In a world where scammers are rife, and seemingly obsessed with hacking innocent parties—like the Costa Rican healthcare system(opens in new tab)—in order to hold their data ransom for crypto capital, we almost got excited when we heard about malware that intercepted scammers before they could profit from their misdeeds. Unfortunately, it's not all good news.
Trend Micro(opens in new tab) outlines in a recent post a parasitic threat actor the company just discovered. It's been named Water Labbu, potentially as a nod to a Mesopotamian lion-dragon-like mythological creature(opens in new tab) designed by the God Enlil to wipe out the nuisance that humanity had become. The rest of the Gods ended up cowering before it and he finally sent someone to slay the beast which took three years, three months, and a day to bleed out.
The more you know...
Water Labbu (the malicious actor, not the creature) had been targeting problematic cryptocurrency scam websites, piggybacking off the social engineering tactics many crypto scammers use, such as convincing people to hand over passwords, etc, in order to turn the tables on would-be scammers.
It would hide behind the guise of a decentralised application (DApp) and infect the crypto scammers' websites, waiting for a victim whose crypto wallet was overflowing to connect to the site. It then asks for permission from the original scammer to transfer an ungodly amount of USD Tether (USDT) from their target, making itself seem less threatening by hiding behind the DApp mask.
«If the victim loads the script from a mobile device using Android or iOS,» the report notes, «it returns the first stage script with cryptocurrency-theft capabilities.»
«If the victim loads the script from a desktop
Read more on pcgamer.com