New ‘Erbium’ info-stealer distributed as fake cheats for video games

Share post:

Researchers from Cluster25 have reported a new information-stealing malware called “Erbium,” which is being spread as fake cracks and cheats for popular video games.

The goal of the malicious campaign is to steal the credentials of victims and cryptocurrency wallets. Just like other information-stealing malware, Erbium steal data stored in web browsers (Chromium or Gecko-based), such as passwords, cookies, credit cards, and autofill information.

The malware also tries to exfiltrate data from many cryptocurrency wallets installed on web browsers as extensions. Cold desktop wallets such as Exodus, Atomic, Armory, Bitcoin Core, Bytecoin, Dash-Core, Electrum, Electron, Coinomi, Ethereum, Litecoin-Core, Zcash, and Jaxx are also stolen.

The malware also steals two-factor authentication codes from Trezor Password Manager, EOS Authenticator, Authy 2FA, and Authenticator 2FA. It can grab screenshots from all monitors, steal Steam and Discord tokens, steal Telegram Auth files, and profile the host based on the operating system and hardware.

Erbium deployment in the wild has yet to be verified, although it has been promoted on Russian-speaking forums since July 2022. The info-stealer cost $9 a week, and the price of the malware has since risen to $100 a month, or $1,000 a year for a license, after gaining popularity in August.

As a security precaution, users are advised to avoid downloading pirated software, make sure they scan all downloaded files on an AV tool, and keep the software up to date by installing the latest security patches available.

The sources for this piece include an article in BleepingComputer.

Featured Tech Jobs

SUBSCRIBE NOW

Related articles

Cyber Security Today, March 27, 2024 – A botnet exploits old routers, a new malware loader discovered, and more warnings about downloading code from...

This episode reports on a new network of 40,000 infected small and home office routers and other devices that are part of a criminal botnet

Cyber Security Today, March 25, 2024 – A suspected China threat actor going after unpatched F5 and ScreenConnet installations

This episode reports on a new campaign stealing email passwords ,the latest data breaches

A hacker’s view of the civic infrastructure: Hashtag Trending, the Weekend Edition for March 23rd, 2024

What does the civic infrastructure look like through the eyes of a hacker? The legendary general Sun Tzu in the Art of War said that in order to defeat your enemy, you must first understand your enemy. How do you do this? He said, “to know your enemy, you must become your enemy.” If we

Cyber Security Today, Week in Review for week ending Friday, March 22, 2024

This episode features discussion on lessons learned from the ransomware attack on the British Library, advice for managing expectations of IT/security teams, why firms are leaving Google Firebase unprotecte

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways