Bitcoin, Ethereum Copied Addresses Replaced by Crypto Malware to Steal Funds
A new cryptocurrency-related malware has been found by Cybersecurity firm 360 Total Security. This malware is used to steal funds by hijacking the clipboard of the user which is then replaced with a copied Bitcoin [BTC] and Ethereum [ETH] address.
As per 360 Total Security the malware which is called ClipboardWalletHijacker screen victims’ clipboard activity to distinguish whether it has a cryptocurrency address. On finding the address, it simply changes it with that of its owner. The firm stated:
“The Trojan monitors clipboard activity to detect if the activity contains the account address of Bitcoin (BTC) and Ethereum (ETH). It tampers with the receiving address to its own address to redirect the cryptocurrency to its own wallet. This kind of Trojan has been detected on more than 300,000 computers within a week.” -360 Total Security
The cybersecurity firm found an ETH address related to the scam. At the time of the press, the said address has more than 1500 USD worth of tokens in it and not long ago, it transferred over 6500 USDwirht of ETH to other different addresses.
According to the firm, the primary target of the malware is the ETH address/ At first, it looks for these and subsequently checked whether the customer has copied the bitcoin address on its clipboard. It has been identified that the three BTC belong to ClipboardWalletHijacker’s owner(s) where the largest one currently has 0.0898 BTC ($580) in it.
The report suggests, the malware seeks ETH addresses by first recognizing a “0x” string followed by searching for the correct number of characters. In the same way, it recognizes BTC addresses by looking at clipboard content which begins with “1” or “3” and has a fixed number of characters.
Shortly after cybersecurity firm, Carbon Black revealed that within this year, cybercriminals have stolen more than 1.1 billion USD worth of cryptocurrency, with moves that allegedly weren’t too hard to pull off. A year ago, a malware known as CryptoShuffler got programmers over 150,000 USD by using a same kind of plan, before it began being broadly written about. To remain safe, clients should “enable antivirus software while installing new applications,” as indicated by 360 Total Security. Before transacting, recipient addresses should be carefully checked.
Follow us on Telegram!