Despite its dazzling success, the global crypto market is not subject to any specific regulation. This regulatory vagueness particularly benefits fraudulent cryptocurrency sites, which are becoming more and more numerous. Turnaround: these same scam sites are now being attacked by other scammers. Yesterday, we actually announced the appearance of a new malware: the Water Labbu.
How Does Water Labbu Malware Work?
We detected the first Water Labbu attacks yesterday. This malware nevertheless targets very specific crypto platforms: cryptocurrency thieves. More explicitly, it targets fraudulent cryptocurrency sites. To do this, it uses extremely sophisticated scripting tools.
Concretely, the Water Labbu Malware works as follows:
- It inserts a script, specifically malicious JavaScript, onto the fraudulent crypto platform (i.e. scam site) via its HTML code.
- The script detects the user’s crypto assets.
- The script sends an approval request to the user via their crypto wallet (in the case of dApps) or a Flash Player update request for PC browsers.
- If approved, the crypto wallet will be emptied of all USDT.
Note that the approval request in question looks like a request for a crypto token like the one posted on a website3.
So far, Water Labbu only targets Tether (USDT) and Ethereum wallets. The team is more specifically targeting holders with a balance greater than 0.005 ETH.
What are the consequences for investors and crypto platform users?
By its operation, the Water Labbu is considered a double attack. Indeed, it does not just steal cryptocurrencies. It also goes through third-party and scam crypto sites to find its victims. The latter therefore suffer a double scam: one perpetrated by the crypto platform and the other by the Water Labbu.
At the moment, as indicated in the collected reports, the Water Labbu Malware only targets USDT stablecoins. But the situation can change quickly, especially if no strict and radical measures are taken. We already know that this computer program has infected around forty fraudulent crypto sites: 45 to be more exact. In one of its articles, the cybersecurity company Trend Micro reports quite significant losses valued at around $300,000.
Water Labbu, a malware that can be circumvented easily!
The Water Labbu team infiltrates both sites and mobile applications. Investors and users must therefore be extra vigilant. For example, under no circumstances should they accept invitations from untrusted sources. It will also be necessary to avoid any exchange and any transaction on unknown cryptocurrency sites. Before any registration, everyone must verify the legitimacy as well as the operating principle of this or that platform.
Even though the Water Labbu malware only attacks crypto scam sites, users remain the only victims. They lose their entire funds in just a few seconds. To avoid all possible risks, the best thing to do is to use reliable cryptocurrency exchanges.
Receive a digest of news in the world of cryptocurrencies by subscribing to our new service of
daily and weekly so you don’t miss any of the essential Tremplin.io!