Security News > 2022 > June > Clipminer malware gang stole $1.7M by hijacking crypto payments
Threat analysts have discovered a large operation of a new cryptocurrency mining malware called Clipminer that brought its operators at least $1.7 million from transaction hijacking.
According to researchers from Symantec, a Broadcom company, Clipminer is based on the KryptoCibule malware.
Clipminer drops on the host system as a WinRAR archive and extracts automatically to launch a control panel file that downloads a dynamic link library.
Its purpose is to profile the host and download and install the Clipminer payload from the Tor network.
In parallel, the malware constantly monitors the clipboard for copied cryptocurrency addresses and replaces them on-the-fly with others belonging to the attacker, thus diverting payments.
Avoid downloading software from obscure sources to minimize the chances of getting infected with Clipminer or other malware.
News URL
Related news
- Crazy Evil Gang Targets Crypto with StealC, AMOS, and Angel Drainer Malware (source)
- Crypto-stealing iOS, Android malware found on App Store, Google Play (source)
- SparkCat Malware Uses OCR to Extract Crypto Wallet Recovery Phrases from Images (source)
- Fake Google Chrome Sites Distribute ValleyRAT Malware via DLL Hijacking (source)
- Week in review: Exploited 7-Zip 0-day flaw, crypto-stealing malware found on App Store, Google Play (source)
- Microsoft spots XCSSET macOS malware variant used for crypto theft (source)