Crypto-Stealing OpcJacker Malware Targets Users with Fake VPN Service


From the second half of 2022, a new piece of information-stealing malware by the name of OpcJacker has been observed in the wild as a result of a malvertising effort. The campaign’s initial distribution channel is a network of phoney websites that promote seemingly innocent software and services related to cryptocurrencies. Under the guise of promoting a VPN service in February 2023, consumers in Iran were explicitly sought out.

According to Trend Micro researchers Jaromir Horejsi and Joseph C. Chen, “OpcJacker’s major functions include keylogging, collecting screenshots, stealing sensitive data from browsers, loading new modules, and altering cryptocurrency addresses in the clipboard for hijacking purposes.”

Read More…