Tech 3 July 2018

Erik Gibbs

2.3M crypto addresses at risk due to Clipboard malware

Crypto enthusiasts, you’ve been warned. A technical support site, Bleeping Computer (BC), is sending a loud message to users to double-check cryptocurrency wallet addresses before sending transactions due to a serious issue with a particular piece of malware. The malware is able to redirect transactions and its creators are said to now be monitoring over two million cryptocurrency addresses.

According to a notice on the company’s website, the malware is able to monitor Windows Clipboard to check for crypto wallet addresses. BC founder and computer forensics scientist Lawrence Abrahams explained, “This type of malware, called CryptoCurrency Clipboard Hijackers, works by monitoring the Windows clipboard for cryptocurrency addresses, and if one is detected, will swap it out with an address that they control.”

BC also indicated that the malware could be monitoring up to 2.3 million addresses, all of which are at risk of being replaced by addresses that are controlled by the hackers. The malware sits in the background with no evidence that it is running, making it extremely difficult to know that a computer has been infected.

“…[It] is important to always have an updated antivirus solution installed to protect you from these types of threats. It is also very important that all cryptocurrency users to double-check any addresses that they are sending cryptocoins to before they actually send them,” said Abrahams.

The Windows Clipboard malware has been seen in the past. However, it now is making a comeback and spreading deeper. This latest version was hidden in an executable called ‘All-Radio 4.27 Portable.’ The actual program is legitimate; however, the malware authors copied it and created a fake version that includes the virus. After the application is installed, a DLL file called d3dx11_31.dll is downloaded to the Windows Temp folder and another file called ‘DirectX 11’ is queued to run the DLL as soon as a user logs onto the computer.

A video on how the infection works can be found on YouTube. While it is possible to remove the infection, the process is not an easy one and could require specialized technical assistance to ensure that all traces of the malware are removed from an infected machine.

Note: Tokens on the Bitcoin Core (SegWit) chain are referenced as BTC coins; tokens on the Bitcoin Cash ABC chain are referenced as BCH, BCH-ABC or BAB coins.

Bitcoin Satoshi Vision (BSV) is today the only Bitcoin project that follows the original Satoshi Nakamoto whitepaper, and that follows the original Satoshi protocol and design. BSV is the only public blockchain that maintains the original vision for Bitcoin and will massively scale to become the world’s new money and enterprise blockchain.

COMMENT

latest news

Pakistan eyes blockchain for digitalization of government processes

Tech 18 April 2019

Pakistan eyes blockchain for digitalization of government processes

A meeting chaired by Pakistan Prime Minister Imran Khan discussed ways in which technologies such as blockchain could be used to ensure efficiency of government processes.

Read More
Accenture, Generali taps blockchain for employee benefits

Tech 18 April 2019

Accenture, Generali taps blockchain for employee benefits

Global management consulting firm Accenture has teamed up with Generali Employee Benefits to develop what they referred to as a unique employee benefits system powered by blockchain.

Read More
Bitcoin SV and the roadmap to Genesis

Tech 17 April 2019

Bitcoin SV and the roadmap to Genesis

Coming soon will be a network upgrade called Quasar, which is currently scheduled for July 24 and centers on increased scaling capabilities.

Read More