Security News > 2022 > November > New clipboard hijacker replaces crypto wallet addresses with lookalikes
A new clipboard stealer called Laplas Clipper spotted in the wild is using cryptocurrency wallet addresses that look like the address of the victim's intended recipient.
Standard clipboard stealers, also called clippers, monitor the Windows clipboard and activate when they detect a cryptocurrency wallet address that users typically copy as the destination for a payment.
To counter this risk, many crypto holders today check if the address in the clipboard is the intended one by comparing a few characters, which makes most clippers less effective.
The developers of Laplas came up with a new approach to deceive keen-eyed crypto users by using addresses that closely resemble the one the victim copied.
Identifying an address that is similar to what the victim pasted in the clipboard is done using regular expressions.
Cyble shared with BleepingComputer that their research showed that Laplas retrieved a Bitcoin address that matched the first and last few characters of the one pasted in the clipboard.