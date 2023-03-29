A malware campaign that is targeting cryptocurrency wallets was recently disclosed by security researchers at Kaspersky. Kaspersky researchers detailed the findings in a recent advisory, stating that the attacks were first observed in September 2022 and consisted of threat actors deploying malware to replace part of clipboard contents with cryptocurrency addresses. The attacks are relatively simple, however, they can be dangerous for users by creating irreversible money transfers. Additionally, Kaspersky states that the attacks are passive and therefore difficult for a normal user to detect.

The security firm also states that Clipboard injectors can be silent for years and show no signs of presence until they replace a cryptocurrency wallet address. Therefore, a target may not even realize the attack before it is too late. Kaspersky stated that the malware campaign relying on this technique was observed abusing Tor Browser installers.

