Security Market Segment LS
Friday, 23 April 2021 10:09

Avast researchers warn cryptocurrency users to be vigilant with a new effective malware detected


Avast has identified a “new cryptocurrency-stealing malware” that steals cryptocurrency wallet addresses and “redirects the transactions by replacing the recipients’ crypto wallet addresses with its own.” According to Avast, the malware has stolen US$560, 000 from users since November 2018.

Avast researchers have identified a new cryptocurrency-stealing malware named HackBoss, which ensnares online users drawn into the game of selling, mining, and exchanging digital assets.

HackBoss has possibly managed to steal over US$560,000 (AU$726,000) from victims worldwide since November 2018.

According to Avast, “its authors have chosen a strategy of misusing public social sites such as Telegram, YouTube, and public forums for promotion of their malware disguised as various hacking or cracking applications that victims can download with the promise of ‘the best software for hackers’”.

Romana Tesařová, Malware Researcher at Avast, explained: “The software varies from bank and social site crackers to various cryptocurrency wallet and private key crackers or gift card code generators.”

“However, although each promoted application is promised to be some hacking or cracking application, it never is,” she stressed.

Tesařová illustrates how Hackboss infiltrates and “runs and looks for cryptocurrency wallet addresses that are copied to the Clipboard.”

She says: “When it detects a wallet address, it replaces the intended wallet with the HackBoss author’s own wallet address. A slightly less observant user may then hit the pay button without noticing that the copied wallet address has changed in the meantime and lose their coins, effectively diverting money to the malware authors.”

Avast stated they have collected “a list of more than 100 cryptocurrency wallet addresses belonging to HackBoss authors and to which the HackBoss malware exchanges the wallet address present in the clipboard.”

The wallet addresses format that HackBoss checks “are from Bitcoin, Ethereum, Dogecoin, Litecoin, and Monero cryptocurrencies and the majority of those wallets are Bitcoin wallets.”

Tesařová notes “cryptocurrency has become a viable investment.”

“People own some cryptocurrency coins nowadays and send coins via computer applications. It is important to be attentive when dealing with cryptocurrency”, she says.

Tesařová suggests to “double check the wallet address you are sending your assets to, use two-factor-authentication for accessing your digital wallets and, of course, install an antivirus, like Avast’s Free Antivirus, as it will protect you from malware such as HackBoss.”

Malware designed to steal cryptocurrencies fall into one of three main categories:
• Password stealers: malware focusing on stealing cryptocurrency wallets or files with passwords.
• Coinminers: malware that uses the victim’s machine’s computational power for mining cryptocurrencies.
• Keyloggers: malware that logs keystrokes to record passwords or seed phrases.

These three categories of cryptocurrency-related malware combined were the third most common type of malware seen in the wild over the past year.

“Password stealers have included a focus on cryptocurrencies for a long time now. It’s very easy to add a functionality for stealing cryptocurrency wallets to a password stealer, which means it’s uncommon these days to find a password stealer that doesn’t look for cryptocurrency wallets. Because of this, people should take extra care of their passwords, wallets, and digital assets,” concludes Tesařová.

For more information, go to Avast's recent Decoded article HackBoss: A cryptocurrency-stealing malware distributed through Telegram’.

Subscribe to ITWIRE UPDATE Newsletter here


The much awaited iTWire Shop is now open to our readers.

Visit the iTWire Shop, a leading destination for stylish accessories, gear & gadgets, lifestyle products and everyday portable office essentials, drones, zoom lenses for smartphones, software and online training.

PLUS Big Brands include: Apple, Lenovo, LG, Samsung, Sennheiser and many more.

Products available for any country.

We hope you enjoy and find value in the much anticipated iTWire Shop.



iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.


Kenn Anthony Mendoza

Kenn Anthony Mendoza is the newest member of the iTWire team. Kenn is also a contributing writer for South China Morning Post Style, and has written stories on Korean entertainment, Asian and European royalty, Millionaires and Billionaires, and LGBTQIA+ issues. He has been published in Philippine newspapers, magazines, and online sites: Tatler PhilippinesManila BulletinCNN Philippines LifePhilippine StarManila Times, and The Daily Tribune. Kenn now covers all aspects of technology news for

Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News