Report: Hackers Monitor 2.3 M Cryptocurrency Addresses Via a Clipboard Malware
Bleeping Computer has warned crypto users to review several times the addresses to which they transfer cryptocurrency because of identity thefts.
The technical support website announced during the weekend that 2.3 million crypto-based addresses are monitored by malicious hackers. As a method of protection against money laundering, owners are asked to focus more on transfer details.
“Attackers recognize that users are copying and pasting the addresses and have created malware to take advantage of this. This type of malware, called CryptoCurrency Clipboard Hijackers, works by monitoring the Windows clipboard for cryptocurrency addresses, and if one is detected, will swap it out with an address that they control. Unless a user double-checks the address after they paste it, the sent coins will go to an address under the attackers control instead the intended recipient,” reported Bleeping Computer.
The number of users that own Bitcoins and altcoins have increased considerably lately. But with this, the cases of cryptojacking, money laundering, ransomware and generally malicious attacks have heightened.
Malware “runs in the background”
Experts in cybersecurity continue to alert users about the possible risks that may arise while using crypto services. Last notification was about CryptoCurrency Clipboard Hijackers. They take advantages of the users’ habit to copy-paste the wallet address and replace them with fake addresses on which hackers have control. Thus, your transfer will reach the hackers’ wallet and not the person who paid for.
According to the report, approximately 2.3 million crypto addresses are supervised by hackers. These are at risk of being replaced with malicious addresses in order to steal the funds. The company Bleeping Computer noted that malware “runs in the background with no indication that it is even running” so that it’s difficult for a user to identify if his/her device was infected.
“Therefore it is important to always have an updated antivirus solution installed to protect you from these types of threats. It is also very important that all cryptocurrency users to double-check any addresses that they are sending cryptocoins to before they actually send them,” warns Abrahams, a malware removal expert.
“When installed, a DLL named d3dx11_31.dll will be downloaded to the Windows Temp folder and an autorun called “DirectX 11” will be created to run the DLL when a user logs into the computer,” he added.