Ross Ulbricht, the controversial creator of the Silk Street, has lengthy been on the coronary heart of debates concerning the intersection of know-how and prison exercise. Following a full pardon from US President Donald Trump, a brand new wave of cybercrime has emerged, leveraging information of Ulbricht’s case to ship malware to unsuspecting targets.
Exploiting the information surrounding him, risk actors on X are redirecting customers to a Telegram channel the place they’re duped into operating PowerShell scripts that infect their gadgets with malware.
Ross Ulbricht Malware Marketing campaign
In accordance with vx-underground researchers’ newest replace, the assault makes use of a brand new variation of the favored “Click on-Repair” tactic, however with a twist. Somewhat than disguising itself as a typical error repair, this model pretends to be a captcha or verification course of required to affix the channel.
On this case, cybercriminals are impersonating Ulbricht utilizing faux however verified accounts on X to lure customers to Telegram channels falsely claimed to be official. As soon as on Telegram, customers encounter a fraudulent “Safeguard” id verification course of, which leads them to a mini app that generates a faux verification dialog and robotically copies a PowerShell command to their clipboard.
Customers are then instructed to run the command by way of the Home windows Run dialog. As such, executing the command triggers a sequence of occasions. Initially, it downloads a PowerShell script, which retrieves a ZIP file from http://openline[.]cyou. The ZIP file comprises a number of information, together with identity-helper.exe, suspected to be a Cobalt Strike loader – a software often utilized by attackers for distant entry and launching ransomware or information theft campaigns.
The whole course of is fastidiously worded to keep away from detection.
Ross Ulbricht Launched
This growth comes after Ulbricht was pardoned and launched this week after being imprisoned since 2013 for founding and working the notorious darkish net market Silk Street.
Silk Street was an internet market on the Tor community that allowed individuals to commerce unlawful gadgets, resembling narcotics. Ulbricht operated the location utilizing the pseudonym “Dread Pirate Roberts.” The FBI arrested him in October 2013 and took the location offline.
In 2015, Ulbricht was discovered responsible of prices together with drug distribution and cash laundering. He acquired a life sentence with out parole, and his appeals in 2017 and 2018 had been denied.
The submit Faux Ross Ulbricht Accounts Utilized in New Malware Marketing campaign appeared first on CryptoPotato.