Ross Ulbricht, the controversial creator of the Silk Street, has lengthy been on the coronary heart of debates in regards to the intersection of expertise and felony exercise. Following a full pardon from US President Donald Trump, a brand new wave of cybercrime has emerged, leveraging information of Ulbricht’s case to ship malware to unsuspecting targets.
Exploiting the information surrounding him, risk actors on X are redirecting customers to a Telegram channel the place they’re duped into operating PowerShell scripts that infect their gadgets with malware.
Ross Ulbricht Malware Marketing campaign
Based on vx-underground researchers’ newest update, the assault makes use of a brand new variation of the favored “Click on-Repair” tactic, however with a twist. Slightly than disguising itself as a typical error repair, this model pretends to be a captcha or verification course of required to affix the channel.
On this case, cybercriminals are impersonating Ulbricht utilizing pretend however verified accounts on X to lure customers to Telegram channels falsely claimed to be official. As soon as on Telegram, customers encounter a fraudulent “Safeguard” identification verification course of, which leads them to a mini app that generates a pretend verification dialog and robotically copies a PowerShell command to their clipboard.
Customers are then instructed to run the command by way of the Home windows Run dialog. As such, executing the command triggers a sequence of occasions. Initially, it downloads a PowerShell script, which retrieves a ZIP file from http://openline[.]cyou. The ZIP file incorporates a number of information, together with identity-helper.exe, suspected to be a Cobalt Strike loader – a device continuously utilized by attackers for distant entry and launching ransomware or information theft campaigns.
All the course of is rigorously worded to keep away from detection.
Ross Ulbricht Launched
This improvement comes after Ulbricht was pardoned and launched this week after being imprisoned since 2013 for founding and working the notorious darkish internet market Silk Street.
Silk Street was an internet market on the Tor community that allowed individuals to commerce unlawful objects, similar to narcotics. Ulbricht operated the positioning utilizing the pseudonym “Dread Pirate Roberts.” The FBI arrested him in October 2013 and took the positioning offline.
In 2015, Ulbricht was discovered responsible of costs together with drug distribution and cash laundering. He obtained a life sentence with out parole, and his appeals in 2017 and 2018 had been denied.
Binance Free $600 (CryptoPotato Unique): Use this link to register a brand new account and obtain $600 unique welcome provide on Binance (full details).
LIMITED OFFER for CryptoPotato readers at Bybit: Use this link to register and open a $500 FREE place on any coin!
