A 29-year-old Lithuanian man is being accused of creating and distributing the Windows-targeting KMSAuto malware. This has infected over 2 million users, siphoning $1.18 million from their cryptocurrency wallets.
For reference, KMSAuto posed as a Windows activation tool. The program was downloaded 2.8 million times between April 2020 and January 2023.
Once installed, it uses ‘memory hacking’ to swap the recipient’s wallet address during transactions. The funds are then redirected to the attacker while victims are left unaware.
The suspect, known only as ‘Lithuanian A’, was tracked via a joint investigation. The raid in his home was led by the Korean National Police Agency’s National Office of Investigation last month.
Aside from the suspect, 22 items were seized including phones and laptops as reported by Korean Joongang Daily. He was then apprehended by Georgian police on an Interpol red notice.
Korean cybercrime officials say that they’ll persist with pursuing means for cross-border cooperation and extradition to combat borderless online crimes.
Comments
No comments yet. Be the first to share your thoughts!