page = krebs on security – in-depth security news and …
url = https://krebsonsecurity.com
That same ToX ID was claimed by a user called “ smiseo ” on the Russian forum BHF, in which smiseo advertises “clipper” malware written in Rust that swaps in the attacker’s bitcoin address when the victim copies a cryptocurrency address to their computer’s temporary clipboard.
The nickname “ YBCat ” advertised that same ToX ID on Carder[.]uk, where this user claimed ownership over the Telegram account @CookieDays , and said they could be hired to do software and bot development “of any level of complexity.” YBCat mostly sold “installs,” offering paying customers to ability to load malware of their choice on thousands of hacked computers simultaneously.