A group of hackers have taken advantage of typing mistakes in order to introduce malware to Android phones and Windows-based PCs. Using a technique called typosquatting, which consists of registering domains that are dramatically near to the ones of official brands of organizations, hackers are getting data and private keys from unsuspected users, according to a report issued by Cyble.
Incorrectly typing the web domain can be dangerous for your wallet
Hackers have set up a web of malware-infested domains that take advantage of users’ typing inaccuracies when they visit a designated website. According to a report released by cyber security and digital risk assessment firm Cyble, these domains mimic other well-known organizations and apps like Google Play Store, Apkure and Apkcombo.
Users that visit the domains are prompted to download an infected version of the app requested, which will serve as a vehicle for the infection. The target device, be it an Android phone or a Windows PC, will then be infected with a version of ERMAC, a malware trojan that allows the threat actors to access several critical private data in the targeted device, including private keys.
The banking trojan was first discovered in 2021 and is now targeting more than 460 applications, allowing attackers to rent its services for $5,000 a month.
Hackers Targeting More Sites and Brands Involved
While the mentioned report only found evidence of a little group of apps and brands being mimicked, further investigation by another security source confirmed that at least 27 brands and app names are being targeted by this kind of attack. Among these are Tiktok
Cryptocurrency wallets and crypto mining and related sites are also on the list. tronlink
Metamask, Phantom, Cosmos Wallet, and Ethermine are also part of the group of targeted sites. Each of these fake domains has different typo-squashed domains registered in order to maximize the attack’s impact and damage.
Cybel makes different recommendations to avoid this kind of attack, including having an effective antivirus protecting your phone and PC, and monitoring your wallets and banking accounts regularly. However, the best advice is to arrive at the web pages of software and apps through the use of a search engine, avoiding blog-posted directions and links shown as part of advertisement campaigns.
