top of page


Apr 20, 2023

Malware steals data from clipboard

Today’s news might make you clip your nails a bit shorter. Unit 42 has discovered a new malware campaign that's targeting Portuguese speakers and stealing cryptocurrency from unsuspecting users. 

This is Katy Craig in San Diego, California.

The malware, aptly named CryptoClippy, uses a sneaky tactic called cryptocurrency clipping to replace the user's wallet address with the attacker's address in the victim's clipboard. This leads to users accidentally sending their hard-earned crypto to the wrong place.

To spread its evil tentacles, the malware uses Google Ads and traffic distribution systems to redirect victims to fake WhatsApp Web applications that look legit, but are really just a bunch of zeros and ones hiding CryptoClippy. And who's at risk, you ask? Well, victims have been found in a range of industries, from manufacturing to IT services to real estate.

So keep your eyes peeled, and your clipboards clean, folks. And remember, always be on the lookout for sneaky cyber criminals trying to get their hands on your cryptocurrency. 

This is Katy Craig. Stay safe out there!

bottom of page