Skip to main content

New malware can steal your credit card details — and it’s spreading fast

A new, highly dangerous malware called “Erbium” has been making the rounds over the last couple of months, and it’s highly likely that it will spread to new channels.

Erbium is an information-stealing tool that targets passwords, credit card information, cookies, cryptocurrency wallets, and more. Unfortunately, it’s widely available, which means that it could be used in new ways in the future.

An individual surrounded by several computers typing on a laptop.
Image used with permission by copyright holder

Erbium, while seemingly used at a small scale right now, has a lot of potential — and that’s scary. For the time being, this information-stealing malware is being shared under the disguise of pirated games and cheats for popular titles. However, because of its nature, it can spread like wildfire, because Erbium is a Malware-as-a-Service (MaaS) — meaning that pretty much anyone can get their hands on it.

Initially, Erbium was priced at just $9 per week, but now, it costs $100 per month or $1,000 for a year-long license. For that price, threat actors gain access to customer support, updates, and more importantly, the tool itself, with its full set of capabilities.

Initially spotted in August 2022 by Cyfirma, the malware, hidden away within game cracks, has a lot of power.  It can steal data found within Chromium and Gecko-based browsers, including passwords, cookies, form autofill information, and credit card data. Moreover, it targets cryptocurrency users by attempting to steal data from their wallets as long as they’re installed as a browser extension.

That’s not all, though — Erbium can also steal cold cryptocurrency wallets, such as Exodus, Atomic, Bytecoin, Ethereum, and more. In addition, it can snatch two-factor authentication codes from various password and 2FA managers, such as Trezor, EOS Authenticator, Authy 2FA, and Authenticator 2FA.

Erbium steals Telegram authentication files, Steam and Discord tokens, and screenshots from each connected monitor. As all of these things are being stolen, the threat actors are being sent a full overview of what was extracted from the victim.

This malware, which is actually still cheap despite the price hike (it costs about a third of RedLine stealer, according to Bleeping Computer), is price-competitive and is receiving a lot of praise on various hacker forums. Considering how much it can do, it’s likely that someone will eventually work it into something else beside just game cracks, and then, it will likely become more widespread.

How to stay safe?

A dark mystery hand typing on a laptop computer at night.
Andrew Brookes / Getty Images

If you want to make sure you’re not at risk, right now, all you have to do is not download any illegal files (such as cracked games or bots for games). However, it’s a good idea to stay vigilant and also make sure you’re using one of the best antivirus software, keeping it updated, and scanning each file you download. If you own cryptocurrency, consider moving your funds to a fully-offline cold wallet as opposed to a desktop wallet.

Gamers often get targeted with malware. Just recently, we’ve seen Genshin Impact being used as a gateway to stealing passwords, and the game doesn’t even need to be installed on your PC for this trick to work. This is why it’s important to use anti-malware software and perform regular scans.

Editors' Recommendations

Monica J. White
Monica is a UK-based freelance writer and self-proclaimed geek. A firm believer in the "PC building is just like expensive…
Oh great, new malware lets hackers hijack your Wi-Fi router
The Linksys Hydra 6 dual-band mesh WiFi 6 router.

As if you didn't already have enough to worry about, a new report finds hackers are targeting home Wi-Fi routers to gain access to all your connected devices.

The report comes from Black Lotus Lab, a security division of Lumen Technologies. The report details several observed real-world attacks on small home/home office (SOHO) routers since 2020 when millions of people began working from home at the start of the COVID 19 pandemic.

Read more
Hackers can easily watch your every move, control PCs with free NanoCore Trojan

If your laptop or desktop is running Windows, you might want to make sure you're up and running with the latest version of the operating system and your antivirus software. Researchers have discovered a new strain of the "NanoCore" remote access trojan (RAT), which could leave the most amateur hackers in complete control of your PC.

While RAT trojans have been around for some time, the latest trojan, known as NanoCore v1.2.2, is particularly dangerous. It is freely available for hackers to download on the dark web and can also easily be deployed to PCs. The most common method for deployment is via bogus "Urgent" phishing emails that typically contain fake order invoice documents with hidden malicious macro scripts. It is well known to security researchers but also can reach deep into the Windows registry and, even the network.

Read more
Pegasus spyware can break into users’ cloud accounts and steal data
free amazon cloud storage

An Israeli software company which creates spyware has developed a tool with the ability to break into users' cloud-based accounts, according to a report in the Financial Times.

The Pegasus software developed by the NSO Group has been advertised as being able to copy authentication keys and access cloud services like Google Drive or iCloud, and can also access messaging services like Facebook Messenger. Once a phone is infected, the infection can spread to the user's cloud accounts and download their entire online history. Even after the authentication key is no longer valid, the infection can still remain.

Read more