Bleeping Computer has come across a sample of clipboard hijacking malware used to steal cryptocurrency transactions that is monitoring 2.3 million cryptocurrency addresses.

That number is about four times what Bleeping Computer normally sees being tracked by this type of malware. The new recently distributed malware is part of the All-Radio 4.27 Portable package of malware that installs rootkits, miners, information-stealing Trojans and can send spam from your computer, according to Bleeping Computer.

The malware named d3dx11_31.dll is downloaded into the Windows Temp folder and is run each time the user logs onto the computer. Like other clipboard hijackers, it then searches the computer’s clipboard for one of the millions of wallet addresses. If one is found it swaps out the correct one with the cybercriminal’s wallet address effectively redirecting any deposits.

The malware is very circumspect and simply running in the background, Bleeping Computer said, adding the best way to protect a computer is to have an antivirus solution installed. In addition, it is suggested that those using cryptocurrency wallets need to double check any address before making a deposit.