BTCManager Logo with clear background. Orange and white font.

BITCOIN PRICE: 3,217.50     HIGH: 3,256.68     LOW: 3,122.28

Next Event

BlockchaINVEST • January 7 - March 11, 2019

At BlockchaInvest, international blockchain companies and crypto projects looking to raise capital meet local investors and fund managers in a…

Click for more details

Coinbase Exchange Targeted by New Trickbot Variant


Coinbase Exchange Targeted by New Trickbot Variant

Computer security software firm identifies a Trickbot variant that now targets individual’s cryptocurrency wallets.  

Forcepoint Identifies Trickbot Variant

A new variant of banking trojan was discovered and reported on by cybersecurity firm Forcepoint on August 29 of this year. Although Trickbot has been primarily developed to target bank accounts, a new variant has now been shown to target cryptocurrency wallets. The cybersecurity firm has also pointed out that they have captured, “8600 related emails…with the UK, Canada, and France as the top three targets.”

Following the analysis of said 8600 emails, Forcepoint noted an addition to their list of targets: The currency exchange site that operates exchanges between Bitcoin, Litecoin, and Ethereum to name a few, is now a principal objective for the malware.  


Earlier in June, Trickbot moved from traditional banks to targeting PayPal accounts and business CRMs (Customer Relationship Management). Now with Bitcoin’s price holding close to $4500, it comes as no surprise that cryptocurrency wallets are becoming a more valuable target.

Spotting Trickbot

Trickbot identifies itself in user’s inbox as a secure message from the Canadian Imperial Bank of Commerce (CIBC). An attached document is included in the mail, in which is also contained a macro downloader that downloads and enables the Trickbot malware.  

As mentioned above, the malware targets traditional banking information, but also Paypal accounts and most recently cryptocurrency wallets.    

Growth of Cryptocurrency Malware

It is becoming more and more common for cryptocurrency wallets to become targets of malware tampering. On June 16, 2011, Mikko Hypponen tweeted out, “We’ve just seen the first trojan that searches for Bitcoin WALLET.DAT files and mails them away. Ouch.” A link to a notice by Symantec also outlined exactly what the June 16 threat entailed.  

In 2017, not only does the threat not seem to be neutralized, it appears to be adapting to the rising popularity and value of cryptocurrencies.

Join our Telegram Channel!