Cryptoshuffler trojan diverting bitcoin payments to criminal's pockets
Cryptoshuffler trojan diverting bitcoin payments to criminal's pockets

Cryptocurrency mining may be all the rage right now, but some malicious actors are finding it easier to use a specialized trojan that simply steals the money right out of a digital wallet.

The CryptoShuffler Trojan uses the devices clipboard and depends upon the user not paying enough attention during the transaction process, Kaspersky Labs reported. So far the process has allowed 23 BTC, or about $145,000, to be stolen in the year that CryptoShuffler has been in the wild. It is also capable of targeting Ethereum, Zcash, Dash and Monero.

CryptoShuffler takes advantage of the transaction process the currencies use. Once installed on a device the malware monitors the clipboard, where the user's wallet ID is normally stored, and when a transaction is recognized as taking place it replaces the correct destination address with its own diverting the funds.

“CryptoShuffler's ability to replace a destination literally takes milliseconds because it's so simple to search for wallet addresses – the majority of cryptocurrency wallet addresses have the same beginning and certain number of characters. Therefore, intruders can easily create regular codes to replace them,” Kaspersky said.

The other key aspect is the fact that most people do not pay attention to what is going on when conducting this type of transaction.

“When making a payment, users do not usually check their multi-digit numbers, especially since the wallet addresses in blockchain are complicated and often very difficult to remember. Users don't pay much attention to checking any distinctive features in the transaction line, even if a slight change could cost them a lot,” the company said.

The bad guys can be stopped by simply paying attention and making sure the wallet ID pasted into the destination address to make sure it is your own.