Unknown Sources Target Crypto Investors with Malicious Computer Programs
Software specifically developed to remove malicious software Malwarebytes found two new varieties of malicious computer programs that are targeting bitcoin investors in desktop settings in an aggressive manner. These malware are of the spyware and adware kind. Malwarebytes was able to uncover these malicious programs, which are being distributed by unknown sources.
The findings of the threat intelligence research team at Cisco Talos indicate that the two malicious files in question, the MortalKombat ransomware and the Laplas Clipper malware threats, have been actively scouring the Internet since December 2022 in search of unsuspecting investors to rob of their cryptocurrency holdings. The threats in question are the MortalKombat ransomware and the Laplas Clipper malware threats. As can be seen in the table that follows, the majority of individuals whose lives have been altered as a result of this campaign reside in the United States of America. On the other hand, a much lower number of persons in the United Kingdom, Turkey, and the Philippines have been impacted.
The malicious programs work together to steal information from the user’s clipboard, which is often a string of letters and numbers that the user has copied and pasted onto their clipboard. There is a risk that the malicious program will steal this information. After that point, the virus will check the clipboard for any wallet addresses that have been pasted into it, and it will replace those addresses with a whole new one.
The success of the attack is dependent on the user not paying close enough attention to the sender’s wallet address, which in turn enables the bitcoin to be sent to an unidentified adversary. Because of this, the attacker may conceal their identity. The attack is aimed against a diverse assortment of targets, including individuals, little organizations, and big ones.