Anti-malware software Malwarebytes highlighted two new forms of malicious computer programs propagated by unknown sources that are actively targeting crypto investors in a desktop environment.
Since December 2022, the two malicious files in question — MortalKombat ransomware and Laplas Clipper malware threats — have been actively scouting the Internet for stealing cryptocurrencies from unwary investors, revealed the threat intelligence research team, Cisco Talos. The victims of this campaign are predominantly located in the United States, with a smaller percentage of victims in the United Kingdom, Turkey, and the Philippines, as shown below.
The malicious software work in partnership to swoop information stored in the user’s clipboard, which is usually a string of letters and numbers copied by the user. The infection then detects wallet addresses copied onto the clipboard and replaces them with a different address.
The attack relies on the user’s inattentiveness to the sender’s wallet address, which would send over the cryptocurrencies to the unidentified attacker. With no obvious target, the attack spans individuals and small and large organizations.
All Comments