Tech 3 July 2018

Erik Gibbs

2.3M crypto addresses at risk due to Clipboard malware

Crypto enthusiasts, you’ve been warned. A technical support site, Bleeping Computer (BC), is sending a loud message to users to double-check cryptocurrency wallet addresses before sending transactions due to a serious issue with a particular piece of malware. The malware is able to redirect transactions and its creators are said to now be monitoring over two million cryptocurrency addresses.

According to a notice on the company’s website, the malware is able to monitor Windows Clipboard to check for crypto wallet addresses. BC founder and computer forensics scientist Lawrence Abrahams explained, “This type of malware, called CryptoCurrency Clipboard Hijackers, works by monitoring the Windows clipboard for cryptocurrency addresses, and if one is detected, will swap it out with an address that they control.”

BC also indicated that the malware could be monitoring up to 2.3 million addresses, all of which are at risk of being replaced by addresses that are controlled by the hackers. The malware sits in the background with no evidence that it is running, making it extremely difficult to know that a computer has been infected.

“…[It] is important to always have an updated antivirus solution installed to protect you from these types of threats. It is also very important that all cryptocurrency users to double-check any addresses that they are sending cryptocoins to before they actually send them,” said Abrahams.

The Windows Clipboard malware has been seen in the past. However, it now is making a comeback and spreading deeper. This latest version was hidden in an executable called ‘All-Radio 4.27 Portable.’ The actual program is legitimate; however, the malware authors copied it and created a fake version that includes the virus. After the application is installed, a DLL file called d3dx11_31.dll is downloaded to the Windows Temp folder and another file called ‘DirectX 11’ is queued to run the DLL as soon as a user logs onto the computer.

A video on how the infection works can be found on YouTube. While it is possible to remove the infection, the process is not an easy one and could require specialized technical assistance to ensure that all traces of the malware are removed from an infected machine.

Note: Tokens on the Bitcoin Core (SegWit) chain are referenced as BTC coins; tokens on the Bitcoin Cash ABC chain are referenced as BCH, BCH-ABC or BAB coins.

Bitcoin Satoshi Vision (BSV) is today the only Bitcoin project that follows the original Satoshi Nakamoto whitepaper, and that follows the original Satoshi protocol and design. BSV is the only public blockchain that maintains the original vision for Bitcoin and will massively scale to become the world’s new money and enterprise blockchain.

COMMENT

latest news

How Metanet creates an immutable Internet

Tech 15 February 2019

How Metanet creates an immutable Internet

Metanet and Bitcoin were roughly conceived “in the depths of the late 90s” from the concept of an economically incentivized Internet, according to nChain Chief Scientist Dr. Craig Wright.

Read More
HSBC slashes forex costs with blockchain

Tech 15 February 2019

HSBC slashes forex costs with blockchain

The firm confirmed it had reduced costs for its forex business by as much as 25%, in what analysts describe as an example of the importance of distributed ledger technology to banks and their bottom lines.

Read More
UC Berkeley launches blockchain accelerator for startups

Tech 14 February 2019

UC Berkeley launches blockchain accelerator for startups

The University of California, Berkeley recently announced the launch of a new blockchain-focused accelerator, the Berkeley Blockchain Xcelerator for blockchain startups.

Read More