Topic: [Warning]: Cinobi Banking Trojan Targets Crypto Exchange Users via Malvertising (Read 127 times)

If you have access to multiple devices and can afford several laptops or phones, the best things to do would be to use each device for different activities.

Separate your work computer from your entertainment computer. I have a laptop only for work and my financials. That machine is never used to browse the internet, downloading (unless it's work-related). I use it for work, bills, and banking. 
I have another laptop for entertainment, social media, Youtube, non-business related emailing, movies, surfing the internet, downloading, etc.
A third device is used for crypto activities, wallets, and exchanges.

I like to detach my real-world work from my crypto activities. I have separate USB devices for each machine for example. I don't click on weird links, ad-one, emails on either of them.     

I also did create this thread before, AdBlock and UBlock.

True, we shouldn't trust and click any unknown links, but many are still falling for this trick and unless crypto users educated themselves to as least combat the mode of infection, these criminals are going to exploit any best known method.

The poorest thinking is for someone to be using his wallet device or any device funds can be accessed to click on ads, even google will gladly welcome scammers and help them to displace their ads, other sites also do not want to know if someone's site is legit or not because scammers will payf or the ads the are displaying. Clicking on ads is the begining of lack of online privacy and unsafe device (devices used to click on malware), and a potential means to attack such devices.

Also, it is not only limited to clicking of malware, some people also like downloading pirated copies, there are malware that can be easily introduced into someones devices through pirated torrent files. One thing about these malware is that they are just a few kilobytes to download and install unknowingly.

One thing I can not do is to be using the device I have my Bitcoin wallet on, my banking app on, or the exchange I am using to access the internet anyhow I want, it is not done like that, what I basically used this devices for are downloading new updates like new Electrum wallet version and nothing more. But, yet, I can never use the device I am using to browse and access the internet online frequently to be click on ads, it is like I am inviting scammers myself, so it is not possible. People that care about online security, privacy and safety will make use of anti-malware and ad-blockers to just to be safe.

Yes, it is the same old way, this is what I expect the government to also work on, to spread the importance of not clicking on ads, but the world is not balance, even google can not do it because it is part of their income sources, then even the government will not help because they see ads as so important than anything, but yet a potential means scammers are using to scam people. They will say they are regulating, but they are not teaching. Taliban becoming the government of Afghanistan is still another lesson I learnt recently, that the world is fake, if we do not protect ourselves, then we can be the victim of irreversible mistake.

Advertising has become a hotbed of crimes such as phishing and malware. Unfortunately, there are still many people who are not aware of it being interested in finding micro-income with the pay-per-click method through shortening urls which in fact contain annoying ad spam. This case is a red flag that malvertising will someday start to plague micro-earning sites like this.

New malware version and method of attack, but same old thing. It all comes down to not clicking on unknown links, no matter if they are sent to you via social media, emails, Telegram, PMs, whatever. You shouldn't click on ads either and why would you? If you are interested in a product, visit the official website or do some research on it on your own without clicking on the ad. I am not sure if ad blockers help against malvertisements, but you should use them either way. uBlock Origin and AdGuard AdBlocker are good and should do the trick. 

Trend Micro’s report mentions that Cinobi seems to currently target the credentials for 11 financial entities, being at least three of them crypto Exchanges. It doesn’t list nominally the list of targeted sites (which could obviously change at any time, but an initial list could have been released), although all targets seem to currently be Japanese.


Propagation methods are recurrent, and they all lead you to installing malware through whatever means they use as a pretext. In this case, advertisements are used. As we know, people should not blindly put their faith in advertisement just because they are advertisement, since these can lead to malware or fake sites just the same.

There is a new or at least mutated banking trojan that now targets Japan base crypto exchanges. So for now it seems that it's specific for Japan, but I think this is just the beginning as the author might released it to attack other country base crypto currency exchange.


Infection routine:


So there is mode of attack, I don't fall on any of the category though, but either way, it's better to stay and practice good security hygiene so that the chances of us being the victim is slim to one.

You can read it here: https://www.trendmicro.com/en_in/research/21/h/cinobi-banking-trojan-targets-users-of-cryptocurrency-exchanges-.html