KlipboardSpy

The clipboard service is a very helpful tool that most of us use on a daily basis. When you copy a string of text or an image, it is stored in the clipboard feature of your system, which allows you to paste it wherever you wish. However, ever since cryptocurrencies gained traction, cybercriminals have been deploying a new type of malware called ‘clipper.’ Clippers would often keep an eye on the clipboard of the user, and if the threat detects a certain string of characters that appears to be a cryptocurrency wallet, the clipper will replace it with the wallet address of the attackers. This means that the user may end up sending money to the attackers’ wallet instead of the intended address.

Developed as A Proof-of-Concept Tool

Recently, a malware researcher has developed a clipper designed to target iOS devices called KlipboardSpy. The project serves as a proof-of-concept application, and it is not intended to be used to cause harm. The KlipboardSpy threat is not able to alter clipboard data, which means that it cannot hijack cryptocurrency transactions. However, the KlipboardSpy malware can spy on the user’s clipboard and collect data regarding their GPS coordinates. If the user copies a photo containing GPS coordinates, the KlipboardSpy threat will be able to detect that and copy the data. The KlipboardSpy application does not even need to be opened to spy on users – instead, there is a hidden widget that gets planted in the iOS home screen.

It is likely that Apple will release an update that may make the clipboard feature of iOS more secure.