Kaspersky Discovers Cryptoshuffler, a Cryptocurrency Stealing Trojan

Scientists at the Kaspersky Lab have as of late found another malware named CryptoShuffler Trojan that is being utilized by cybercriminals to take cryptocurrencies from a client’s wallet. This trojan functions in a way that, it replace the wallet address of the user by it’s own.

The security firm studied about the trojan to discover that a target of 23 BTC worth nearly $100,000 is estimated to be stolen by cybercriminals using popular cryptocurrencies like Ethereum, Bitcoin, Dash, Monero, etc

Sergey Yunakovsky, a malware analyst at Kaspersky Lab, said,

“Cryptocurrency is not a far-off technology anymore. Lately, we have observed an increase in malware attacks targeting different types of cryptocurrencies and we expect this trend to continue.”

Old techniques are being used by cybercriminals to steal so that less time and resources are required. The user is directed to any third malicious website while they target online payment systems which resemble a pattern of clipboard hijacking attacks that have been carried out since years.

Wallet ID of the recipient which is a unique multi-digit number is to be known by the user to transfer crypto coins. The system operating with this ID is targeted by the CryptoShuffler Trojan. The Trojan monitors the clipboard utilized for payment by users once it’s initialized. The wallet numbers are copied by the Trojan and pasted in destination address in the software for the transaction to occur. The user’s wallet ID is replaced with its own in the destination address. If the user doesn’t recognize the change occurred in a sudden,the amount gets transferred to the malware address.

As participation of retail investors have increased tremendously to invest in cryptocurrencies, cybercriminals are increasing activity to target new investors. Before performing actions such as money transfer, it is advised to learn about the process and access websites using secure devices.


Please enter your comment!
Please enter your name here