CryptoBandits Malware Steals Cryptocurrency from Clipboard

Microsoft has discovered a new strain of malware called CryptoBandits that targets cryptocurrency users. This sophisticated cyber threat is an upgrade to traditional 'clipper' malware, which has been monitoring clipboard data for wallet addresses and seed phrases. The malware spreads through infected USB drives and hides original files while creating malicious shortcuts.

CryptoBandits uses a portable Tor client to route its communications through the anonymous Tor network, making it harder to detect. The malware scans the victim's clipboard every half-second, searching for cryptocurrency wallet addresses and replacing them with attacker-controlled addresses. This stealthy approach makes detection through conventional file-scanning methods more challenging.

Microsoft advises users to avoid plugging unknown USB drives into their computers and to verify wallet addresses before sending funds. Keeping security software fully updated is also essential in protecting against emerging cybersecurity threats.