Security News > 2022 > June > Clipminer rakes in $1.7m in crypto hijacking scam
A crew using malware that performs cryptomining and clipboard-hacking operations have made off with at least $1.7 million in stolen cryptocurrency.
They also observed that there are several design similarities between Clipminer and KryptoCibule - another cryptomining trojan that, a few months before Clipminer hit the scene, was detected and written about by ESET analysts.
"While we cannot confirm if Clipminer and KryptoCube are one and the same, the design similarities are striking," the Symantec threat hunters wrote.
Clipminer drops a WinRAR archive into the host and automatically extracts and drops a downloader in the form of a dynamic link library.
Clipminer picks the address that matches the prefix of the address that's being replaced, making it less likely the user will notice anything and more likely they will go ahead with the transaction.
"If we include the funds transferred out to these services, the malware operators have potentially made at least $1.7 million from clipboard hijacking alone."
News URL
https://go.theregister.com/feed/www.theregister.com/2022/06/03/clipminer-cryptocurrency-millions/