A new threat to your crypts. Last September, Kaspersky’s scientists revealed that several hundred veered mobile applications were circulating in the Google Store. No wonder they had it after your crypto. Recently, the Kaspersky Cybersecurity team emphasized a new threat, this time focused on the extension of Microsoft Office.
- Kaspersky scientists have discovered hidden malware in the extension of Microsoft Office specially focused on your cryptocurrencies.
- This malware, named Clipbanker, secretly replaces crypt -coated addresses with hackers, threatening your financial transactions.
Malware in Microsoft Office extension
PUSH Microsoft Office Suite It is a link for individuals and professionals. And that, hackers understood it.
8th April scientists from Kaspersky The alarm sounded again. Again this applies to a Malware that has it after your cryptocurrencies. No wonder this is Well hidden in the heart of the bonus on the first harmless.
In practice, there is no one other than Extension to complete the officeMicrosoft Office solution that allows you to add functions to office applications. A solution that especially appreciates developers who can adapt the software to their comfort.
Although the legitimate code of this extension is available on Github, the version offered Sourceforge contains malicious software. As a reminder is the SourceForge website to download various software, the type of software supermarket.
Clipbanker, copy and insert that can cost expensive
Once the software is installed, this will multiply the action to protect yourself. Initially, it checks that the machine is no longer infected so that it is not embarrassed.
He then performs a number of events aimed at hiding his action on the machine so that he is not detected by antivirus.
Finally, as soon as it is well installed, it takes measures. You can imagine its goal is simple: your cryptocurrencies.
While most malware of this type will look for your private keys and other seed phrases, this uses another method. In fact, it will use malware called Clipbanker. The aim of this Replace any crypt address that would be copied in the mailbox using the HACKER controlled address.
So, without suspicion, you copy your address for the transfer, the malware will replace it with the Hacker address, and if you are not cautious, you send your resources to the hacker rather than to the address you originally copied.
“Cryptographic wallet users usually copy addresses instead of writing them. If the device is infected with a clipbanker, the victim’s money will be found at a completely unexpected place.” »
According to Kaspersky teams, this malicious software focuses mainly on Russian users.
Although the use of poisoning software is not innovative, this malware varies on several points. On the one hand, it is contained in a source software that is often considered safe, namely SourgeForge. On the other hand, rather than stealing your private keys, it focuses on copy and insertion.
Recently experts from Kaspersky also revealed the main sales device for Android phones, a new look that contained malware. As always, the mission of malicious software is to steal the cryptocurrency of users.
