Connect with us



Windows Pirates Lose Their Bitcoin to Malware Tainted Tool Named Cryptbot

The malware tool, disguised as a KMSPico installer targets sensitive information like crypto wallets.

Photo by Clear Cut Ltd / Pixabay

Software pirates targeting a free copy of Microsoft Windows have run into malware-tainted “activation tools” that clean out their crypto wallets entirely.

Red Canary reported via PC World that the source of the infections is traced back to a fake KMSPico installer. This is a tool used by pirates to activate a pirated copy of Microsoft Windows and Office products despite them not owning a license or product activation key of any sort. This would usually enable them to use their copies as though they’re legitimate.

The unwritten rule around this activation tool is to disable one’s antivirus as security tools usually end up blocking the KMSPico tool since they flag them as a Potentially Unwanted Program (PUP). This enables the Cryptbot to wreak havoc on the system.

Once it activates, the Cryptbot scans for any traces of credentials and sensitive information, including crypto wallets. There is an extensive list of cryptocurrencies that are at the moment facing a huge risk from the malware-tainted tool, including Electrum, Monero, Exodus, and Ledger Live, not to mention other applications like browsers such as Chrome, Firefox, Brave, and Opera.

The KMSPico installer harbors a Windows Key Management Services or KMS, which is a legit technology used to license products in bulk, and as a result, had some IT departments face the issue of inadvertently corrupting their systems with the Cryptbot despite having a legitimate license.

Since crypto offers lucrative rewards for anyone dealing in it, it has unfortunately become a target of malware over the years. Various schemes like crypto-mining malware tying up system resources to fraud crypto apps that attempt to steal users’ private keys are a couple of dangerous examples.

Regarding the KMSPico installer that’s infected with malware, this is a cautionary development for anyone wishing to take a shortcut to enjoy a Windows product instead of paying for an official license, as it can end horribly for them.


Trending Articles




The company's COO made a heartfelt Twitter thread thanking the company for her time there, and has confirmed she's moving onto something bigger and...


BitOasis finds itself under the wing of the UAE's new crypto regulator.


The Will Smith Inu is currently experiencing a surge, but will it last?


Bank Leumi, one of the 2 largest banks in all of Israel, is all set to enable the holding, buying, and selling of cryptocurrency.

Blockwatch is a news and information site on crypto, digital assets, NFTs, crypto investing, and the future of money. Blockwatch is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. Blockwatch is an independent operating subsidiary of Ubiquitous, Inc, which invests in cryptocurrencies and blockchain startups.

Copyright © 2022 Blockwatch™ Media, Inc. Blockwatch™ Media is a Ubiquitous company. All rights reserved.