Google Threat Intel flags ‘Ghostblade’ crypto-stealing malware
Ghostblade is one of six malware tools in the “DarkSword” suite of malicious software designed to steal crypto private keys and user data.
Google Threat Intelligence has identified a new form of crypto-stealing malware called “Ghostblade” that affects Apple iOS devices and is part of the “DarkSword” suite of browser-based malware tools designed to steal private keys and other sensitive information.
Ghostblade is written in JavaScript and designed for rapid data theft. The crypto-stealing malware activates, grabs sensitive data from the compromised device, and relays it to malicious servers, according to Google Threat Intelligence.
The Ghostblade malware does not run 24/7 on the compromised device, does not require extra plug-ins to function, and stops functioning after extracting data, making it more difficult to detect, the threat researchers said.