Hackers are hijacking copy and paste to steal millions of dollars in cryptocurrency

Make sure you double-check the complete wallet address before initiating transfers, researchers warn

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

A new investigation into a well-knownmalwarereveals that its creators have managed to steal at least $24 million in cryptocurrency by taking over a victim’s clipboard.

Cybersecurityresearchers atAvastpin the activity to the clipboard stealer module of the MyKings botnet, building ontop of the workdone by researchers at SophosLabs.

Avast’s analysisunearthed over 1300 newwalletaddresses that have been used to transfer over $24 million inBitcoin, Ethereum and Dogecoin alone.

We’re looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won’t take more than 60 seconds of your time, and we’d hugely appreciate if you’d share your experiences with us.

Click here to start the survey in a new window«

“MyKings is a long-standing and relentless botnet which has been active from at least 2016,” shares Avast, adding that the in addition to clipboard stealers, the botnet’s vast infrastructure consists of several other parts and modules, including bootkit, coin miners, droppers, and more.

Clipboard stealer

As its name suggests, the clipboard stealer monitors the clipboard for specific content, such as wallet addresses, and then manipulates it to trick the users into pasting a different value from the one they copied, counting on the fact that users do not expect to paste values different from the one that they copied.

The researchers suggest that it’ll take special care and attention for anyone to ensure that the wallet addresses, which are in the form of a rather long string of random numbers and letters, haven’t been manipulated.

This is why despite the rather simple approach, the attackers have managed to hijack transactions and route over $24,700,000 to their wallets instead of the intended recipient.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

The researchers add that they found several comments from people atBlockChain Explorerservices who claim to have sent money to the threat actor’s wallets by mistake, asking for it to be returned.

“In response to this malicious activity, we want to increase awareness about frauds like this and we highly recommend people always double-check transaction details before sending  money,” warn the researchers.

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

Phishing attacks surge in 2024 as cybercriminals adopt AI tools and multi-channel tactics

This new phishing strategy utilizes GitHub comments to distribute malware

Smeg Combi Steam Oven review: a multi-functional countertop oven that looks stunning and cooks well