If you trade cryptocurrencies, you should be aware of a new botnet version. Check Point Research, a cybersecurity firm, has discovered a new botnet version named Twizt that is alleged to have stolen nearly half a million dollars in cryptocurrency through a practise known as “crypto clipping.” Traders from India, Ethiopia, and Nigeria are the primary targets of this con.
Twizt is a Phorpiex botnet variation that steals cryptocurrency by automatically swapping the attacker’s wallet address for the intended wallet address during transactions.
Because 969 transactions have already been detected, the cybersecurity firm cautioned cryptocurrency traders to be careful who they send money to. The new Twizt botnet is capable of operating without the use of active command and control servers and evading security measures.
According to Check Point Research, 3.64 Bitcoin, 55.87 Ether, and $55,000 in ERC20 tokens were stolen in the last 12 months. 26 ETH were stolen in a single incident.
How Does Twizt Work And What Is Crypto Clipping?
Twizt employs a technique known as “crypto clipping,” which involves the theft of cryptocurrency during transactions via malware that automatically replaces the target wallet address with the wallet address of the threat actor. As a result, funds end up in the wrong hands.
“With the new Phorpiex version, there are three major hazards. Twizt, for starters, operates on a peer-to-peer approach, allowing it to accept commands and updates from tens of thousands of other infected PCs. A peer-to-peer botnet is more difficult to shut down and disrupt. Twizt is now more stable than prior Phorpiex bot versions. Second, Twizt, like older versions of Phorpiex, may steal crypto without communicating with C&C, making it easier to get through security measures like firewalls. Twizt also supports over 30 different cryptocurrency wallets from various blockchains, including prominent ones like Bitcoin, Ethereum, Dash, Monero, and others “Check Point Software’s Cyber Security Research & Innovation Manager, Alexander Chailytko, elaborated.
“This creates a large attack surface, and anyone who uses crypto could be harmed.” I strongly advise all crypto currency users to double-check their wallet addresses before copying and pasting them, since you could unintentionally transmit your crypto to the wrong hands “he continued.
Phorpiex bots hijacked 969 transactions from November 2020 to November 2021, stealing 3.64 Bitcoin, 55.87 Ether, and $55,000 in ERC20 tokens. In today’s money, the stolen assets are worth over half a million dollars. Phorpiex has been successful in hijacking substantial amounts of transactions on several occasions. The greatest amount of Ethereum transaction that was intercepted was 26 ETH.