In the world of cryptocurrency, everything is so cryptic! Take the sender’s address for example. It’s such a long string of some GIBBERISH characters that’s literally impossible for almost everyone to remember for everyday tasks like sending money and/or receiving funds. That’s why I do like copying & pasting the address into the correct place like everyone else. That’s the easiest thing to do, right?
Time has come for taking precautions with such action as there’s a malware that is working actively for sneaking the information and make a whole ton of buck in an instant. It’s a clipboard hijacker but working on a larger scale.
Clipboard is the memory of your system that stores the content that you copy. When you paste, the content of the memory is then released. Clipboard hijackers keep an eye on the activity of this memory and can change the content of it according to their wish.
This is a serious malware. For example, think of this way – you copied a sender’s address from the web and pasted it into the wallet app. Unfortunately, the address is changed to the address of the hijacker(s). You send the money and it’s gone to wrong hand.
In the past, there were a number of other cryptocurrency clipboard hijackers in the past that would regularly monitor around 400-600 thousand of crypto addresses. However, this time, the “CryptoCurrency Clipboard Hijacker” is on the work where it’s monitoring nearly 2.3 million accounts!
Here’s a sample of the monitoring cryptocurrency addresses.
Thanks to BleepingComputer, here’s also a demo that the hijacker is working in the real world.
The infection loading method
The infection is loading as a part of the All-Radio 4.27 Portable malware package that’s distributed around the present time. It injects a DLL “d3dx11_31.dll” into “Temp” folder of Windows and an automated task with the name of “DirectX 11” will run each time users log into the computer.
This malware is a silent one and without any double-check of the addresses, you can hardly even confirm its presence in your system. However, there are a few ways to prevent yourself against most other types of malware including this one.
The first and foremost thing to do is get a good, proven and working antivirus in your system. That’s very crucial as the security vendors are always working hard to provide the best possible security. Check out the best antivirus of 2018.
Next, you have to always double-check your address before clicking the “SEND” button. It’s A MUST!!! Without double-checking, you’ll end up being the loser. It’s also strongly recommended that you exercise cautions and safe internet usage behavior.