Cyberšmejdi Target Cryptocurrencies
PSW.AGENT Malware Targets Cryptocurrency Wallets, Windows and MacOS Users
Table of Contents
Published: April 13, 2025
Cybercriminals are increasingly targeting cryptocurrency users with refined malware designed to steal digital assets and personal facts. A prevalent threat, known as PSW.AGENT, is actively being used to pilfer data, including cryptocurrency wallet information from platforms like Electrum, Binance, and Exodus.
Infostealer Masquerades as Legitimate Software
According to a security expert, Jiří Kropáč, the PSW.AGENT malware often disguises itself as legitimate software to trick users into downloading it.”In the last quarter of last year, the infostealer PSW.Agent masked as Keygen or Crack versions of programs for various applications such as AutoCAD or ArchiCAD. at the begining of this year, it was mainly presented as applications for online meetings and conferences like ZOOM or Microsoft Teams,” kropáč said.
The malware is even being spread through seemingly legitimate advertisements on Google’s advertising system. Kropáč warned that clicking on these ads redirects users to a page prompting them to download a program, which is, in reality, malicious code.
Windows Users also at Risk
While PSW.AGENT is widespread on MacOS, security experts emphasize that Windows users are also regularly targeted by similar infostealers.
The security expert noted a sharp increase in cyber threats targeting cryptocurrencies and cryptocurrency wallets as cryptocurrencies gain wider public adoption. PSW.AGENT accounted for 11.5% of threats on the MacOS platform in the first quarter of this year, up from 9.3% in the previous quarter.
Investment fraud saw a surge of over 335% from June to November of last year. “There was also an increase in Cryptostealers in our detections, while the most dramatic growth was the MacOS platform. With regard to sharp fluctuations in cryptocurrency prices, we can regularly meet with fraud or harmful codes as both shoppers and holders are in the viewfinder,” the expert said.
Experts recommend that security software should be standard on all computers, including Apple devices, to protect user data. Thay also advise caution and skepticism regarding investment opportunities, as fraud scenarios are becoming increasingly sophisticated, combining social engineering techniques like phishing and vishing.
Artificial intelligence (AI) is also being leveraged by cybercriminals. Deepfakes, or AI-generated images, sounds, and videos, are being used to deceive users.
kropáč advises users to scrutinize content for telltale signs of AI manipulation. “If you are not sure that the content you are looking at is not generated by artificial intelligence, focus on whether the person in the video actually works, whether the lips are sitting with what he says, he does not have jerky movements or blinks. You can also check on social networks. For advertising and you are redirected to another website, always check its URL address,” Kropáč concluded.
Protecting Yourself from Cryptocurrency Malware: A Q&A Guide
Published: April 13, 2025
This guide provides answers to teh most common questions about the PSW.AGENT malware and how to protect your cryptocurrency holdings and personal data,drawing information from the provided article.
Q: what is PSW.AGENT and what does it do?
A: PSW.AGENT is malicious software, or malware, that cybercriminals use to steal sensitive information from your computer, including cryptocurrency wallet details. It’s designed to pilfer data like wallet information from platforms like Electrum, Binance, and Exodus.
Q: How does PSW.AGENT infect computers?
A: PSW.AGENT often disguises itself as legitimate software to trick users. According to security expert Jiří Kropáč, it has been masked as keygen or crack versions of popular programs such as AutoCAD and ArchiCAD. At the beginning of the year, it was presented as applications for online meetings and conferences like ZOOM and Microsoft Teams. Additionally, the malware is spread through malicious advertisements on google’s advertising system. Clicking these ads redirects users to a page where they can download the infected program.
Q: which operating systems are vulnerable to PSW.AGENT?
A: While PSW.AGENT is prevalent on MacOS, Windows users are also regularly targeted by similar infostealers.
Q: are cryptocurrency users specifically targeted by cyberattacks?
A: yes, cybercriminals are increasingly focusing their efforts on cryptocurrency users. The provided article highlights a sharp increase in cyber threats targeting cryptocurrency and cryptocurrency wallets.
Q: What is the scale of the threat?
A: PSW.AGENT accounted for 11.5% of threats on the MacOS platform in the first quarter of this year,up from 9.3% in the previous quarter. Investment fraud also surged,increasing by over 335% from June to November of last year.
Q: What is the connection between cryptocurrency price fluctuations and fraud?
A: The security expert notes that fraud and malicious codes are often encountered alongside sharp fluctuations in cryptocurrency prices because both traders and holders become targets.
Q: What are social engineering techniques, and how are they used in these scams?
A: social engineering involves manipulating individuals into divulging sensitive information. Common strategies mentioned in the article include phishing (fake emails) and vishing (fraudulent phone calls).
Q: What is phishing?
A: Phishing is when internet fraudsters send emails that appear to come from trusted companies, banks, or websites. These deceptive messages trick users into revealing sensitive information like banking account details.
Q: What is vishing?
A: Vishing is a similar tactic to phishing, but instead of using email, cybercriminals use social engineering methods during telephone calls to impersonate bank representatives or security experts to gain a victim’s trust and extract sensitive information.
Q: What are deepfakes and how are they used in cybercrime?
A: Deepfakes are AI-generated images,sounds,and videos used to deceive users. Cybercriminals utilize them to manipulate and trick their victims.
Q: How can I identify deepfakes?
A: Pay close attention to telltale signs of AI manipulation. Focus on whether the person in the video actually works, whether their lip sync matches what they are saying, any jerky movements, or if they blink naturally. Also, check their presence on social networks, and when redirected to other websites, always check the URL address.
Q: how can I protect myself from these threats?
A: Experts recommend the following:
Install and maintain up-to-date security software on all your computers, including Apple devices.
Be cautious and skeptical about investment opportunities, especially those that seem too good to be true.
Carefully scrutinize ALL content you see online, especially video content.
Always verify the source of any file or software you download.