Security News > 2022 > June > Clipminer malware gang stole $1.7M by hijacking crypto payments

Threat analysts have discovered a large operation of a new cryptocurrency mining malware called Clipminer that brought its operators at least $1.7 million from transaction hijacking.
According to researchers from Symantec, a Broadcom company, Clipminer is based on the KryptoCibule malware.
Clipminer drops on the host system as a WinRAR archive and extracts automatically to launch a control panel file that downloads a dynamic link library.
Its purpose is to profile the host and download and install the Clipminer payload from the Tor network.
In parallel, the malware constantly monitors the clipboard for copied cryptocurrency addresses and replaces them on-the-fly with others belonging to the attacker, thus diverting payments.
Avoid downloading software from obscure sources to minimize the chances of getting infected with Clipminer or other malware.
News URL
Related news
- New MassJacker Malware Targets Piracy Users, Hijacking Cryptocurrency Transactions (source)
- Microsoft: New RAT malware used for crypto theft, reconnaissance (source)
- New Crocodilus malware steals Android users’ crypto wallet keys (source)
- Crypto Developers Targeted by Python Malware Disguised as Coding Challenges (source)
- Node.js Malware Campaign Targets Crypto Users with Fake Binance and TradingView Installers (source)
- Docker Malware Exploits Teneo Web3 Node to Earn Crypto via Fake Heartbeat Signals (source)
- North Korean Hackers Spread Malware via Fake Crypto Firms and Job Interview Lures (source)