BitCoin Clipper

Cybersecurity specialists saw the creation of new malware types trying to exploit this new facet of modern-day life with the emergence of the Bitcoin and the cryptocurrency boom that followed it. The BitCoin Clipper belongs to this malware threat kind. It attempts to interfere with any cryptocurrency transfer initiated on the infected machine by substituting the recipient's cryptocurrency wallet address with one that is under the hacker's control.

The BitCoin Clipper achieves its goal by replacing clipboard data. Cryptocurrency wallet addresses are represented by a lengthy string of characters that are nearly impossible to remember, and that's why most people simply copy and then paste them into the transaction window. The BitCoin Clipper intercepts the clipboard data, and when the data is pasted, what comes out is a different address that belongs to the criminals.

While sending money to the wrong address can lead to considerable losses, the BitCoin Clipper goes far beyond that. It has expanded functions and can further infect the targeted system with additional malware. Among the additional malware, can be a botnet mining client, or an information collector threat capable of exfiltrating system data such as usernames, device name, operating system version, etc. Furthermore, according to researchers, data also could be extracted from several social, file sharing, and other applications, some of which are Discord, Skype, Telegram, Steam, FileZilla and NordVPN.