The web has a new virus-trojan CryptoShuffler, which specializes in the theft of cryptocurrency as reported by Kaspersky Lab.
Kaspersky Lab explained the algorithm of its operation as quite simple, It resides quietly in the computer’s memory and monitors the clipboard — the temporary storage area for cut/paste operations.
As soon as CryptoShuffler spots the address of a cryptocurrency wallet on the clipboard (it’s quite easy to distinguish these addresses by line length and specific characters), it replaces the address with another.
As a result, the cryptocurrency transfer does indeed go through, and in the amount specified by the payer, only the recipient address has been compromised.
This malware is not only peculiar to bitcoin but also Ethereum, Monero, Zcash, Dash, Dogecoin and other cryptocurrencies. Its simples work by substituting your copied bitcoin wallet address with another.
It is noted that in this way the attackers have already managed to steal about 23 BTC($140,000) at the current exchange rate.