Bitcoin hacks are seemingly more and more sophisticated by the day. I see it like this, for every ‘level up’ the technology industry reaches, the criminal underworld seem to get a multiplier and level up twice as fast. Hackers are always two steps ahead of the game.
There’s a chance that the hackers all work for the people supposedly bolstering the security of technology, but that’s an argument for another day, though it does almost justify this strange and infuriating correlation.
News of the latest hack type, that is alleged to have drained $60,000.00 comes from Securityintelligence.com, a website managed by IBM. It follows research by Fortiguard Labs, who have discovered a ‘clipboard hijacker’ named BitcoinStealer.exe that is able to locate Bitcoin wallet keys that have been copied by a user, then edit them in the background (ever so slightly) so the user in turn, copies a new address into their transaction, meaning the Bitcoin isn’t sent to the person or wallet they intended and instead, it hits the pockets of the scammers.
According to IBM:
“Bitcoin Stealer instead uses an executable to monitor an infected computer’s clipboard content for signs of a bitcoin address. Assuming it finds one, Bitcoin Stealer replaces the copied bitcoin address with one that has similar strings at the beginning and end of its wallet address. Using this technique, Bitcoin Stealer injects itself into bitcoin transactions and tricks users into sending cryptocurrency to a wallet controlled by the cyberattacker behind the malware. Bitcoin Stealer is the latest threat capable of monitoring and changing clipboard content — but it’s not the first. The malware comes on the heels of Evrial, which hit in January 2018, according to Bleeping Computer. It also follows CryptoShuffler, which redirected $150,000 in the fall of 2017.”
Read the full article for yourself, here.
This current example, Bitcoin Stealer, has been found to have stolen around $60,000.00 according to the FortiGuard Labs experts after running on numerous machines since April 2018.
This should serve as a reminder of just how risky cryptocurrency investment is. Even if you trade well, do your research and take every precaution you can, hackers will still find a way to access your funds without you ever knowing. Apply the same rules you would follow during standard web browsing to everything you do within crypto too. Never copy and paste passwords, don’t download from sources you don’t trust and always run with a reliable and up to date antivirus software. You can protect yourselves from these scams, but you do need to be super careful in order to do so.