Hackers Can Steal Your Coins Using Clipper Malware

If you’re a regular user of digital currencies such as bitcoin, you may not be aware that there are malicious codes out there that hackers can use to steal your coins. This is more so due to the false sense of security that a user develops over time. One of these malicious codes is the clipper malware, which has been instrumental to losses incurred by many crypto users.

As you’re aware, sending virtual currencies is as simple as copying the destination address and pasting same, then clicking on the send button. What happens if you send your coins to a designated address but later found out that the coins were not delivered to the recipient’s address? This could happen as a result of clipper malware, especially if you go through the blockchain explorer and find out that the address string has been altered.

What is Clipper Malware?

A clipper malware is a malicious code that hackers use in stealing cryptocurrencies from unsuspecting users. This code works by changing the destination address of the recipient to that of the hacker right on the clip board.

When the sender pastes the address where they intend to send the coins and click the send button, the cryptocurrencies are sent to the hacker’s address that has been replaced that of the recipient. This happens on this clip board where the sender wouldn’t be privy to the change that has taken place.

In other words, when the destination address was selected and copied through ctrl A and ctrl C, the malware that is resident in the clipper board effectively swaps the recipient address with that of the hacker. Oblivious of this change, the sender paste the hacker’s own address on the transaction field instead of the intended destination address. When they send the coin, it is transferred to the hacker’s wallet.

The fact that cryptocurrency transactions are irreversible then works to the advantage of the hacker, who steals the coins of users who are oblivious of the swap in destination address initiated by the clipper malware in their own wallets.

Who is At Risk of Clipper Malware Threat?

There are so many users of cryptocurrencies who are not even aware of the existence of clipper malware. Some of these people have been using digital currencies for years without incidents and have grown a sense of security in the inherent safety of blockchain. What they failed to understand is that points of weaknesses outside the blockchain are regularly exploited by hackers, as seen from clipper malware.

In 2019 for instance, a security expert, Lukas Stefanko found out that hackers successfully has a clipper malware embedded app hosted on Google Play. The consequence of this is that users who used the cryptocurrency app for cryptocurrency transactions may have lost their funds in the process. 

A bitcoin user reported on BitcoinTalk of their experience with clipper malware. The user reported that they sent BTC valued $1000 to someone for a service, but 3 hours later, the coin remained undelivered. He decided to check on the explorer after the person complained that nothing was received but was shocked to find a different destination address.

How To Keep Your Funds Safe

Security experts recommend some measures such as: 

  • Cross checking the destination address string carefully before hitting the “send” button. It is not even enough to check the first few characters. Be sure that you’re sure that you’re sending to the designated destination address before initiating the transaction. Every character in the address must be checked, especially if the amount that you’re sending is substantial.
  • They recommend that crypto users switch to Linux as preferred operating system. Windows, especially Window 10 features a keylogger, Cortana capable of storing user data in Microsoft cloud, through which hacker could breach user security.
  • It’s also not a bad idea to manually type some of the characters in the address and cross check that all of them correspond with the original address.
  • This one should be obvious: Never download apps from sources that you cannot vouch for. This is especially so with platforms that are not open to audits.

Author: Jofor Humani

Jofor is a crypto journalist with passion for investigative reviews.