Microsoft discovers new lightweight backdoor that steals cryptocurrency
Summary
Microsoft discovered a new malware called Crypto Clipper that spreads through USB drives and steals cryptocurrency wallet information by watching what users copy on their devices. The malware sends stolen data and screenshots to attackers anonymously through the Tor network, allowing criminals to redirect cryptocurrency payments to themselves.Key Facts
- Crypto Clipper spreads via USB drives using special shortcut files (.lnk) that run harmful code.
- It monitors clipboard data for cryptocurrency wallet addresses or secret seed phrases that control wallets.
- When it finds these details, it sends them along with five screenshots to attackers through the anonymous Tor network.
- The malware replaces copied wallet addresses with ones controlled by attackers to steal payments.
- It uses a lightweight backdoor that does not rely on traditional installation or direct internet connections.
- Crypto Clipper hides its presence by renaming infected USB drive files to look normal.
- Microsoft Defender antivirus tools can detect parts of this malware under specific suspicious activity names.
- The malware’s use of scripting and anonymous communication gives attackers ongoing control and quick financial gain.
Read the Full Article
This is a fact-based summary from The Actual News. Click below to read the complete story directly from the original source.