Beware: Sneaky Clipper Malware Can Hijack Your Crypto Wallet – Here’s How to Protect Yourself
Binance Warns of Growing Malware Threat to Cryptocurrency Users
Binance has issued a global warning to cryptocurrency users about a growing malware threat known as “Clipper malware.”
This malware changes wallet addresses during transactions, causing financial losses. It replaces the wallet address copied by the user with an address controlled by the attacker. As a result, funds are sent to the wrong destination without the user’s knowledge.
Binance Highlights Clipper Malware Risks in Cryptocurrency Trading
From August 27, 2024, Binance reported a surge in incidents. While Android users are primarily targeted, iOS users are not completely safe either. Malware spreads through non-official apps and plugins, often appearing from unverified sources, especially when users search for software in their native language.
“We have identified a global malware issue. The withdrawal address is being changed during the trading process. Be especially careful with plugins and apps installed on Android and web apps, and also on iOS,” Binance said.
To mitigate this threat, Binance’s security team has blacklisted suspicious addresses, notified affected users, and is actively monitoring for further risks. Users are advised to triple-check their withdrawal addresses to prevent Clipper malware from interfering with their transactions.
“To be extra secure, take a screenshot of your withdrawal address right before sending the payment and have the recipient check it against the photo, so you don’t give malware a chance to change the text,” Binance advises.
Additionally, Binance emphasized the importance of verifying the authenticity of apps and plugins and using trustworthy security software.
Market analysts point out that the Clipper malware is a variation of the address poisoning attack. Fraudsters use this technique to trick users into sending funds to a similar-looking but fraudulent address. Earlier this year, this tactic resulted in the theft of $7 billion worth of wrapped Bitcoin (WBTC) from an investor.
The Binance warning comes amid a growing trend of malware targeting cryptocurrency users. Earlier this month, McAfee reported a new mobile malware called “SpyAgent” that steals users’ mnemonic keys. A mnemonic key is a 12-word phrase used to recover your cryptocurrency wallet.
Spy agents disguised themselves as banks, governments, and public services. According to McAfee, 280 fake apps have been identified since the beginning of the year.
These threats reflect ongoing issues within the cryptocurrency industry, with the FBI recently reporting that cryptocurrency investors lost $5.6 billion to scams and hacks in 2023.