Ever rising market value of cryptocurrencies attracts not only new investors but also thiefs and hackers. While mere two years ago malware specifically targeting cryptocurrencies was a rare phenomenon, today they are springing up like mushrooms after the rain. The latest in series of the more successful ones is trojan horse called CryptoShuffler which already managed to steal more than 150 000 USD worth of cryptocurrencies.
CryptoShuffler is operating on a very simple principle, though. In the moment when user copies a crypto-address into clipboard, the malware simply switches it for another one. Due to irrevocability of cryptocurrencies‘ transactions, the user, if he does not notice the switch, is sending his money into the thief’s pocket without chance of ever getting them back.
Identifying a crypto address is quite easy for the malware – most of cryptocurrencies‘ addresses have approximatly the same lenght and the same structure, as the thief’s address for example: 1v9UCfygQf3toN1vA5xyr7LhKmv9QWcwZ.
More than 23 BTC were deposited on it thus far, which makes it over 150 000 USD with the current all-time high price. CryptoShuffler is also capable of stealing cryptocurrencies other than Bitcoin, such as Dogecoin, Litecoin, Dash, Ethereum, Monero, and Zcash.
Effective defense, other than having a quality antivirus software and not installing untrustworthy apps, is to always check that that the copied address and the filled address match. This is the best practice even if no trojan horses ran around, due to the irrevocable nature of cryptocurrencies‘ transactions.
Author: Vojtěch Bínek