Password-stealing Erbium malware is spreading fast — and loved by cybercriminals

News
By last updated

Erbium can steal passwords from your browser and even cryptocurrency

A magnifying glass showing the word malware
(Image credit: Shutterstock)

A new password-stealing malware called Erbium that is currently being distributed as fake cracks and cheats for popular video games is gaining popularity among cybercriminals.

As reported by BleepingComputer, this new malware is capable of stealing credit card info, cookies and cryptocurrency wallets in addition to passwords.

Undercutting the Malware-as-a-Service market 

Beginning in July, security researchers observed that Erbium was being promoted on Russian-speaking forums. While access to the malware initially cost just $9 per week, its price increased to $100 per month or $1,000 annually once Erbium gained popularity among cybercriminals.

The RedLine stealer is another popular malware used by cybercriminals in their attacks. However, access to Erbium costs significantly less, which has helped it become popular so quickly.

On an infected machine, Erbium is capable of stealing data stored in either Chromium or Gecko-based web browsers including passwords, cookies, credit card data and autofill information. The malware is also able to steal data from a number of popular cryptocurrency wallets that offer browser extensions.

Erbium goes a step farther though as the malware can steal crypto from cold desktop wallets including Exodus, Atomic, Armory, Bitecoin-Core, Bytecoin, Dash-Core, Electrum, Electron, Coinomi, Ethereum, Litecoin-Core, Monero-Core, Zcash, and Jaxx. It can also steal two-factor authentication (2FA) codes from Trezor Password Manager, EOS Authenticator, Authy 2FA, and Authenticator 2FA. Gamers aren’t safe either as Erbium can steal Steam and Discord tokens.

Still a work in progress 

A hacker typing on a computer

(Image credit: Shutterstock)

Erbium is a relatively new malware strain but despite that fact, it’s already been quite well received by the cybercriminal community.

Even though it’s still a work in progress, users on dark web hacking forums have praised the way in which its creator has been open to requests for new features and functionality.

So far, Erbium infections have been detected in the U.S., France, Colombia, Spain, Italy, India, Vietnam and Malaysia according to Cluster25.

The first Erbium campaign discovered used game cracks as lures in order to target software pirates. However, now that the malware has become more popular, other cybercriminals could devise new ways to distribute this dangerous, password-stealing malware so be on the lookout.

How to stay safe from password-stealing malware

Password-stealing malware like Erbium and RedLine can throw your whole life into turmoil, as you’ll be locked out of your online accounts. Unlike with ransomware, there’s no way to recover your stolen data.

As such, you should ensure that you have one of the best antivirus software solutions installed on your PC, the best Mac antivirus software on your Mac and one of the best Android antivirus apps on your Android smartphone. This way, you’ll be able to stop an infection before it happens as opposed to trying to clean up the mess afterwards. 

At the same time, you should avoid saving passwords in your browser and use one of the best password managers instead. 

If you do happen to fall victim to password-stealing malware, you may want to invest in one of the best identity theft protection services to help speed up the restoration process.

Read next: A new iOS tool could be a malware nightmare, and this is how iPhone owners can stay safe.

Anthony Spadafora
Anthony Spadafora
Managing Editor Security and Home Office

Anthony Spadafora is the managing editor for security and home office furniture at Tom’s Guide where he covers everything from data breaches to password managers and the best way to cover your whole home or business with Wi-Fi. He also reviews standing desks, office chairs and other home office accessories with a penchant for building desk setups. Before joining the team, Anthony wrote for ITProPortal while living in Korea and later for TechRadar Pro after moving back to the US. Based in Houston, Texas, when he’s not writing Anthony can be found tinkering with PCs and game consoles, managing cables and upgrading his smart home.