Iată cum să protejați cripto-ul de deturnarea clipboard-ului

Clipboard hijackers know that remembering long alpha-numeric wallet addresses can make crypto transactions cumbersome. For example, a Bitcoin address can be between 26 and 35 characters long.

Just one wrong or missed character could result in lost and irretrievable crypto. Therefore, copy and paste can look oh-so inviting when tasked with getting each character correct. 

But cybercriminals are counting on a dependence on Control + C / Cmd + C to divert cryptocurrency transfers straight to their own wallets.

In a fraction of a second, you could send your crypto directly to the criminal whose malware has been hidden on your computer for months.

A relatively simple piece of malicious code will replace a wallet address saved to the clipboard of a computer running Windows OS.

This means that when the mark hits paste (Control + P / Cmd + P) they have unwittingly entered the clipboard hijacker’s address.

Citeşte mai mult: Hackerii adolescenți care au furat 800 USD Bitcoin încă ar putea scăpa cu asta

Un Reddit utilizator was lucky enough to spot a last-minute change to a copy-pasted wallet address when attempting to transact between crypto exchange Kraken and a Monero wallet.

“When I copy and paste my wallet address from Kraken, the pasted address is not the same. Is this normal or a virus?,” asked the Reddit user.

Un alt utilizator a descoperit a piece of clipboard hijacking malware hidden in a Reddit post about best privacy practices for Windows 10 users.

Clipboard hijacking is as easy as copy and paste

Clipboard hijacking is essentially a passive scam. Bad actors trick users into installing software, and the stolen crypto rolls in.

According to AV-Test, there are over 1 miliarde pieces of malware on the internet. More than half of that software is Trojan horses, malicious code hidden in otherwise innocent-looking programs.

The worst part is the would-be crypto thieves don’t even have to be particularly good at coding. There are several varieties of clipboard hijacking software freely available online.

In 2018, a pair of British teenagers managed to steal more than 16 Bitcoin (worth $650,000 today). The clipboard hijacking code was smuggled inside a downloadable crypto wallet which they shared on Reddit.

However, some clipboard hijacking campaigns are operating on a much larger scale. BleepingComputer tracked one piece of malware which monitoare more than 2 million crypto addresses.

In early 2019, the first-ever Android clipboard hijacking malware was a descoperit on the Google Play store hidden in a fake MetaMask app.

Similarly, hackers can use this technique to steal sensitive data and fiat. Clipboard hijackers can use the malware to harvest bank details and credit card numbers that are added to the clipboard.

How to keep your clipboard safe from hackers

While crypto theft via a hijacked clipboard is a relatively new grift, it’s likely you’ve had your clipboard hijacked before.

Often news websites will add a link or a credit to an excerpt of an article that you add to your clipboard. However, most victims of the more sinister version of this technology won’t notice until it’s too late.

Cybercriminals are always coming up with new attack vectors to get malware on your machine.

Indeed, Reversing Labs discovered around 760 exemple of hijacking code across the open-source software repository Ruby Gems.

Developers the world over contribute to repositories like Ruby Gems and incorporate code found in the libraries into commercial software. So keeping your anti-virus software up to date is essential.

Web browser Opera 84 comes with a “Paste-Protection” feature that watches out for any last-second changes to pasted information. You can run an Opera browser on Windows, Linux, and macOS.

Citeşte mai mult: Hackerul ar fi putut tipări „Ether” nelimitat, dar a ales în schimb o recompensă de 2 milioane USD

“Paste Protection protects you from [clipboard hijacking]. When you copy sensitive data in Opera Browser, the data is monitored for changes for some time or until you paste the data. If the data is changed by an external application, a warning is displayed,” Opera said (de Softpedia News).

But ultimately. your best line of defense is to type out the destination address one character at a time and dubla triple-check that it’s correct.

Urmareste-ne pe Twitter pentru știri mai informate.

Apar acum: primele patru episoade din seria noastră de podcast de investigație aflată în desfășurare Inovat: Blockchain City.