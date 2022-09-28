scorecardresearch
Wednesday, Sep 28, 2022

Erbium is a malware that steals credit card details, passwords and hacks crypto wallets

Erbium is a subscription-based malware that is often injected into game cracks and pirated software.

Erbium is an information stealing malware.

A new malware called Erbium has been wreaking havoc on the internet for the last few months. Currently being distributed with cracks and cheats for popular video games, the malware steals credit card information and passwords and hacks cryptocurrency wallets.

What’s interesting is that Embrium is a Malware-as-a-Service (MaaS), which means anyone with enough money can get their hands on it. Erbium is gaining massive popularity in the cybercrime industry because of its affordable pricing, frequent updates and extensive functionalities. It even comes with ‘customer support’.

Initially, one could buy a subscription to Erbium for as low as $9 per week, but due to its increased popularity, it now costs somewhere around $100 per month. Alternatively, interested parties can opt for a $1,000 license that lasts one year.

The malware has been making rounds on some Russian forums since July this year, but researchers are still unaware of when it was first deployed. If we look at RedLine stealer, Erbium costs one-third of the former’s price which makes it the preferred tool for threat actors.

Similar to other information stealing malwares, Erbium focuses on retrieving user data stored in web browsers based on Chromium and Gecko like Google Chrome, Microsoft Edge and Mozilla Firefox. The malware steals information like passwords, cookies, autofill information and credit cards. In addition to the aforementioned details, Erbium also tries to steal data from cryptocurrency wallets installed as browser extensions.

Some cold desktop wallets like Exodus, Ethereum, Litecoin-Core, Monero-Core, Bytecoin are also affected. Erbium also steals two-factor authentication codes from apps like Trezor Password Manager, Authenticator 2FA and Authy 2FA. Moreover, it can also take screenshots from all monitors, steal Telegram authentication files and even snatch your Steam and Discord tokens.

Once the malware is done stealing all data, it is transferred using a built-in API system, where the operators are able to get an overview of what information is stolen from which system in Erbium’s Dashboard.

A report by BleepingComputer suggests that the malware has already spread to countries like the USA, France, Spain, Italy, Vietnam, Malaysia, Colombia and even India. Right now, Erbium is usually integrated with game cracks, but it could soon spread via other delivery methods. We recommend users steer clear from downloading game crack files or cracked software and install a good Anti-virus solution and update the system with the latest security patches.

First published on: 28-09-2022 at 01:46:31 pm
