Researchers noted that Erbium is spread through cracked games and cheats, which often lure gamers who blindly install them. When done, Erbium unpacks to steal their connected cryptocurrency wallets and saved data in the browser, which may include passwords.
Erbium Info-Stealing Malware
Since July this year, new information-stealing malware named Erbium has been advertised in the Russian hacking forums – claiming to do a number of things for the subscribers. Initially, it was sold for just $9 a week and comes with dedicated customer support. As per researchers at Cyfirma, Erbium can steal the saved browser data, like passwords, cookies, credit cards, and autofill information, aside from the cryptocurrency wallets. It’s even capable of drawing cold desktop wallets like Exodus, Atomic, Armory, Bitcoin-Core, Bytecoin, etc. Further, Erbium can steal two-factor authentication codes from Trezor Password Manager, EOS Authenticator, Authy 2FA, and Authenticator 2FA. Aside from this, the malware can capture screenshots and loot the Steam and Discord tokens, Telegram auth files, and more. Since it’s rising up in popularity with all these features, the makers have increased the offering price to $100 per month or $1000 for a full-year license – making it a better alternative to RedLine Stealer, which is currently the defacto choice of hackers. Subscribers are given a dedicated dashboard to track their victims, stolen data, and commands for operating the victim’s device remotely. Researchers said that Erbium is spread through cracked game software or cheat codes for popular games and has been noted in several instances in various countries like the USA, France, Colombia, Spain, Italy, India, Vietnam, and Malaysia. Warning people not to download any files from unknown sources, they said the makers of Erbium could soon spread to distribute the malware in more and different channels.