ELECTRUM

Language updated 3 months ago (2024-09-19T17:32:31.346Z)
Download STIX
Preview STIX
Electrum is a threat actor that has been implicated in numerous cyber attacks, including those against Ukraine on February 1, 2022. These attacks were Bitcoin-themed and involved Electrum Bitcoin wallets, with similarities observed in later attacks conducted in April of the same year. The delivery method involved PDF documents that referenced Electrum Bitcoin wallets, and an initial loader Trojan executable downloaded by JavaScript within these documents. This executable was signed using a certificate bearing the name "Electrum Technologies GmbH", further connecting the threat actor to the attacks. The malware used by Electrum demonstrated a significant focus on exploiting financial data, particularly targeting cryptocurrency wallets such as Coinbase, MetaMask, Wasabi, Binance, Daedalus, Electrum, Atomic, Harmony, Enjin, Hoo, Dapper, Coinomi, Trust, Blockchain, and XDeFI. Cyble's team also reported that Atomic Stealer, another malware variant, could target crypto wallets like Electrum, Binance, Exodus, Atomic, and Coinomi. This focus on crypto wallets indicates a high risk of substantial financial losses for victims whose wallet information is compromised. Electrum has been linked to power grid outages in Ukraine and other incidents, often working in conjunction with other threat groups like Kamacite. The group appears to specialize in gaining initial access before handing off to Electrum, which functions as an "ICS effects team". Increased activity from mature threat groups like ELECTRUM has been noted during periods of geopolitical tension, such as the Ukraine-Russia conflict and tensions between China and Taiwan. The new Atomic Stealer malware has also leveraged several functions to steal browser data and assets from cryptocurrency wallets, including Atomic, Exodus, Coinomi, and Electrum.
Description last updated: 2024-09-03T16:16:35.612Z
Aliases We are not currently tracking any aliases
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Source Document References
Information about the ELECTRUM Language was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
PreviewSource LinkCreatedAtTitle
Fortinet
4 months ago
Securityaffairs
4 months ago
Fortinet
6 months ago
CERT-EU
2 years ago
BankInfoSecurity
10 months ago
CERT-EU
10 months ago
CERT-EU
10 months ago
Securityaffairs
10 months ago
CERT-EU
a year ago
Securityaffairs
a year ago
Checkpoint
a year ago
Securityaffairs
a year ago
Checkpoint
a year ago
Securityaffairs
a year ago
CERT-EU
a year ago
CERT-EU
2 years ago
MITRE
2 years ago
MITRE
2 years ago
CERT-EU
2 years ago
CSO Online
2 years ago