Of all the things Cryptocurrencies have brought along, there are one everyone wishes they could have spared us and that is the growing imagination of hackers in coding malware. ComboJack which recently sprung is the latest proof to exploit an old susceptibility in Microsoft DirectX.
ComboJack is a new email-based malware which targets the Japanese and American web surfers and steals cryptocurrency during transactions. When it is installed and running in the background, this malware captures the victim’s extended cryptocurrency wallet address which is stored in the Windows clipboard.
Because of their extreme length, many users just copy and paste that thread of characters, and that is the best time for ComboJack to attack. It’s a variant of the cryptocurrency stealer known as CryptoJack. It was discovered by researchers at Palo Alto Networks.
ComboJack grabs the address of the victim’s cryptocurrency wallet which is copied to the clipboard, and it is then replaced with the address of the hacker’s wallet. As a result, it is believed this is how the hackers manage to transfer the digital currency to their virtual wallets when they are alternatively pasting a different destination unknowingly into the transaction before completion.
When it finds one, it swaps it with what is believed to be the wallet address of the infiltrator. This is the same thing with the CryptoShuffler malware discovered in 2017 which exploited clipboards in the same fashion.
ComboJack, on the other hand, works with several cryptocurrencies and has a more refined delivery system if you are a primary or basic computer user, you may not notice the intrusion easily.
In 2017, CryptoShuffler was the first malware used to steal, but it was solely focused on the Bitcoin. In 2018, ComboJack has arrived, but this time targeting not only Bitcoin investors, but investors in Ethereum, Litecoin, Monero, and many other cryptocurrencies. Nevertheless, the route this malware is taking can be avoided by opting not to open an emailed attachment from untrusted sources.
Because in both examples, the malware is based on the ignorance of the victim, the most specific method to circumvent cryptocurrency loss is by verifying the wallet addresses after you paste them.