Security News > 2022 > June > Clipminer malware gang stole $1.7M by hijacking crypto payments
Threat analysts have discovered a large operation of a new cryptocurrency mining malware called Clipminer that brought its operators at least $1.7 million from transaction hijacking.
According to researchers from Symantec, a Broadcom company, Clipminer is based on the KryptoCibule malware.
Clipminer drops on the host system as a WinRAR archive and extracts automatically to launch a control panel file that downloads a dynamic link library.
Its purpose is to profile the host and download and install the Clipminer payload from the Tor network.
In parallel, the malware constantly monitors the clipboard for copied cryptocurrency addresses and replaces them on-the-fly with others belonging to the attacker, thus diverting payments.
Avoid downloading software from obscure sources to minimize the chances of getting infected with Clipminer or other malware.
News URL
Related news
- North Korean Hackers Target Crypto Firms with Hidden Risk Malware on macOS (source)
- North Korean hackers use new macOS malware against crypto firms (source)
- New DroidBot Android malware targets 77 banking, crypto apps (source)
- Crypto-stealing malware posing as a meeting app targets Web3 pros (source)
- Windows, macOS users targeted with crypto-and-info-stealing malware (source)
- Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack (source)