BitCoin Clipper Malware steals funds from cryptocurrency wallets
Cybercriminals released a new BitCoin Clipper malware virus to steal cryptocurrencies. The malware inserts itself into a victim's computer and intercepts clipboard information secretly redirecting the users crypto-wallet cryptocurrencies to the criminal’s wallet. Malware affects and steals from many of the popular crypto’s Bitcoin, Dash, Monero, Ethereum and others.
Primary focus of the BitCoin Clipper is to steal crypto. Secondary is to spread itself with other malware’s as evident from its name Trojan Downloader. This type of infection can be used to download other malicious malware to infect the machine further. Creating a compromised machine that is difficult to clean up using current antivirus software packages.
Once the user machine is infected, BitCoin Clipper modifies the machine to disable detections. One way that BitCoin makes sure that it is always active is to modify the Windows registry to load the program every time the machine is rebooted. The malware then proceeds to establish a connection to its host, deletes files and launches new processes on demand. These types of machine modifications are difficult to clean up and revert manually. The virus is known as starter.exe is downloaded from insecure sites distributed by pirated software and email spam.
In addition to its main function of stealing crypto, BitCoin Clipper is capable of spreading itself with other malware. Most popular of these viruses is Supreme and Poulight botnets. These viruses are designed to steal sensitive data and send spam via the botnet, further infecting more machines in the process. Together these viruses pose dangerous infections resulting in identity theft and monetary losses. Malware detects and steals user information when particular when users go online using browsers such as Chrome, Mozilla, Firefox. The behavior is not visible to the users that continue using their computers without recognizing that there is a problem.
BitCoin Clipper removal might be difficult due to malware disabling and corrupting installed security programs. Security programs might not report that the malware has infected your machine. If you are not sure if your machine is infected with malware after doing a security scan, seek help configuring your machine. These types of botnets were the cause of most infection viruses that spread banking trojans and ransomware. Users are advised to take precautions by monitoring their activity on line.