Kaspersky Discovers CryptoShuffler Trojan Malware

The malware switches the copied address for the address of the wallet belonging to its creator.

When we think of cryptocurrency hackers, it’s easy to imagine complex pieces of malware that worm their way into our computers using methods that only a computer scientist could understand. However, the reality of software that is designed to steal cryptocurrency is often quite different from this esoteric vision.

One such piece of malware, recently discovered by Kaspersky, has been designed to simply replace a wallet’s address with its own address in the device’s clipboard when an address has been copied. So-called “clipboard hijacking” attacks that redirect users to malicious websites and target online payment platforms are rather old hat at this point–that is, they have been around for some time.

Join the iFX EXPO Asia and discover your gateway to the Asian Markets

Despite how old it is, this particular method of digital theft has not been used to target cryptocurrency on any serious level until recently. The simple method has been surprisingly successful; Kaspersky reported that the virus had managed to make off with nearly $140,000 worth of Bitcoin.

‘CryptoShuffler’ Hijacks Your Device’s Clipboard

The malware, called a CryptoShuffler Trojan, enters computers disguised as a harmless pieces of software downloaded from the internet. Once the malware is on a device, it analyses everything that the user copies until it recognizes a cryptocurrency wallet address.

Suggested articles

ACY Securities Asia Trading Cup Returns for 2nd YearGo to article >>

The malware then switches out the copied address for the address of the wallet belonging to its creator. If the device’s user manages to catch the difference between the address they have copied and the address they have pasted, they may manage to avoid sending their funds irretrievably to the thief; if not, they are out of luck. Because crypto addresses are long strings of random characters, it is highly unlikely that someone who wasn’t specifically watching for this kind of attack would notice one happening.

The CryptoShuffler Trojans that Kaspersky have identified are being created to target big name coins like Ethereum, Bitcoin, and Monero.

Protecting Yourself and Your Coins

Kaspersky’s Sergey Yunakovsky, malware analyst, has said that the rising popularity of cryptocurrency makes it even more necessary for “users considering cryptocurrency investments at this time need to think about ensuring they have proper protection.”

Truly, as the world of cryptocurrency continues to grow, the threats to the safety of a user’s coins grow with it. To protect yourself, be sure to keep your antivirus software up-to-date, your passwords protected, and your coins as far offline as possible.

Got a news tip? Let Us Know