CoinLurker: The Stealer Powering the Next Generation of Fake Updates

SUMMARY :

CoinLurker is a sophisticated stealer designed to exfiltrate data while evading detection. Written in Go, it employs advanced obfuscation and anti-analysis techniques, making it highly effective in modern cyberattacks. The malware is delivered through fake update campaigns, leveraging deceptive entry points that exploit user trust. It uses Microsoft Edge Webview2 as a stager and employs a multi-stage chain involving Binance Smart Contracts and Bitbucket repositories to conceal its payload. CoinLurker targets cryptocurrency wallets and financial applications, systematically enumerating directories to access sensitive user data. Its layered injection tactics and obfuscated functions make it challenging for analysts to reverse-engineer its logic.

OPENCTI LABELS :

cryptocurrency,coinlurker


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


CoinLurker: The Stealer Powering the Next Generation of Fake Updates