Security firm flags crypto wallet credentials malware tucked into a hacky KMSPico Windows activator
The security research firm Red Canary has flagged yet another scheme for digital asset investors to part with their hard-earned cryptocurrency wallet content. This time around, it involves a rogue Windows operating system activator called KMSPico. Hacky Windows activators have been floating on the Web for ages, riding on the Windows Key Management Services (KMS) coattails meant for mass enterprise activation. The KMSPico line is one of the most widespread, explaining the security firm's concern that a hidden malware can piggyback on this particular Windows activator line's popularity.
Unfortunately, some IT departments also use the KMSPico patches to activate their Windows or Microsoft Office licenses en masse for added comfort, thus introducing whatever malware a fake activator is carrying to all the machines within an organization. Those who downloaded an infected KMSPico file may not even notice as the activator inside is working as intended. The problem is that the faux installer contains the so-called cryptbot, which can work its way into many popular cryptocurrency wallets on your machine and hijack private information from there. Here's a list of the cryptocurrency wallet software that can be hacked by an infected KMSPico activator:
- Atomic cryptocurrency wallet
- Avast Secure web browser
- Brave browser Ledger
- Live cryptocurrency wallet
- Opera Web Browser
- Waves Client and Exchange cryptocurrency applications
- Coinomi cryptocurrency wallet
- Google Chrome web browser
- Jaxx Liberty cryptocurrency wallet
- Electron Cash cryptocurrency wallet
- Electrum cryptocurrency wallet
- Exodus cryptocurrency wallet
- Monero cryptocurrency wallet
- MultiBitHD cryptocurrency wallet
- Mozilla Firefox web browser
- CCleaner web browser
- Vivaldi web browser
As you can see, the list contains some rather popular crypto wallets that a faux KMSPico activator can wiggle its way into, not to mention the most popular browser of them all. Keep this in mind the next time you download its files, and they get flagged as containing malware by your antivirus software of choice; this time around the threat could be real. Alternatively, you can grab a secure hardware wallet like the Ledger Nano X on Amazon, and get on your merry activation ways of dubious legality.