A new investigation into a well-known malware reveals that its creators have managed to steal at least $24 million in cryptocurrency by taking over a victim's clipboard.
Cybersecurity researchers at Avast pin the activity to the clipboard stealer module of the MyKings botnet, building on top of the work done by researchers at SophosLabs.
Avast’s analysis unearthed over 1300 new wallet addresses that have been used to transfer over $24 million in Bitcoin, Ethereum and Dogecoin alone.
- We've put together a list of the best endpoint protection software
- Check our list of the best firewall apps and services
- Here's our choice of the best malware removal software on the market
“MyKings is a long-standing and relentless botnet which has been active from at least 2016,” shares Avast, adding that the in addition to clipboard stealers, the botnet’s vast infrastructure consists of several other parts and modules, including bootkit, coin miners, droppers, and more.
Clipboard stealer
As its name suggests, the clipboard stealer monitors the clipboard for specific content, such as wallet addresses, and then manipulates it to trick the users into pasting a different value from the one they copied, counting on the fact that users do not expect to paste values different from the one that they copied.
The researchers suggest that it’ll take special care and attention for anyone to ensure that the wallet addresses, which are in the form of a rather long string of random numbers and letters, haven’t been manipulated.
This is why despite the rather simple approach, the attackers have managed to hijack transactions and route over $24,700,000 to their wallets instead of the intended recipient.
The researchers add that they found several comments from people at BlockChain Explorer services who claim to have sent money to the threat actor’s wallets by mistake, asking for it to be returned.
“In response to this malicious activity, we want to increase awareness about frauds like this and we highly recommend people always double-check transaction details before sending money,” warn the researchers.
- Protect your devices with these best antivirus software
