Glupteba malware is a sneaky new malware that hackers can control remotely, and it includes a versatile range of components that enable it to cover its tracks. Glupteba updates itself using encrypted messages that are hidden in the Bitcoin blockchain.
The Glupteba bot creates backdoors with full access to contaminated devices, which are added to its fast-growing botnet. It is thought to be a “highly self-defending malware” with “enhancing features that enable the malware to evade detection.”
One of the more unique aspects of Glupteba is that it employs Bitcoin blockchain as a means for receiving new configuration information, given that bitcoin transactions can include a comment of up to 80 characters.
Glupteba uses this as it’s messaging space for encrypted messages. The messages contain secrets, such as command-and-control server names, hiding them in plain sight within the public blockchain.
What Else can Glupteba Malware Do?
– It’s a crypto-jacker, which means that it can act as a management tool for crypto-miners.
– It can also distribute itself automatically across networks.
– It also acts as a security suppressor that can turn Windows Defender off.
– It’s also a browser stealer that goes after local Chrome, Firefox, Yandex, and Opera data files.
– It can exploit popular home and small business routers and attack other people connected to the network.
Glupteba is still under constant development, as Sophos Labs writes: “With the use of its exhaustive backdoor functions, Glupteba can download a wide variety of other malware, while collecting a large amount of information from the victim’s computer. Even today, Glupteba drops cryptocurrency miners and browser stealer components, attacks MikroTik routers, and leverages its proxy components to conceal which binary is communicating with the outside world.”
CTO at security firm CASA, Jameson Lopp, has described the malware as “an unstoppable app.”
This sophisticated malware is another example of the non-monetary use of the blockchain and its uncensorable public ledger, including virtual power plants and open digital ID systems.
Some of the practices you can engage in to protect yourself are:
– Look for updates for your system. Make sure that your operating system, apps, and devices like routers or servers are up to date.
– Use the best possible anti-malware program and employ web filtering.
– Stay away from cracked software programs that you can download on the web for free and pay for licensed versions. Because, generally, when it comes to software, free is not better, and those “too good to be true” programs are usually infected with malware.
