Meduza: Scary name, scarier malware

Use Chrome, Edge, Brave, Sidekick, Opera or Firefox to browse the web? What about Discord, Steam, a password manager or a crypto wallet? 

You’re a prime target for the Meduza Stealer — a type of malware that poses a serious personal and digital security risk. Its primary purpose is to steal valuable data from your computer. We’re talking login credentials, credit card details and cryptocurrency wallet data.

Let’s take a deeper look at how the malicious software works. Consider this your Cybersecurity 102 lesson of the day!

Hunt and gather

Once Meduza Stealer infiltrates a computer, it gets to work gathering information. Step 1: GPS check. Meduza does not steal data from any computer in Russia, Kazakhstan, Belarus, Georgia, Turkmenistan, Uzbekistan, Armenia, Kyrgyzstan, Moldova or Tajikistan.

Not in one of those countries? Great. Now it’s ready to collect details about your computer system, which it then uses to sniff out your valuable data. Passwords, card details and other credentials are fair game. Then all that info goes back to the attacker.

It can steal info from 19 password manager apps, 76 crypto wallets and 95 web browsers, as well as apps Discord and Steam.

Hiding in plain sight

The Meduza Stealer is notoriously hard to spot. A process called obfuscation hides its activities, essentially masking actions so they appear harmless or invisible to your computer’s security software. It also uses encryption to protect your stolen data during transmission back to the attacker. Uh, thanks?

It’s also pretty darn good at tricking standard antivirus software. The stealer changes and adapts once it’s spotted so it can fly under the radar. Free AV isn’t going to cut it.

How to protect yourself

Yeah, it’s tricky, but some vigilance and basic security measures go a long way. 

Continue reading

Google’s Dark Side: 5 search terms to avoid at all cost

Ever Google search for coupons or promo codes? You’ll probably waste 15 minutes putting in codes that don’t work. At worst, you’ll end up on a malware-infected site. Use these proven tricks to save money instead.

Streaming is expensive, so you might be tempted to look up free TV shows or movies. Don’t do it. There are seriously sketchy sites out there. I put together a list of ways to get free movies and shows you can trust.

Continue reading

Vampires keep their money in a blood bank: This is unbelievable. A dumb Kansas bank CEO got 24 years in prison after falling for a massive crypto scam. He blew through his money and his daughter’s college fund, and then he ordered $47 million in bank funds to be transferred to a secret crypto wallet, thinking he’d get rich. No word on if or when the bank’s customers will get their money.

Don't fall for these fake cryptocurrency ads all over Facebook

New cryptocurrencies are constantly popping up. While Bitcoin is the most well-known crypto, others like Ethereum and Shiba Inu have steadily grown in popularity.

Lucky Block is one of the newest and ties itself to the lottery industry. However, there aren’t too many cryptocurrencies that hedge their bets on social media. Well, that doesn’t seem to be the case if you believe some advertising on Facebook.

Continue reading

That random cryptocurrency you received? Here's how to tell if it's a scam

Cryptocurrency is a hot topic on social media. It seems like everybody is making a killing with digital currency, and that has people feeling left out. This makes crypto a prime target for scammers to use as bait to lure in victims.

Continue reading

Blessing in disguise: Back in 2013, a guy lost access to his digital crypto wallet filled with 43.6 bitcoin. The file with his 20-character password got corrupted, and it seemed like the money was lost forever. Fast-forward to now: Some very smart hired help cracked the code, and the guy’s now sitting on nearly $3 million. Bet he’s really glad he didn’t sell early.