A new, highly dangerous malware called “Erbium” has been doing the rounds in the past few months, and it is highly likely that it will spread to new channels.
Erbium is an information-theft tool that targets passwords, credit card information, cookies, cryptocurrency wallets, and more. Unfortunately, it is widely available, which means it could be used in new ways in the future.
Erbium, while seemingly used on a small scale right now, has a lot of potential – and that’s scary. For some time now, this information-stealing malware has been shared for popular titles under the name of pirated games and cheats. However, because of its nature, it can spread like wildfire, as Erbium is a malware-as-a-service (MaaS) – meaning pretty much anyone can get their hands on it.
Initially, Erbium cost only $9 per week, but now, it costs $100 per month or $1,000 for a one-year license. For that price, threat actors get access to customer support, updates, and more importantly the tool, which has its full set of capabilities.
Initially spotted by Cyfirma in August 2022, the malware hidden within the game crack holds a lot of power. It can steal data found in Chromium and Gecko-based browsers, including passwords, cookies, form autofill information, and credit card data. Furthermore, as long as they are installed as a browser extension, it targets cryptocurrency users by attempting to steal data from their wallets.
However, that’s not all – Erbium can also steal cold cryptocurrency wallets, such as Exodus, Atomic, Bytecoin, Ethereum, and more. In addition, it can snatch two-factor authentication codes from various passwords and 2FA managers, such as Trezor, EOS Authenticator, Authy 2FA, and Authenticator 2FA.
Erbium steals Telegram authentication files, Steam and Discord tokens, and screenshots from each connected monitor. Since all these things are being stolen, full details of what was extracted from the victim are being sent to the threat actors.
This malware, which is actually still cheap despite the price hike (according to Bleeping Computer, Redline Stealer costs about a third), is price-competitive and is receiving a lot of praise on various hacker forums. Given how much it can do, it’s likely that someone will eventually work it into something other than just a game crack, and again, it will likely become more widespread.
how to stay safe
If you want to make sure you’re not at risk, right now, all you have to do is not download any illegal files (such as cracked games or bots for games). However, it’s a good idea to be vigilant and also make sure you’re using one of the best antivirus software, keeping it updated, and scanning every file you download. If you own cryptocurrency, consider moving your funds to a completely offline cold wallet as opposed to a desktop wallet.
Gamers are often targeted by malware. Recently, we have seen jenshin effect Being used as a gateway to steal passwords, and the game doesn’t even need to be installed on your PC for this trick to work. This is why it is important to use anti-malware software and perform regular scans.