A fake website impersonating the official portal for the Atomic wallet, a popular decentralized wallet that also operates as a cryptocurrency exchange portal, is, in reality, distributing copies of the Mars Stealer information-stealing malware.
The phony website was disclosed by a malware researcher known as Dee on Monday, but at the time of writing this, it remains online, serving copies of the said malware.
Seeing the genuine and fake websites side by side reveals that the latter isn’t a faithful copy of the former, but it’s still using the official logos, themes, marketing images, and structure. The fake site even features a contact form, email address, and FAQ section.
However, those unfamiliar with the legitimate Atomic wallet site could easily believe that the imposter is authentic.
As for how people end up there, it might be through malvertising on social media, direct messages on various platforms, SEO poisoning, or spam email.
Visitors attempting to download the software are presented with three buttons for Windows, iOS, and Android versions.
Clicking on iOS does nothing, and clicking the Google Play button redirects to the real Atomic Wallet app on the Play Store.
However, clicking on the Windows button will download a ZIP file named “Atomic Wallet.zip,” which contains malicious code that installs the Mars Stealer infection.
Mars Stealer is a recently-emerged info-stealer that targets account credentials stored on web browsers, cryptocurrency extensions and...
Read Full Story: https://www.bleepingcomputer.com/news/security/cloned-atomic-wallet-website-is-pushing-mars-stealer-malware/
Your content is great. However, if any of the content contained herein violates any rights of yours, including those of copyright, please contact us immediately by e-mail at media[@]kissrpr.com.
