Security News > 2022 > November > New Laplas Clipper Malware Targeting Cryptocurrency Users via SmokeLoader
Cryptocurrency users are being targeted with a new clipper malware strain dubbed Laplas by means of another malware known as SmokeLoader.
Observed in the wild since circa 2013, SmokeLoader functions as a generic loader capable of distributing additional payloads onto compromised systems, such as information-stealing malware and other implants.
The goal of clipper malware like Laplas is to hijack a virtual currency transaction intended for a legitimate recipient to that owned by the threat actor.
"Laplas is new clipper malware that generates a wallet address similar to the victim's wallet address," the researchers pointed out.
The newest clipper malware offers support for a variety of wallets like Bitcoin, Ethereum, Bitcoin Cash, Litecoin, Dogecoin, Monero, Ripple, Zcash, Dash, Ronin, TRON, Cardano, Cosmos, Tezos, Qtum, and Steam Trade URL. It's priced from $59 a month to $549 a year.
"It is a modular malware, indicating it can get new execution instructions from servers and download additional malware for expanded functionality. In this case, the TAs use three different malware families for financial gain and other malicious purposes."
News URL
https://thehackernews.com/2022/11/new-laplas-clipper-malware-targeting.html
Related news
- New Linux Malware Campaign Exploits Oracle Weblogic to Mine Cryptocurrency (source)
- North Korean Hackers Target Cryptocurrency Users on LinkedIn with RustDoor Malware (source)
- Binance Warns of Rising Clipper Malware Attacks Targeting Cryptocurrency Users (source)
- New Perfctl Malware Targets Linux Servers for Cryptocurrency Mining and Proxyjacking (source)