Cybercriminals have found a sneaky way to snatch more digital funds: Cryptocurrency Clipboard Hijackers, a recently discovered form of malware, scans 2.3 million cryptocurrency addresses to swap legitimate destinations with addresses the attackers control. The process for transferring cryptocurrency requires users to copy a destination address from one application into memory and paste it into the program they’re using to send money.

Addresses are complex and tough to remember, so most people simply copy and paste them – a habit cybercriminals have begun to notice and exploit. Clipboard Hijacker malware scans the Windows clipboard for cryptocurrency addresses and switches legitimate destination addresses for addresses owned by attackers.

As a result, the coins in transit end up with cybercriminals instead of the intended recipients. Clipboard Hijackers are not a new threat, but this one shows attackers are getting more advanced.

Most hijacker malware scans between 400,000 to 600,000 addresses to look for targets. A newly discovered sample, reported by BleepingComputer, monitors over 2.3 million addresses.

Because this malware runs in the background, victims typically have no idea they’ve been hit. If you’re sending cryptocurrency, it’s recommended you double-check the destination address to ensure it hasn’t been replaced with a different one. Read more from darkreading.com…

thumbnail courtesy of darkreading.com