Global Security Agencies Raise Alarm Over the 'Infamous Chisel' Malware Menace

A cautionary advisory released by government entities in both the United States and the United Kingdom is sounding the alarm regarding a recently detected malware strain that is taking aim at crypto wallets and exchanges.

Collaboratively, the U.S. National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the United Kingdom's National Cyber Security Centre (NCSC), an arm of the Government Communications Headquarters (GCHQ), have issued a joint report concerning this malware, dubbed "Infamous Chisel."

The report identifies a connection between the malware and the activities of Sandworm, a cyberwarfare unit operating under the umbrella of GRU, Russia's military intelligence agency. It further highlights Sandworm's focus on infiltrating the Android devices used by the Ukrainian military, using this new malware as a tool for extracting sensitive information from compromised mobile devices.

The report underscores that the malware has successfully extracted data from various sources, including directories within popular crypto applications like Binance, Coinbase, and Trust Wallet. Notably, the report reveals that the malware indiscriminately exfiltrates all files within the targeted directories, regardless of their type.

One noteworthy aspect highlighted in the joint report is the lack of sophistication in the concealment of malicious activity within the Infamous Chisel. The malware appears to employ minimal stealth techniques to mask its operations. This could be attributed, in part, to the absence of host-based detection systems for Android devices, as indicated in the report.

Meanwhile, 2023 has witnessed a staggering loss of nearly $1 billion due to a variety of exploits, hacks, and scams. Blockchain security firm CertiK reported that as of September 1, the cumulative losses for the year amounted to approximately $997 million. In the month of August alone, malicious attacks led to losses of around $45 million. While these figures remain substantial, it's worth noting that they represent a significant decrease from the preceding month. July saw over $486 million worth of digital assets lost to various forms of malicious attacks.