Shameless crypto stealing malware spotted


Oh, the horror! A new crypto stealing malware has come under the radar, which is being advertised on darknet forums as the leading way to make money in 2021.

And it comes as a subscription model to boot.

Palo Alto Networks published a report on this new threat that has been raising alarms among the cybersecurity community. The app goes by as Westeal, with the author of this malicious program having ties with other types of malware that steals major streaming services account.

According to the cybersecurity firm, Westeal is an evolution of Wesupply Crypto Stealer, another malicious crypto software that has been sold since May 2020.

This new iteration, however, has been advertised since middle of February 2021.

As detailed:

“In order to “steal” cryptocurrency from a victim, Westeal uses regular expressions to look for strings matching the patterns of bitcoin and ethereum wallet identifiers being copied to the clipboard. When it matches these, it replaces the copied wallet ID in the clipboard with one supplied by the malware. The victim then pastes the substituted wallet ID for a transaction, and the funds are sent instead to the substitute wallet.”

The study points out that Westeal was designed to basically steal Bitcoin and Ether coming in and out of the wallets of the victims, through their clipboard. What makes things even worse is that Westeal is reportedly immune to major antivirus software.

This sneaky new malware works under a subscription model, with the anonymous author of the app charging 20 euros monthly, 50 euros for three months, and 125 euros yearly for it. He or she goes by the name of “Complexcodes”.

Moreover, people who acquire the malicious app get access to a web panel to handle all the operations, including what is called a victim tracker panel.

Palo Alto Networks qualifies Westeal as a shameless malware with a single, illicit function. The company says that its simplicity is matched by a likely simple effectiveness in the theft of cryptocurrency. The monetization chain is fast and simple, ant the cryptocurrency theft anonymous.

It is fear that the low cost and streamlined operation of this crimeware will make this type of malware attractive and popular among less skilled thieves.

The information provided on this website does not constitute investment advice, financial advice, trading advice, or any other sort of advice and you should not treat any of the website's content as such. does not recommend that any cryptocurrency should be bought, sold, or held by you. Do conduct your own due diligence and consult your financial advisor before making any investment decisions.

Leave a Reply