Hackers are using new malware methods which lift copy-and-paste data to steal cryptocurrency from unsuspecting victims.
The malware, called a ‘clipper’, replaces users’ crypto addresses with the hacker’s own address when copy and pasting.
Cybersecurity researcher Lukas Stefanko discovered the exploit earlier this year. It is most often deployed through fake or infected apps on the Google Play store.
It is believed that similar malware has been used on Windows devices from as early as 2017.
The exploit, which is still being used today, waits for users to copy a receiving cryptocurrency wallet address and then hijacks the clipboard of a users’ machine to replace the paste value with the hacker’s wallet address.
The exploit works so well because many users neglect to double-check the pasted address, instead relying on the copy-and-paste data to be accurate.
Stefanko claims that the malicious downloads aren’t restricted to dodgy sites or app stores, and some are even being downloaded through highly trustworthy sites such as CNET.
The need for user-friendly addresses
Current addresses, which may be in excess of 34 characters long and case sensitive, are incredibly difficult to read and compare, which is why most users rely on copy and pasting to ensure they’ve got the right address.
Stefanko wrote on Bitcointalk, the popular Bitcoin forum where the exploit was first revealed, that:
“Even if you check part of the pasted Bitcoin address, chances are the first few characters are the same, and you still won’t notice the address was changed.”
Avoid falling prey to malware
The most simple way to avoid falling prey to such scams is to double-check every single digit of a pasted cryptocurrency address, no matter how tedious this may seem.
Stefanko also warned against using Windows software such as Cortana, as the built-in AI helper contains key-logging capabilities which could be used by hackers.
Disclaimer: The views and opinions expressed by the author should not be considered as financial advice. We do not give advice on financial products.