Efimer Trojan Poses as Torrents to Steal Cryptocurrency

27 Aug 2025

Researchers at Kaspersky have identified a new cyber threat disguised as torrents, with the notorious Efimer trojan at its core. This malicious software is actively attempting to infiltrate users' cryptocurrency wallets by disguising itself as legitimate torrent downloads. The criminals behind Efimer exploit inadequately protected websites, particularly those powered by WordPress, to distribute these dangerous files.

These files often present themselves as newly released movies. However, once downloaded, the torrent contains a malicious file, camouflaged as a media player executable named xmpeg_player.exe. This clever mimicry allows the trojan to trick users into launching the program, unleashing its harmful payload.

Phishing Campaigns Targeting Companies

In addition to individual users, companies have also become targets of this cyberattack. The perpetrators dispatch phishing emails filled with false accusations of copyright infringement. Included in these emails is an archive file claiming to contain details about these supposed violations. In reality, however, it harbors the Efimer trojan, ready to execute once opened.

Upon activation, Efimer begins searching through the victim's device for strings that resemble seed phrases, which are critical for accessing cryptocurrency wallets. The trojan manipulates these transactions, redirecting funds to the attackers' own cryptocurrency addresses instead.

Global Reach and Growing Threat

The impact of Efimer has already been felt on an international scale, with Kaspersky reporting victims in Russia, India, Spain, Italy, and Germany. The number of affected users continues to rise as the distribution of this malware spreads. This global reach underscores the need for increased vigilance and robust cybersecurity measures.

This incident is reminiscent of previous attacks, such as SparkKitty, which targeted iOS and Android platforms in Southeast Asia and China to similarly pilfer cryptocurrency from unsuspecting users. These threats underline the ongoing efforts by cybercriminals to exploit digital financial systems, highlighting the importance of security awareness and proactive measures to safeguard against such activities.

Update: 27 Aug 2025

Top charts for Desktop Windows

uTorrent

uTorrent

Latest update uTorrent download for free for Windows PC or Android mobile

5
1032 reviews
7508630
downloads
Zona

Zona

Latest update Zona download for free for Windows PC or Android mobile

4
614 reviews
1735705
downloads
WinRAR

WinRAR

Streamline file management with fast compression, secure your documents, and save space.

5
735 reviews
746793
downloads
Minecraft

Minecraft

Shape environments, explore vast worlds, and survive against monsters with endless creativity.

5
750 reviews
497321
downloads

Comments (0)

No comments yet. Be the first to comment!