HomeUpdateCPR discovered a new botnet "Phorpiex" that has looted half a million...

CPR discovered a new botnet “Phorpiex” that has looted half a million dollars in cryptocurrency


We independently research, test, review, and recommend the best products—learn more about our process. If you buy something through our links, we may earn a commission. learn more

Last Updated on 17/12/2021 by Riya

Check Point Research, a threat detection firm, has announced that a new form of Phorpiex, a botnet specialized for sextortion and crypto hacking, has looted an estimated half-million dollars in cryptocurrency using crypto clipping.

Twizt is the term given by CPR to the new threat, which works without operational command and control servers, indicating each infected machine can spread the botnet. Twizt exploits a method known as “crypto clipping,” which involves stealing cryptocurrency throughout transactions by leveraging malware that instantly replaces the targeted wallet address with the threat actor’s digital wallet, leading to the money being sent to unreliable people.

According to CPR, from November 2020 to November 2021, Phorpiex botnet hacked 969 transactions, robbing 3.64 Bitcoin, 55.87 Ether, and $55,000 in ERC20 tokens, with the looted commodities valued at nearly half a million dollars.

Phorpiex was likely to steal significant sums of transactions on multiple occasions, according to CPR. The highest amount of Ethereum transactions that was captured was 26 ETH. The new Phorpiex botnet poses three major hazards. Twizt, for example, operates on a peer-to-peer approach, allowing it to accept commands and updates from tens of thousands of additional infected PCs.

A peer-to-peer botnet is more difficult to shuttered and disturb. Twizt is far more robust than prior versions of Phorpiex bots, according to Alexander Chailytko, Check Point Software’s cyber security research manager.

“Second, like earlier variants of Phorpiex, Twizt can extract crypto without conversing with C&C, allowing to get through security systems including firewalls and lead to havoc. Finally, Twizt accepts over 30 different cryptocurrency accounts from various blockchains, notably popular ones like Bitcoin, Ethereum, Dash, and Monero. This causes a massive risk of unauthorized access, and essentially everybody who leverages crypto might be vulnerable,” Chailytko added.

Keeping in view the security of the users CRP advised to examine wallet address, check transactions, avoid sending large amounts in crypto instead begin with the small transaction as well as keep the wallet updated.

Riya is a technology enthusiast and an avid researcher. She writes about consumer tech, hacking, and technology consumer issues at TheDigitalHacker.
- Advertisment -

Must Read

Data Science Drives Personalized Marketing and Customer Engagement to New Heights...

Personalized marketing and customer engagement are crucial for businesses to thrive in the current digital era. Because data science makes it possible for marketers...