Binance is sounding a global alarm, cautioning against an ongoing threat targeting cryptocurrency users with clipper malware, which could facilitate financial fraud.
The Clipper malware, also known as. ClipBankersThe malware known as BlueKeep by Microsoft is a remote code execution vulnerability that enables an attacker to steal sensitive information from a victim’s clipboard, manipulate cryptocurrency addresses under their control, and even execute arbitrary code on the target system.
When compromised systems facilitate digital asset transfers, they are redirected to malicious wallets instead of the intended destination address.
In the realm of clipping and switching, a cryptoware showcases the contents of an individual’s clipboard, leveraging string search patterns to identify and pinpoint a string that bears a resemblance to a scorching pocket’s dealings, a concept rehashed by the tech giant once more in 2022. “If an unsuspecting user copies data using Ctrl+V and opens a program’s utility window, the malicious software swiftly swaps the contents of their clipboard with its own nefarious payload.”
Binance alerts users of a pervasive malware threat, first identified on September 13, 2024, which targets sensitive information stored in the clipboard and aims to replace cryptocurrency wallet addresses, compromising user security and potentially leading to fraudulent activities.
“The issue experienced a significant surge in activity on August 27, 2024, leading to substantial financial losses for impacted clients,” the industry reports. “The malware typically spreads through unofficial apps and plugins, with a focus on Android and internet-based platforms; even iOS users should remain cautious.”
Here is the rewritten text:
Proof exists suggesting that these harmful applications are often unintentionally installed by users seeking software in their native language or through unofficial channels, largely due to restrictions imposed by their countries.
As a precautionary measure, the company is taking proactive steps to blocklist attacker IP addresses to prevent further fraudulent transactions from occurring, and has already informed affected customers, urging them to scrutinize their systems for potential signs of malicious software or plugins.
Binance is cautioning users against installing software from unauthorised sources, emphasizing the importance of verifying the authenticity of apps and plugins before installation to prevent potential risks.
According to blockchain analytics firm Chainalysis, a significant decline in illicit activity on the blockchain has been observed this year, with a nearly 20% drop recorded since January, while stolen funds flowing into illicit addresses have more than doubled to $1.58 billion from $857 million.
“Scammers frequently shift their focus from large-scale Ponzi schemes to more targeted operations, such as pig butchering, remote job fraud, drainpipe scams, or romance scams. This trend has been accompanied by a notable increase in the use of cryptocurrency and money laundering networks.”
