A fairly new piece of malicious software called Clipboard Hijacker is targeting Clipboard manipulation on Windows computers. As soon as the user saves a Bitcoin address known to the system to the clipboard, the address is changed automatically. The cryptocurrency then lands in the wallet of cybercriminals instead of on the desired account. This new variant is part of the recently released “All-Radio 4.27 Portable” malicious software package. It automatically monitors about 2.3 million bitcoin addresses.
The Bleeping Computer team has identified a particularly sophisticated malware for Windows computers. The Clipboard Hijacker stores 2.3 million Bitcoin addresses, which are worth money to cybercriminals. Many online marketers paste Wallet’s destination address via copy and paste. But as soon as one of the known 2.3 million addresses appears in the clipboard, the Trojan changes the clipboard. Instead of the desired wallet address is automatically entered the cybercriminals. The number of wallets saved is record-breaking. Previously known Clipboard hijackers had only 400,000 to 600,000 addresses of various crypto currencies (mostly Bitcoin) in the portfolio.
The malware installs quickly, silently and easily. After downloading the d3dx11_31.dll file, the virus creates an executable file named “DirectX 11” that will not be noticed by outsiders due to the name. This file becomes active as soon as the user logs on to Windows. Later, two more files are deposited on the target computer. Nothing happens after that. The malware should not interfere with normal operation and is otherwise not noticeable. The infected computer waits for the moment to insert a wallet address into the clipboard. This is then changed if necessary. The problem: If the user does not carefully check Wallet’s destination address, they will not detect the fraud. If you send the coins, they end up on the account of cybercriminals and are thus lost forever.
How can I protect myself from the Clipboard Hijacker?
If you want to protect yourself from manipulating your Bitcoin transfers, you should bring your anti-virus software up to date. The antivirus software should then completely check the PC. In addition, it always makes sense to reconcile the destination address with transfers manually multiple times with the original. Even with novel malicious programs can thus be avoided despite an infection of your own computer that funds are redirected to the accounts of third parties. Clipboard hijackers were reported more than a decade ago when Mac OS X users were affected by the infection. New is the change to the clipboard to redirect crypto currencies. The former malware has immediately made itself felt, because the clipboard was no longer useful. Particularly insidious is the new variant, because it makes itself felt only when it is too late and at the same time has an extensive database of Bitcoin addresses.
image by shutterstock
TheBitcoinNews.com – leading Bitcoin News source since 2012
Virtual currency is not legal tender, is not backed by the government, and accounts and value balances are not subject to consumer protections. The information does not constitute investment advice or an offer to invest.
TheBitcoinNews.com is is not responsible for the content of external sites and feeds. Guest posts, articles or PRs are not always flagged as this!