The officials of a malware strain known since CryptoShuffler should earn at least $150,000 value of Bitcoin by applying an extremely simple scheme.
Crooks infect users with their trojan, which then sits idly on users’ computers and does nothing but watch the user’s clipboard and replace any string that looks like a Bitcoin wallet with the attackers’ address.
During the offering requires to perform a return and copy-pastes the wallet ID inside a down range, if the user doesn’t notice the new address, crooks would receive the payment
CryptoShuffler has been active since 2016.
The Trojan must be doing the shots for notably than a year. Transactions to CryptoShuffler’s Bitcoin wallet gave their peak in late 2016, but Kaspersky Lab discovered a new campaign in June 2017.
“The malware described is a perfect case of a ‘rational’ gain,” said Sergey Yunakovsky, Kaspersky Lab malware investigator. “The system of its method is easy and effective: no way to pools, no network interaction, and no suspicious processor load.”
CryptoShuffler targets other cryptocurrencies as well.
Besides Bitcoin, crooks including targeted containers for other cryptocurrencies, before-mentioned as Dogecoin, Litecoin, Dash, Ethereum, Monero, and Zcash.
That funds in the wallets for the other cryptocurrencies do pennies either, varying from tens to thousands of US dollarsCryptoShuffler is one of the most successful malware families targeting cryptocurrencies to date. For example, another malware author wasted months scanning for vulnerable IIS servers to install a Monero miner, only to make $63,000
. Making over $150,000 for some code that watches the clipboard and replaces a string is quite the ROI (return on investment)
CryptoShuffler MD5 hash: