Reading: Ethereum Just Shot Up $250 But Don’t Bet on That Resistance Breaking

Arbismart Logo
News

Cryptocurrency Malware ComboJack Targets Clipboard Data – Here’s How to Protect Yourself

Avatar

Melanie Kramer | Apr 02, 2018 | 16:30

Cryptocurrency Malware ComboJack Targets Clipboard Data - Here's How to Protect Yourself News

Cryptocurrency Malware ComboJack Targets Clipboard Data – Here’s How to Protect Yourself

Avatar

Melanie Kramer | Apr 02, 2018 | 16:30

Advertisement
Send
Share

Malware identified by Palo Alto Networks targets data held on user clipboards from cut, copy and paste actions. ComboJack is a trojan able to replace unsuspecting user’s wallet data with the wallet address of an attacker.

ComboJack embeds itself on user systems with a possible source identified by Palo Alto Networks as phishing or malspam email. ComboJack will then frequently check the system clipboard for copied cryptocurrency wallet information.

If a genuine wallet address is identified, it is then replaced with a hardcoded wallet address presumed to belong to the attacker. Users unwittingly paste the incorrect wallet address when making a cryptocurrency transaction and send funds to the attacker instead of their desired location.

Beware of Phishing Emails

Researchers discovered the malspam targeting Japanese and American users with a campaign that could look something like this:

Beware of Phishing Emails

Opening an attached PDF file results in a message referring to an embedded doc file, which if opened, releases the ComboJack trojan to a user’s system.

The malware has been found to target Bitcoin, Litecoin, Monero and Ethereum cryptocurrency wallet addresses as well as Yandex and WebMoney in USD and rubles.

Microsoft Updates Provide Protection from ComboJack

The vulnerability exploited by ComboJack has been patched by Microsoft, so as long as users are running up to date operating systems they should be protected.

Users can also add protection for themselves from ComboJack and similar malware by not opening or downloading files with an unknown origin, and by ensuring that they are running active virus protection software.

Double Check when Pasting Wallet Information

Cryptocurrency owners should also check when copying and pasting that their entered transaction information matches the information they originally copied to ensure they are not mistakenly using an incorrect wallet address.

Checking transaction destination addresses before finalizing a transaction is a measure that may also prevent accidental transfers to incorrect wallets.

A quick double check of data can help to protect against losing funds to malware like ComboJack and CryptoShuffler, a similar malware program, and identify if a potential problem exists on a user’s system.

Have you lost coins in a malware attack or been hit by ComboJack? Let us know in the comments.

Image Courtesy of Shutterstock, Palo Alto Networks

BitStarz Player Lands $2,459,124 Record Win! Could you be next big winner?

Tags: , , ,
Send
Share
Show comments
bitcoin
News

Bitcoin Community Cringes as Federal Reserve & the Treasury Look to Crack Down

The Bitcoin community is cringing as the Federal Reserve and the Financial Crimes Enforcement Network, a branch of the U.S. Treasury, looking to decrease the reporting requirements...

Nick Chong | 3 months ago
Why Bitcoin Just Surged to $13K in Belarus Amid Massive Protests
News

Why Bitcoin Just Surged to $13K in Belarus Amid Massive Protests

Belarus has become a hot ground of the great Bitcoin experiment as the country dwells into one of its most disturbing civil crisis. Ask prices for the world’s leading...

Yashu Gola | 4 months ago
bitcoin, btcusd, cryptocurrency, xbtusd, btcusdt
News

Bitcoin Poised to Retest $12K After FOMC Minutes, Data Shows

Bitcoin fell towards $11,500 on Wednesday, a move that followed its brief rally above $12,000 earlier this week. The correction appeared as a testament to profit-taking behavior...

Yashu Gola | 5 months ago