A new infostealer called BHUNT is looting cryptocurrency wallet contents, passwords, and security phrases.
BHUNT is injected into explorer.exe, and is modular. These modules allow attackers to customize their campaigns and serve varying purposes, such as stealing passwords, grabbing information from browsers, and cleaning up tracers of malware activity.
The malware uses techniques like heavy encryption, being packed, and being signed with a stolen digital signature to avoid identification as a threat. BHUNT is currently targeting Atomic, Bitcoin, Electrum, Ethereum, Exodus, Jaxx, and Litecoin wallets.
Acronis Cyber Protect already detects and blocks BHUNT and other infostealers with its anti-malware protection capabilities, stopping them before your cryptocurrencies and sensitive data are stolen.
