A new, highly dangerous malware called “Erbium” has been making the rounds over the last couple of months, and it’s highly likely that it will spread to new channels.
Erbium is an information-stealing tool that targets passwords, credit card information, cookies, cryptocurrency wallets, and more. Unfortunately, it’s widely available, which means that it could be used in new ways in the future.
Erbium, while seemingly used at a small scale right now, has a lot of potential — and that’s scary. For the time being, this information-stealing malware is being shared under the disguise of pirated games and cheats for popular titles. However, because of its nature, it can spread like wildfire, because Erbium is a Malware-as-a-Service (MaaS) — meaning that pretty much anyone can get their hands on it.
Initially, Erbium was priced at just $9 per week, but now, it costs $100 per month or $1,000 for a year-long license. For that price, threat actors gain access to customer support, updates, and more importantly, the tool itself, with its full set of capabilities.
Initially spotted in August 2022 by Cyfirma, the malware, hidden away within game cracks, has a lot of power. It can steal data found within Chromium and Gecko-based browsers, including passwords, cookies, form autofill information, and credit card data. Moreover, it targets cryptocurrency users by attempting to steal data from their wallets as long as they’re installed as a browser extension.
That’s not all, though — Erbium can also steal cold cryptocurrency wallets, such as Exodus, Atomic, Bytecoin, Ethereum, and more. In addition, it can snatch two-factor authentication codes from various password and 2FA managers, such as Trezor, EOS Authenticator, Authy 2FA, and Authenticator 2FA.
Erbium steals Telegram authentication files, Steam and Discord tokens, and screenshots from each connected monitor. As all of these things are being stolen, the threat actors are being sent a full overview of what was extracted from the victim.
This malware, which is actually still cheap despite the price hike (it costs about a third of RedLine stealer, according to Bleeping Computer), is price-competitive and is receiving a lot of praise on various hacker forums. Considering how much it can do, it’s likely that someone will eventually work it into something else beside just game cracks, and then, it will likely become more widespread.
How to stay safe?
If you want to make sure you’re not at risk, right now, all you have to do is not download any illegal files (such as cracked games or bots for games). However, it’s a good idea to stay vigilant and also make sure you’re using one of the best antivirus software, keeping it updated, and scanning each file you download. If you own cryptocurrency, consider moving your funds to a fully-offline cold wallet as opposed to a desktop wallet.
Gamers often get targeted with malware. Just recently, we’ve seen Genshin Impact being used as a gateway to stealing passwords, and the game doesn’t even need to be installed on your PC for this trick to work. This is why it’s important to use anti-malware software and perform regular scans.
