Hackers Are Infecting Crypto Enthusiasts with Clipper Malware, Warns Binance

Crypto exchange Binance is warning crypto holders to watch out for malware designed to alter wallet addresses during transactions, leading to significant losses.

“We have identified a global malware issue that is significantly impacting cryptocurrency transactions by altering withdrawal addresses during the transaction process,” reads the advisory.

“This type of malicious software, often referred to as ‘Clipper malware,’ intercepts data stored in the clipboard, primarily targeting cryptocurrency wallet addresses. When a user copies and pastes a wallet address to transfer cryptocurrency, the malware replaces the original address with one designated by the attacker. If the user completes the transfer without noticing the change, the cryptocurrency is sent to the attacker's wallet, resulting in financial loss.”

Unofficial apps and plugins

The malware is distributed through unofficial apps and plugins, with Binance warning Android and desktop users to be particularly vigilant. While iOS users are less affected, the exchange cautions that Apple customers should also exercise caution.

“Many users inadvertently install these malicious apps while searching for software in their native languages or through unofficial channels, often due to restrictions in their countries,” the advisory adds.

The issue has gained proportions recently, with a noticeable spike recorded on August 27, “leading to significant financial losses for affected users,” according to the company.

The exchange is fighting the issue through notifications, incident reporting, ongoing monitoring, and blacklisting of suspicious addresses.

Some responsibility also falls on the users’ shoulders, though. Binance urges crypto players to:

·      double and triple-check addresses

·      verify the authenticity of the apps and plugins they use for managing crypto

·      only install software from reputable sources

·      take screenshots of the withdrawal address right before sending a payment and have the recipient verify it against a photo to leave text-altering malware no chance

·      install a reputable security solution capable of blocking malware attacks

Crypto theft on the rise

Crypto scams have grown bigger and more sophisticated in recent years. The FBI's latest cryptocurrency fraud report shows a staggering $5.6 billion in cryptocurrency losses in 2023, a 45% jump from the previous year. The spike is driven mainly by fake apps and “pig butchering,” the bureau says.

According to the Bitdefender 2024 Consumer Cybersecurity Assessment Report, netizens' biggest cybercrime worry is having their money stolen. Yet people generally avoid even the easy steps that could help keep fraudsters at bay.

Bitdefender recently posted two comprehensive guides describing scammers’ techniques in detail, offering valuable tips on how to protect yourself – complete with examples from recent incidents reported in the media.

Read: Got a Strange Text? 5 Signs That You’re Being Scammed (and How to Protect Yourself)

Read: Make It Hard for Scammers to Get You! Use These Seven Vital Tips

If you’re a crypto enthusiast, Bitdefender strongly recommends you deploy a dedicated security solution on the devices you use to manage your digital assets.