Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 17 submissions in the queue.

Clipboard Hijacker Malware Monitors 2.3 Million Bitcoin Addresses

posted by martyb on Wednesday July 04 2018, @08:40AM   Printer-friendly
from the Only-cut-n-paste-one-half-at-a-time dept.

MrPlow writes:

Submitted via IRC for BoyceMagooglyMonkey

While cryptocurrency has seen tremendous growth over the past year, sending cryptocoins still requires users to send the coins to long and hard to remember addresses. Due to this, when sending cryptocoins, many users will simply copy the address into memory from one application and paste it into another application that they are using to send the coins.

Attackers recognize that users are copying and pasting the addresses and have created malware to take advantage of this. This type of malware, called CryptoCurrency Clipboard Hijackers, works by monitoring the Windows clipboard for cryptocurrency addresses, and if one is detected, will swap it out with an address that they control. Unless a user double-checks the address after they paste it, the sent coins will go to an address under the attackers control instead the intended recipient.

While we have covered cryptocurrency clipboard hijackers in the past and they are not new, most of the previous samples monitored for 400-600 thousand cryptocurrency addresses. This week BleepingComputer noticed a sample of this type of malware that monitors for a over 2.3 million cryptocurrency addresses!

Source: https://www.bleepingcomputer.com/news/security/clipboard-hijacker-malware-monitors-23-million-bitcoin-addresses/

Original Submission

 
This discussion has been archived. No new comments can be posted.
Clipboard Hijacker Malware Monitors 2.3 Million Bitcoin Addresses | Log In/Create an Account | Top | 31 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 3, Insightful) by pkrasimirov on Wednesday July 04 2018, @11:38AM (2 children)

    by pkrasimirov (3358) Subscriber Badge on Wednesday July 04 2018, @11:38AM (#702496)

    > never swap out a blockchain address that belongs to another malware's scam
    Because it will be bad to have the stolen coins in one account instead of another? It will mess all their accounting?

    Starting Score:    1  point
    Moderation   +1  
       Insightful=1, Total=1
    Extra 'Insightful' Modifier   0  
    Karma-Bonus Modifier   +1  
    Total Score:   3  

  • (Score: 2) by zocalo on Wednesday July 04 2018, @11:47AM (1 child)

    by zocalo (302) on Wednesday July 04 2018, @11:47AM (#702498)
    I suppose it might, if the wallet you're about to steal from is known to belong to a bigger fish in the cybercrime pool that could retaliate against you. Doesn't change the original point though; having a list of wallets to steal from (the very size of which makes it unlikely to be fully vetted for hypothetical "bigger fish") rather than a generic RegEx and a blacklist of ones not to swap out implies an extremely poor grasp of some pretty basic coding concepts.
    --
    UNIX? They're not even circumcised! Savages!

    • (Score: 0) by Anonymous Coward on Wednesday July 04 2018, @05:11PM

      by Anonymous Coward on Wednesday July 04 2018, @05:11PM (#702624)

      Then maintain a much much smaller list of addresses not to swindle.