Kaspersky Lab Discover New Hijacking Malware CryptoShuffler

User Rating: 0 / 5

Star InactiveStar InactiveStar InactiveStar InactiveStar Inactive

New Malware, CryptoShuffler, a clipboard hijacking attack designed to change the addresses of the users’ cryptocurrency wallets has been discovered by Kaspersky Lab researchers.

“After initialising, the CryptoShuffler Trojan starts to monitor the device’s clipboard, utilised by users when making a payment. This involves copying wallets’ numbers and pasting them into the “destination address” line of the software that is used to carry out a transaction. The Trojan replaces the user's wallet with one owned by the malware creator, meaning when the user pastes the wallet ID to the destination address line, it is not the address they originally intended to send money to. As a result, the victim transfers his or her money directly to the criminals, unless an attentive user spots the sudden replacement”.

So far, based on observations from Kaspersky Lab researchers, the criminals behind the CryptoShuffler trojan have mostly succeeded in attacks against Bitcoin wallets - they were able to steal 23 BTC, which is equivalent to almost £105,923. The total amounts in other wallets ranges from a few dollars to several thousand dollars.


+44 (0) 1903 723 548

Microexpert Limited
Gratwicke House
10 East Street
West Sussex
BN17 6AW, UK

© 2018 Microexpert. Registered number 01755695.