New CryptoJacking Malware Alters Clipboard to Steal Cryptocurrency

[rgMekanic]

Unit 42 researchers have discovered a new malware that steals cryptocurrency by replacing clipboard addresses with an attacker-controlled address. The malware was spread by a "malspam" campaign with an email claiming a passport was lost, and a PDF attached had a copy of the scanned document. The payload, dubbed ComboJack, is fairly clever, by looking for strings of text matching known cryptocurrency wallet addresses in the clipboard and replacing them with one of the attackers.

While the attacker is most definitely a scumbag, you have to give some credit to such a sneaky and elegant solution.

With the proliferation of Cryptomining malware, it is curious to see some actors take a different route to acquiring web-based currency. Cryptoshuffler in 2017 may have been only the beginning of simple, yet effective clipboard stealers like ComboJack. By targeting multiple cryptocurrencies and web based wallets, the author of ComboJack appears to be hedging his or her bets on which currency will boom and which will bust.

 

[Krenum]

 

[BSmith]

Awesome!

 

[Deleted member 93354]

Unit 42 researchers have discovered a new malware that steals cryptocurrency by replacing clipboard addresses with an attacker-controlled address. The malware was spread by a "malspam" campaign with an email claiming a passport was lost, and a PDF attached had a copy of the scanned document. The payload, dubbed ComboJack, is fairly clever, by looking for strings of text matching known cryptocurrency wallet addresses in the clipboard and replacing them with one of the attackers.

While the attacker is most definitely a scumbag, you have to give some credit to such a sneaky and elegant solution.

With the proliferation of Cryptomining malware, it is curious to see some actors take a different route to acquiring web-based currency. Cryptoshuffler in 2017 may have been only the beginning of simple, yet effective clipboard stealers like ComboJack. By targeting multiple cryptocurrencies and web based wallets, the author of ComboJack appears to be hedging his or her bets on which currency will boom and which will bust.

Little Pork Chops minions have to keep him fed. (I'm referring to Kim Jong-un)

 

[Deleted member 93354]

Judge Dredd approves of this post.

 

[serial__thrilla]

This might be what the Binance debacle was created with earlier. Very clever, indeed.

 

[lostin3d]

Grand Theft Crypto Edition. Now available! Requirements: Any computer and a fool willing mess with this stuff.

edit: A fool and their money are soon parted. Anyone involved with crypto currencies should educate themselves in some basic cyber security precautions. Opening emails from people you don't recognize(fail) or expect, opening attachments in said email(fail).

 

[serial__thrilla]

Grand Theft Crypto Edition. Now available! Requirements: Any computer and a fool willing mess with this stuff.

edit: A fool and their money are soon parted. Anyone involved with crypto currencies should educate themselves in some basic cyber security precautions. Opening emails from people you don't recognize(fail) or expect, opening attachments in said email(fail).

What the most ridiculous thing is, is that most of such people getting into crypto don't even know how to handle .zip files, yet all of them wanna make a quick buck, so they get into crypto, and get blatantly (or otherwise) scammed out of their (hard-earned money). It's all FUBARed.