This sneaky hijack malware replaces your crypto addresses with lookalikes

By Scott Marlette Last updated Nov 5, 2022

A brand new clipper malware has been found taking the theft of cryptocurrency to a whole new level, researchers have claimed.

Clippers are a well-known security threat, as they are malware variants that monitor the clipboard of a Windows-powered endpoint (opens in new tab), and when they see that a user copied a cryptocurrency wallet address to the clipboard, they’ll replace it with an address belonging to the attacker. That way, when the victim sends their funds, they’re actually sending them to a wallet belonging to the attackers.

But the attack is quite easy to spot, especially for more security-aware users (which crypto users generally are) – all it takes is to cross-reference a couple of characters between the copied address and the pasted one, to see if they match. Usually, users would check the last few characters.

Generating countless addresses?

That’s exactly the safety measure the new Laplas Clipper is looking to eliminate, and it does so by generating addresses that are seemingly identical to the authentic ones.

Exactly how Laplas does this is not yet clear, researchers from Cyble said, as the process takes place on the attacker’s server, and crypto addresses are sometimes a string of more than 40 characters.

One of the potential answers is that the malware operators generated countless addresses in advance, and the tool just uses the one most closely resembling the authentic one, at the moment.

When BleepingComputer put the clipper to the test, it came out with mixed results. While bitcoin addresses matched the first, and the last few characters, Ethereum addresses were not even close. In general, the clipper hunts for addresses for these cryptocurrencies: Bitcoin, Ethereum, Bitcoin Cash, Litecoin, Dogecoin, Monero, Ripple, ZCash, Dash, Ronin, Tron, and Steam Trade URL.

The tool comes in a subscription model, with pricing being $29 for one Sunday, $59 for a month, $159 for three months, $299 for half a year, and $549 for a full year.

Via: BleepingComputer (opens in new tab)

For all the latest Technology News Click Here

For the latest news and updates, follow us on Google News.

Read original article here

Denial of responsibility! TechNewsBoy.com is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.