Security News > 2022 > June > Clipminer malware gang stole $1.7M by hijacking crypto payments
Threat analysts have discovered a large operation of a new cryptocurrency mining malware called Clipminer that brought its operators at least $1.7 million from transaction hijacking.
According to researchers from Symantec, a Broadcom company, Clipminer is based on the KryptoCibule malware.
Clipminer drops on the host system as a WinRAR archive and extracts automatically to launch a control panel file that downloads a dynamic link library.
Its purpose is to profile the host and download and install the Clipminer payload from the Tor network.
In parallel, the malware constantly monitors the clipboard for copied cryptocurrency addresses and replaces them on-the-fly with others belonging to the attacker, thus diverting payments.
Avoid downloading software from obscure sources to minimize the chances of getting infected with Clipminer or other malware.
News URL
Related news
- Crypto-stealing malware campaign infects 28,000 people (source)
- New Linux Variant of FASTCash Malware Targets Payment Switches in ATM Heists (source)
- Perfctl malware strikes again as crypto-crooks target Docker Remote API servers (source)
- North Korean Hackers Target Crypto Firms with Hidden Risk Malware on macOS (source)
- North Korean hackers use new macOS malware against crypto firms (source)