You are now subscribed
Your newsletter sign-up was successful
Want to add more newsletters?
Every Friday
GamesRadar+
Your weekly update on everything you could ever want to know about the games you already love, games we know you're going to love in the near future, and tales from the communities that surround them.
Every Thursday
GTA 6 O'clock
Our special GTA 6 newsletter, with breaking news, insider info, and rumor analysis from the award-winning GTA 6 O'clock experts.
Every Friday
Knowledge
From the creators of Edge: A weekly videogame industry newsletter with analysis from expert writers, guidance from professionals, and insight into what's on the horizon.
Every Thursday
The Setup
Hardware nerds unite, sign up to our free tech newsletter for a weekly digest of the hottest new tech, the latest gadgets on the test bench, and much more.
Every Wednesday
Switch 2 Spotlight
Sign up to our new Switch 2 newsletter, where we bring you the latest talking points on Nintendo's new console each week, bring you up to date on the news, and recommend what games to play.
Every Saturday
The Watchlist
Subscribe for a weekly digest of the movie and TV news that matters, direct to your inbox. From first-look trailers, interviews, reviews and explainers, we've got you covered.
Once a month
SFX
Get sneak previews, exclusive competitions and details of special events each month!
Here come the hackers again, poised to relieve you of your cryptocurrency and break into your Steam and Discord accounts. And in the same fell swoop, besmirching the name of the most pure and non-malign bear on the planet: the panda.
'Panda Stealer' is being distributed through phishing emails and Discord links, and is hell-bent on picking out any cryptocurrency-related data on your machine. As TrendMicro outlines, your Ethereum, Dash, Bytecoin and Litecoin keys and addresses are all at risk, though there's no mention of other currencies being affected (via Tom's Hardware).
The malware—which utilises a fileless distribution method to remain undetected—also has a taste for NordVPN, Telegram, Discord, and Steam details, and is able to take screenshots, pilfer passwords and card credentials, as well as raid both the virtual and proverbial cookie jar.
Business quote requests is usually how the software masquerades in your inbox. Once you click through, the waltz begins with an XLSM or XLS file download. Once in, the malware worms its way through your system with a formula veiling a PowerShell command, accesses paste.ee and gives itself permission to download yet more PowerShell commands to retrieve your super-secret info—all in the blink of an eye.
Attempts have been made to trace the virus back to its IP of origin, and although it only threw up a rented Shock Hosting virtual server, it has been reported and the server suspended. But it probably won't help much.
So, as always, be hyper-aware of what you're clicking. And make sure you grab one of the best antivirus programs, just to be sure.
