Security News > 2022 > June > Clipminer rakes in $1.7m in crypto hijacking scam
A crew using malware that performs cryptomining and clipboard-hacking operations have made off with at least $1.7 million in stolen cryptocurrency.
They also observed that there are several design similarities between Clipminer and KryptoCibule - another cryptomining trojan that, a few months before Clipminer hit the scene, was detected and written about by ESET analysts.
"While we cannot confirm if Clipminer and KryptoCube are one and the same, the design similarities are striking," the Symantec threat hunters wrote.
Clipminer drops a WinRAR archive into the host and automatically extracts and drops a downloader in the form of a dynamic link library.
Clipminer picks the address that matches the prefix of the address that's being replaced, making it less likely the user will notice anything and more likely they will go ahead with the transaction.
"If we include the funds transferred out to these services, the malware operators have potentially made at least $1.7 million from clipboard hijacking alone."
News URL
https://go.theregister.com/feed/www.theregister.com/2022/06/03/clipminer-cryptocurrency-millions/
Related news
- Crypto Scam App Disguised as WalletConnect Steals $70K in Five-Month Campaign (source)
- Binance claims it helped to bust Chinese crypto scam app in India (source)
- Lottie Player supply chain compromise: Sites, apps showing crypto scam pop-ups (source)
- Google Warns of Rising Cloaking Scams, AI-Driven Fraud, and Crypto Schemes (source)
- Now BlueSky hit with crypto scams as it crosses 20 million users (source)