A new clipboard virus threatens Bitcoin and Ethereum wallets, although the hacker has not made any significant profits.
On Time Reporting
The virus now known as “ClipboardWalletHijacker” replaces the addresses copied to a user's clipboard with the address in the hacker's wallet.
“The Trojan monitors clipboard activity to detect if it contains the account address of Bitcoin and Ethereum. It tampers with the receiving address to its own address to redirect cryptocurrency to its own wallet. This kind of Trojans [sic] has been detected on more than 300 thousand computers within a week,” the company wrote.
360 Total Security offered the public the opportunity to review the clipboard virus code. This virus detects the Ethereum addresses by scanning the “0x” at first and then making sure that the string is the correct length according to the protocols.
It also does something similar with Bitcoin addresses, looking for “1” or “3” instead at the beginning of the string and a length of between 25 and 40 characters.
The amount of crypto coins stolen by the hacker amounts to just thousands of dollars, enough to make up for the small amount of time he would have spent writing malware code for these cases.
In the two Bitcoin wallets that the hacker uses in particular, the total amount stolen goes beyond 0.1 BTC, which means a payday of more than $700. So far this may be considered a disappointing figure for a hacker, who probably expected more after infecting thousands of machines.
Last November, a lazy hacker managed to steal some $150,000 from Bitcoin using the same method through a virus known as “CryptoShuffle“.