Clipper malware used to steal cryptocurrency funds – Yahoo Finance

Hackers are using new malware methods which lift copy-and-paste data to steal cryptocurrency from unsuspecting victims.

The malware, called a clipper, replaces users crypto addresses with the hackers own address when copy and pasting.

Cybersecurity researcher Lukas Stefanko discovered the exploit earlier this year. It is most often deployed through fake or infected apps on the Google Play store.

It is believed that similar malware has been used on Windows devices from as early as 2017.

The exploit, which is still being used today, waits for users to copy a receiving cryptocurrency wallet address and then hijacks the clipboard of a users machine to replace the paste value with the hackers wallet address.

This results in cryptocurrency users sending their funds directly to a wallet they dont control.

The exploit works so well because many users neglect to double-check the pasted address, instead relying on the copy-and-paste data to be accurate.

The malware is delivered through downloads, some of which are impersonations of legitimate cryptocurrency software such as MetaMask.

Stefanko claims that the malicious downloads arent restricted to dodgy sites or app stores, and some are even being downloaded through highly trustworthy sites such as CNET.

Many cryptocurrency experts have called for user-friendly wallet addresses that are easier to remember or recognise at a glance but which dont compromise on cryptographic security.

Current addresses, which may be in excess of 34 characters long and case sensitive, are incredibly difficult to read and compare, which is why most users rely on copy and pasting to ensure theyve got the right address.

Stefanko wrote on Bitcointalk, the popular Bitcoin forum where the exploit was first revealed, that:

Even if you check part of the pasted Bitcoin address, chances are the first few characters are the same, and you still wont notice the address was changed.

Story continues

The most simple way to avoid falling prey to such scams is to double-check every single digit of a pasted cryptocurrency address, no matter how tedious this may seem.

Stefanko also warned against using Windows software such as Cortana, as the built-in AI helper contains key-logging capabilities which could be used by hackers.

Multiple entities have been blamed for the proliferation of cryptocurrency malware, from shady organised criminal gangs to highly clandestine North Korean hacking groups.

If youd like to learn more about the threats of crypto malware and steps you can take to protect yourself, read here.

The post Clipper malware used to steal cryptocurrency funds appeared first on Coin Rivet.

See the original post:
Clipper malware used to steal cryptocurrency funds - Yahoo Finance