A new survey on a well known A malware reveals that its creators managed to steal at least $ 24 million in cryptocurrency by grabbing a victim's clipboard.
Cybersecurity researchers on Avast pins activity to the MyKings botnet clipboard stealing module, pressing top of the work carried out by SophosLabs researchers.
Avast analysis uncovered more1,300 new wallet the addresses that were used to transfer over $ 24 million to Bitcoin , Ethereum and Dogecoin alone. TechRadar needs you!
We are researching how our readers are using VPNs with streaming sites like Netflix so that we can improve our content and offer better advice. This survey will take no more than 60 seconds of your time, and we would be very grateful if you could share your experiences with us.
>> Click here to start the survey in a new window <
“MyKings has been a long-standing botnet and implacable which has been active since at least 2016, ”Avast shares, adding that in addition to clipboard thieves, the botnet's vast infrastructure consists of several other parts and modules, including the bootkit, coin miners, droppers, etc.
Thief of clipboard
As the name suggests, the clipboard thief watches the clipboard for content, such as wallet addresses, and then manipulates it to entice them. users to paste a different value than the one they copied, relying on the fact that users do not expect to paste different values than the one they copied.
The researchers suggest that it will take special care and attention for anyone to ensure that wallet addressesuille, which come in the form of a fairly long string of random numbers and letters, has not been manipulated.
This is why despite the rather simple approach, the attackers managed to hijack transactions and route more than $ 24,700,000 to their wallet instead of the intended recipient.
The researchers add that they found several comments from people at BlockChain Explore services that claim to have sent threat money to Actor's wallets by mistake, requesting that it be returned.
"In response to this malicious activity, we want to increase awareness of frauds like this and strongly recommend that people always check the details of the transaction before sending any mail. money ”, warn the researchershours.