Microsoft couldn’t help itself. The company is trying to coin a new cybersecurity term to describe malware that targets cryptocurrency wallets. Meet cryware.
Microsoft introduced(Opens in a new window) the term on Tuesday while talking up a malware threat that’s been focused on stealing cryptocurrencies. “Cryware are information stealers that collect and exfiltrate data directly from non-custodial cryptocurrency wallets, also known as hot wallets,” the company wrote in a blog post. These hot wallets can remain online and are directly controlled by the user, instead of a third party, such as a cryptocurrency exchange.
Microsoft’s goal is to warn users to be on guard against the malware threat. But the term cryware is already causing some in the cybersecurity community to roll their eyes. “Marketing departments are out of control,” tweeted(Opens in a new window) cybersecurity journalist Kim Zetter.
Others are pointing out the threat is nothing new; malware that can steal information about cryptocurrency wallets from user devices has been around for years. “Please stop making up new malware classifications. It’s confusing enough for many as it is,” wrote(Opens in a new window) Lawrence Abrams, Editor in Chief at BleepingComputer.
On Twitter, Avast security researcher Martin Hron added(Opens in a new window): “Yep, this is an example of squeezing a last drop from the topic…adding no value. We don’t have anything to publish this week? Let’s coin some new term.”
It’s not the first time the cybersecurity community has invented a new term to describe crypto-related computer threats. In 2017, for example, security researchers coined the term cryptojacking to describe services or malware that can secretly mine cryptocurrencies on a computer.
Still, Microsoft’s blog post does contain plenty of useful information on the cryptocurrency-focused malware attacks it’s been seeing. These so-called cryware attacks can involve malware swapping out a user’s cryptocurrency address through the clipboard function, which stores copy-and-paste text. For example, “If the target user pastes or uses CTRL + V into an application window, the cryware replaces the object in the clipboard with the attacker’s (cryptocurrency) address,” Microsoft said.
Recommended by Our Editors
“While this technique is not new and has been used in the past by info stealers, we’ve observed its increasing prevalence,” the company added. Other kinds of cryware will infect a PC and target any wallet apps installed on the computer while using password-guessing attacks to gain access.
To stay safe, Microsoft recommends cryptocurrency users should avoid storing any private key data for their wallets in plaintext. They should also lock their wallets when not actively trading on the internet and double-check copy-paste data when it comes to transferring funds.
“Consider using wallets that implement multi-factor authentication (MFA),” the company added. “This prevents attackers from logging into wallet applications without another layer of authentication.”
Like What You’re Reading?
Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.