Frost Clipper Malware Description
The Frost Clipper malware is designed to scan the clipboard on the systems it has infected, and substitute its content with a crypto-wallet address under the control of the hackers. This has become a popular operation for cybercriminals who aim to intercept any cryptocurrency transfer made on the affected machines. After all, the crypto-wallet addresses are represented as massive strings of symbols that no user can remember realistically and then type out when they can simply copy and paste it.
This is where clipper threats such as the Frost Clipper show their threatening capabilities. They access the clipboard space and wait for appropriate data to be detected. Then, they substitute the saved string with one of their own, leading to the user send the money to the wrong wallet realistically - that of the hackers.
Frost Clipper itself is written in C++ and is being offered for sale on underground hacker forums. The author of the threat appears to be offering the malware to mainly Russian-speaking would-be criminals because the advertising materials for Frost Clipper have been displayed solely in Russian. According to the descriptions, the malware is capable of maintaining a minimal presence on the breached system, autostarting its process, and affecting several of the popular crypto-wallet platforms. The price of the malware is set at 500 Rubles.