A Python-based trading bot has been discovered to be malware that targeted crypto traders in a multi-vector supply chain attack. Cloud-based cybersecurity firm Checkmarx revealed that the malware was disguised as a suite of AI-based crypto trading tools and was distributed through GitHub and PyPi. The malware used a deceptive graphical user interface to distract victims and employed a multi-stage infection process. The attacker also established a Telegram channel pretending to be the product's tech support, offering free trials to lure users. The consequences of the malware were severe, including potential theft of identities, browser data, computer files, and digital assets.
Expert Says This Time Will Not Be Different After Massive Bitcoin Rallies in Last Three US Elections