On 13th June 2018, Chinese security firm Qihoo 360 Total security announced the discovery of a cryptocurrency clipboard hijacker that have affected nearly 300,000 computers. However, a report from Bleeping computer showed that the problem is far more severe and widespread than initially believed. The report says that almost 2.3 million bitcoin addresses are monitored by hackers waiting for an opportunity to steal Bitcoin, the world’s most valuable cryptocurrency. This is far greater than the original estimate of 400,000 to 600,000 affected cryptocurrency addresses.
What is Clipboard Wallet Hijacker?
Clipboard wallet hijacker is a type of Trojan program that hides beneath the operating system to detect strings matching Bitcoin or Ethereum addresses. When something similar to that address is detected, the program tampers with the receiving address and redirects the transfer to their own wallet. This is dangerous to users as most still use copy/paste to enter long addresses for sending and receiving cryptocurrencies. An unlucky user can fall prey to this trojan and lose all cryptocurrency in his wallet.
Fortunately, there have not been major hacking incidents yet. As reported by Etherscan.io and Blockchain.info, hackers have succeeded in stealing only .51 BTC and 0 ETH till now. This is equivalent to $3000.
The giveaway scammers
Clipboard wallet hijacker has managed to steal a small amount of cryptocurrency. In comparison, the giveaway scammers plaguing Ethereum have succeeded in stealing 8.148 Ether equivalent to $4 million through fake twitter accounts. With the help of these fake accounts, unsuspecting Twitter users are tricked into sending their cryptocurrency to hacker’s accounts. Many crypto Twitter personalities have lamented that the actions of scammers have hampered the true progress of cryptocurrencies by littering tweets with fake promotions.
Protect your keys
The major loophole in security is that of cryptocurrency exchanges. When users subscribe to exchange, they entrust their assets and the power to control their private keys to them. This has not ended very well in the following scenarios.
- Gox – this exchange has managed nearly 70% of world bitcoin transactions. The two hacks have stripped of 2609 BTC in 2011 and 750,000 BTC in 2014, nearly $350 million. This has led to the shutdown of the company.
- Bitfloor – this exchange has lost 24000 BTC in 2014. That is equivalent to $150 million and the company has shut down.
- Bitstamp – this Slovenian exchange lost 19,000 BTC in 2015. It narrowly escaped shut down and now handles $72 million daily transactions today.
- Bitfinex – Bitfinex lost 120,000 BTC or $72 million in 2016. The company compensated the users and is now operating at reduced capacity today.
Increase awareness of security measures
Cryptocurrencies are valuable and continue to attract hackers and scammers who want to steal digital coins. You need to follow the basic security measures to protect yourself.
- Use a better address validator to check and confirm addresses while sending and receiving cryptocurrencies.
- Be wary of users who promise 5-10x returns. Do not entrust your digital assets to them.
- Choose a cryptocurrency exchange properly while storing assets. Utilize external hardware wallets like Ledger Nano S or Trezor.