the growth in popularity of NFTs in efforts designed to trick victims into downloading trojan malware capable of hijacking their PCs while stealing usernames and passwords.
Cybersecurity researchers at Fortinet have spotted what’s described as a “peculiar-looking Excel spreadsheet” which purports to contain information about NFTs – but the real purpose of the file is to aid the delivery of BitRAT malware.
BitRAT is a remote access trojan (RAT) that first emerged for sale in underground forums in August 2020. What makes it notable is it can bypass User Account Control (UAC), a Windows feature which helps to prevent unauthorised changes to the operating system.
The malware comes with various trojan functions, including the ability to steal login credentials from browsers and applications, the ability to log keystrokes and the ability to upload and download files. This edition of BitRAT can also monitor the screen of the victim in real-time, use their webcam and listen to audio through the microphone.
It’s not detailed how the malicious Excel file is distributed to victims, but it claims to offer information on forecasts on potential investment returns and the number NFTs available in each series. It also contains links to legitimate Discord channels on NFTs,