SpriteCoin Wallet Ransomware
4 min read

Wallet Warning: SpriteCoin Installs Ransomware on User’s Devices

By Editorial Team

There is currently a cryptocurrency application that is promising to make its users really wealthy. However, when users install the infamous SpriteCoin wallet, they will have surrendered their files to ransomware and much more.

This was first discovered by researchers at fortinet. In their report, they took a look at the application in question and identified the malware.

Once the user has installed the wallet on their PC, the application identifies files that they would like to encrypt. The wallet then quickly encrypts the files in question. Moreover, once they have made the payment, the malicious code still remains on the PC and performs other tasks.

Let’s take a deeper look into the report…

How Does it Work?

The attack will most likely begin with some form of social engineering vector. This is because it will rely on the user to download the .exe file themselves.

These could take the form of some email purporting to offer an amazing opportunity to claim a new coin. It could also come from some malicious website or landing page offering quick returns.

Once users are hooked and decide that they want their new coins, they are taken to a page like the one below.

SpriteCoin Download Page
Summary and Download Link for SpriteCoin on Website

Once the user has downloaded the file and they open the executable, they are prompted for a password in order to initiate the “setup”. The next screen will present them with a “downloading blockchain” description.

Unbeknownst to the user, the ransomware is connecting to a Tor site via a proxy. It will then start scanning the PC for any files with a range of different extensions including all word documents.

It won’t only encrypt the files of the user but it will relay a great deal of credentials of the user through the proxy and eventually to the Tor site. The researchers stated

The ransomware first looks to harvest Chrome credentials, and if it finds nothing it then moves on and tries to access the Firefox credential store

This information will no doubt be very helpful to the hacker. There is also a relatively high chance that the victim has invested in other cryptocurrencies which means the data is that much more valuable.

Decrypting the Files

As this is a Ransomware attack, it would have to alert the user to the fact that their files have been encrypted. They would also require the user to pay in order to decrypt their files. Below is the window that the users will be presented with.

SpriteCoin Encryption of Files
Ransomware notification screen for the user

What is interesting is that unlike other high profile ransomware attacks, they are not asking for Bitcoin but rather Monero. This is not entirely unsurprising as privacy conscious crytpocurrency cannot be traced by the authorities.

One may think that the hackers would merely decrypt the files and leave the victim in peace?

This is unfortunately not the case. Once the users begin the decryption phase, the program will download another malicious payload. The researchers were not able to fully analyse it but it seemed to contain code that would activate webcams and parse security certificates.

Always Think Twice

This clearly demonstrates the virtues of thinking twice before acting. The hacker relied on the victim’s complacency and greed to download the malicious ransomware.

For example, we have seen exit scams take place in the ICO market as well other prominent ponzi schemes. Hackers are able to exploit the greed and FOMO (Fear of Missing Out) of most new users to cryptocurrency.

Even if are not being tempted with a juicy offer, hackers will using phishing in order to trick you in handing over your credentials. Something that may be routine could turn out costing you dearly.

Cryptocurrency security coupled with generous doses of scepticism will help you greatly.

Featured Image via Fotolia

Editors at large. Posting the latest news, reviews and analysis to hit the blockchain.
View all posts by Editorial Team -> Best Crypto Deals ->

Latest Posts

Coinbase vs Binance
Binance vs Coinbase in 2022- Which is the BEST Crypto Exchange?
Coinbase vs Binance

Binance vs Coinbase in 2022- Which is the BEST Crypto Exchange?

May 19, 2022 30 min read
Central Bank of Norway Uses Ethereum Layer 2 Solution for CBDC Pilot
Central Bank of Norway Uses Ethereum Layer 2 Solution for CBDC Pilot
Central Bank of Norway Uses Ethereum Layer 2 Solution for CBDC Pilot

Central Bank of Norway Uses Ethereum Layer 2 Solution for CBDC Pilot

May 19, 2022 2 min read
Institutional Investors Dive Into Bitcoin as BTC Sees Record Capital Flows for 2022

Institutional Investors Dive Into Bitcoin as BTC Sees Record Capital Flows for 2022

May 19, 2022 2 min read
VeChain Foundation Inviting Terra Developers Over to VeChain After UST and LUNA Collapse
VeChain Foundation Inviting Terra Developers Over to VeChain After UST and LUNA Collapse
VeChain Foundation Inviting Terra Developers Over to VeChain After UST and LUNA Collapse

VeChain Foundation Inviting Terra Developers Over to VeChain After UST and LUNA Collapse

May 18, 2022 2 min read
G7 Countries WIll Discuss Crypto Regulation In Next Meeting
G7 Countries Will Discuss Crypto Regulation In Next Meeting: Report
G7 Countries WIll Discuss Crypto Regulation In Next Meeting

G7 Countries Will Discuss Crypto Regulation In Next Meeting: Report

May 18, 2022 3 min read
UK Crypto Investors Can Offset Losses Under New Tax Legislation: Report

UK Crypto Investors Can Offset Losses Under New Tax Legislation: Report

May 17, 2022 3 min read
European Central Bank Explores Anonymity-Focused CBDC In New Report

European Central Bank Explores Anonymity-Focused CBDC In New Report

May 17, 2022 3 min read

Related Posts

Central Bank of Norway Uses Ethereum Layer 2 Solution for CBDC Pilot
Central Bank of Norway Uses Ethereum Layer 2 Solution for CBDC Pilot
Central Bank of Norway Uses Ethereum Layer 2 Solution for CBDC Pilot

Central Bank of Norway Uses Ethereum Layer 2 Solution for CBDC Pilot

May 19, 2022 2 min read
Institutional Investors Dive Into Bitcoin as BTC Sees Record Capital Flows for 2022

Institutional Investors Dive Into Bitcoin as BTC Sees Record Capital Flows for 2022

May 19, 2022 2 min read
VeChain Foundation Inviting Terra Developers Over to VeChain After UST and LUNA Collapse
VeChain Foundation Inviting Terra Developers Over to VeChain After UST and LUNA Collapse
VeChain Foundation Inviting Terra Developers Over to VeChain After UST and LUNA Collapse

VeChain Foundation Inviting Terra Developers Over to VeChain After UST and LUNA Collapse

May 18, 2022 2 min read
G7 Countries WIll Discuss Crypto Regulation In Next Meeting
G7 Countries Will Discuss Crypto Regulation In Next Meeting: Report
G7 Countries WIll Discuss Crypto Regulation In Next Meeting

G7 Countries Will Discuss Crypto Regulation In Next Meeting: Report

May 18, 2022 3 min read
UK Crypto Investors Can Offset Losses Under New Tax Legislation: Report

UK Crypto Investors Can Offset Losses Under New Tax Legislation: Report

May 17, 2022 3 min read
Binance CEO Changpeng Zhao Doubts Terra’s Plans for a Fork

Binance CEO Changpeng Zhao Doubts Terra’s Plans for a Fork

May 16, 2022 2 min read
UK To Go Ahead With Stablecoin Regulations After Queen’s Approval
UK To Go Ahead With Stablecoin Regulations After Queen’s Approval
UK To Go Ahead With Stablecoin Regulations After Queen’s Approval

UK To Go Ahead With Stablecoin Regulations After Queen’s Approval

May 16, 2022 2 min read