Crypto-Mining Malware Steals $1.7 Million From Transaction Hijacking

Analysts from the Broadcom-owned cybersecurity company Symantec have identified a new cryptocurrency mining malware called Clipminer that stole nearly $2 million by hijacking crypto transactions, Bleeping Computer reported Thursday.

Crypto-Mining Malware Steals $1.7 Million

The researchers discovered that Clipminer has the same functionalities as the notorious KryptoCibule malware which was released two years ago. The trojan is known for bypassing security and antivirus solutions to siphon funds from crypto wallets. 

According to the report, Clipminer was named by the team of security researchers who discovered its existence. The malware started operations back in January 2021 and has remained functional since then. It has stolen over $1.7 million from victims.

Like KryptoCibule, Climpiner is also based on the Tor network, which steals wallets, bridges transactions, and mines cryptocurrencies on infected computers. 

The malware spreads through its host computer as a WinRAR archive and is installed without seeking permission under a random file name, making it impossible to detect.  After its successful installation, it then profiles the host to find a safe place to hide before starting its mission. 

The Symantec analysts also found that the spyware had reached a large capacity before its discovery and during the time of study discovered that the stolen funds had been distributed across 4,375 cryptocurrency wallets.

Experts have warned that cryptocurrency users should always be on guard and make sure to cross-check any wallet address before initiating a transaction. 

Hackers Target Crypto Users

The cryptocurrency industry has been a target of many malicious actors since it became a public interest, and hackers frequently deploy moves to cart away investor funds. 

In June 2021, Avast, a cybersecurity company based in the Czech Republic, discovered malware designed to mine privacy-focused cryptocurrency Monero (XMR) on powerful gaming computers.  The malware, called Crackonosh, was found in cracked versions of gaming programs downloaded on different torrent sites. 

The discovery was made after many of its users complained about the disappearance of the antivirus on their computers on social media. 

In 2020, Coinfomania reported that Cado, a U.K.-based cyber security company, uncovered crypto-mining malware that stole Amazon Web Service data from about 119 infected devices.