Russian based cybersecurity firm Kaspersky Labs has warned owners of cryptocurrencies that their coins are not safe even in private wallets. A new trojan called CryptoShuffler is stealing coins right from under the noses of users by replacing wallet addresses on a user’s clipboard as they copy and paste wallet data for transfers. No wallet is safe because the trojan utilizes the clipboard function on computers.
The trojan has already caused a substantial amount of damage in just a short time, though the cyber researchers believe the trojan has been working for perhaps a year or more. Per Kaspersky:
“…cybercriminals have already managed to steal 23 Bitcoins, which is the equivalent of approximately $140,000 (as of the end of October). In addition, thousands of dollars of other cryptocurrencies such as Litecoin, Dash, Monero, Ethereum, Zcash and Dogecoin, have been accumulated.”
The most basic way to protect yourself is to carefully compare the address you’ve inputted after copying. Carefully checking wallet addresses for every transaction should keep your funds safe.
However, the trojan developers know that the normal process is simply to copy, paste and send, without carefully checking the address. For this reason, Kaspersky is warning users to take special precautions.
Further, users are advised to utilize an antivirus and anti-malware system in order to detect and remove malicious programs. As the cryptocurrency world continues to grow, risks will continue to increase, and owners will need to be vigilant to protect their funds.