Cryptojacking Malware Infects 28,000 Devices, Steals $6,000 in Crypto
Please note that we are not authorised to provide any investment advice. The content on this page is for information purposes only.
A cryptojacking and crypto-stealing malware has been discovered by cybersecurity firm Doctor Web, infecting more than 28,000 devices but resulting in relatively low returns for the attackers.
The malware, which masquerades as legitimate software such as office programs, game cheats, and online trading bots, reportedly managed to steal about $6,000 in cryptocurrency.
Malware Targets Thousands in Russia and Beyond
Doctor Web revealed on October 8 that the malware had infected users mainly in Russia but also spread across neighboring countries, including Belarus, Uzbekistan, Kazakhstan, Ukraine, Kyrgyzstan, and Turkey.
❗️Crypto swiping malware has infected over 28,000 devices, stealing just $6K worth of crypto like $BTC and $ETH, according to cybersecurity firm Doctor Web.
The malware, disguising as legit software, mainly targeted users in Russia and nearby regions.
— Block Insider (@BlockInsider_) October 10, 2024
According to Doctor Web, the malware’s source came from fraudulent GitHub pages and malicious links embedded in YouTube video descriptions, targeting users through pirated versions of popular programs.
Despite the scale of the infection, which affected tens of thousands of users, the attackers stole approximately $6,000 in crypto.
The malware employed sophisticated techniques to avoid detection. It used password-protected archives to bypass antivirus scans and disguised itself as legitimate system components to remain hidden.
One of the primary ways the malware stole cryptocurrency was by deploying a “clipper” program that monitors and manipulates the clipboard of infected devices.
The clipper replaces crypto wallet addresses copied by the user with the attackers’ addresses, effectively redirecting transactions to the criminals.
Crypto Community Raises Concerns Over Malware Surge
Clipboard-jacking malware has long been a concern in the cryptocurrency space, especially since its rise during the 2017 bull market.
🚨💔 2 hours ago, another victim lost $68 million by copying the wrong address from a contaminated transfer history. pic.twitter.com/DepNCnyXhM
— Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) May 3, 2024
The malware detected by Doctor Web represents just one of many recent attempts to exploit the growing crypto user base.
In September, Binance issued a warning regarding the surge in clipper malware, particularly noting increased activity in August that led to significant financial losses.
Doctor Web cautioned users to install software from legitimate sources to avoid such malware, as many victims had unknowingly downloaded compromised programs.
This warning echoes broader recommendations from the crypto and cybersecurity communities to remain vigilant in the face of increasing crypto scams.
