Cryptocurrency exchange Binance is cautioning users about a global threat targeting cryptocurrency users with clipper malware to facilitate financial fraud.
Clipper malware, also known as ClipBankers, is a type of malware that Microsoft refers to as cryware, designed to monitor clipboard activity and steal sensitive data by replacing cryptocurrency addresses with those controlled by attackers.
This redirection leads to digital asset transfers being sent to a rogue wallet instead of the intended destination.
“Clipping and switching involve a cryware monitoring a user’s clipboard content, searching for hot wallet addresses, and replacing them with an attacker’s address,” Microsoft explained in 2022. “This leads to the user unknowingly sending funds to the attacker.”
Binance, in a recent advisory, reported tracking a surge in malware activity aimed at swapping out cryptocurrency wallet addresses by intercepting clipboard data.
The exchange highlighted a significant increase in such incidents, particularly on August 27, 2024, resulting in substantial financial losses for affected users.
Binance stated that the malware is often distributed through unofficial apps and plugins, especially on Android and web apps, cautioning iOS users to stay alert as well.
Research indicates that users inadvertently install these malicious apps when seeking software in their native languages or from unofficial sources due to country restrictions.
Binance is actively blacklist attacker addresses to prevent fraudulent transactions and has advised affected users to be vigilant for suspicious software or plugins.
The exchange is urging users to refrain from downloading software from unofficial sources, verify the authenticity of apps and plugins, and exercise caution during installations.
Chainalysis, a blockchain analytics firm, recently noted a 20% decline in aggregate illicit on-chain activities this year, yet reported a doubling of stolen funds inflows from $857 million to $1.58 billion.
The firm observed scammers shifting towards targeted schemes like pig butchering, work from home scams, and address poisoning, moving away from widespread ponzi schemes.
Furthermore, Chainalysis highlighted a growing trend of Chinese language marketplaces and laundering networks being used for illicit activities.