Researchers thwart phishing scam on Jaxx cryptocurrency wallet

• The site would upload Windows malware along with the actual Jaxx software, with the malware running in the background. Custom malware stole files from a user's desktop, while bundled, widely available malware accessed other files and stole cryptocurrency account information whenever it was copied and pasted.
• The Mac malware gave an error message in English and Russian and prompted users to provide account information that would allow the hackers to steal currency.
• Flashpoint is aware of infections from the malware, but is not clear how users were first sent to the site.

Mitigation: Flashpoint contacted both Jaxx and the security company Cloudflare, which the site had used for users' connections. Cloudflare suspended the site.