Hackers are luring unsuspecting investors with their fake cryptocurrency SpriteCoin. This vicious cryptocurrency will install ransomware on your device, and yet more malware if the ransom is paid. For those unfortunate people who have invested their money into SpriteCoin, thinking they were going to be making money, they instead found that it was the opposite. And for those who then paid the Monero payment that was being demanded in the ransom note, in return for a decryption key, they quickly found more malware. Researchers have said; “…another piece of malware is deployed with capabilities including certificate harvesting, image parsing and web camera activation.” The researches add that SpriteCoin “is not a true cryptocurrency, but is one that was created for this specific attack…the allure of quick wealth through cryptocurrency seems to be enough to trick unsuspecting users to rush toward the wallet app du jour without consideration.” The home page of the alleged cryptocurrency states that it is a new cryptocurrency written in JavaScript, which uses the CryptoNight algorithm, but is not cryptonote-based. They claim to have a maximum supply of 1 trillion coins, with a block time of 45. This is all to lure the unsuspecting investor in, so that they download it, where they are then asked to enter a wallet password. The ‘blockchain’ then begins downloading, but in reality, what is actually happening is that an encryption routine is running, where the victims Chrome and Firefox credentials are being sent to the attackers’ website. The researcher adds; “Once the user’s files have been encrypted (or when the user attempts to access an encrypted file) the ransom note is generated and displayed in a browser window informing the victim and offering decryption for a ransom fee.” The fee that is being demanded is 0.3Monero, which is equivalent to nearly $100. Professionals have said that although the Malware has not been properly examined, “[They] can verify that it does have the capability to activate web cameras and parse certificates and keys that will likely leave the victim more compromised than before…In this instance, it seems like the intent was not just about money…What we infer is that the intent is not about the amount of money, but possibly about proof of concept or testing new delivery mechanisms, and to see how many people would fall for it. This is very similar to when attackers would test to see how effective or fast a worm would spread before really launching it. This could be the same concept.” Image Source: Flickr Sponsored by