What is the issue - A new phishing campaign disguised as ‘Bitcoin Investment Update’ delivers clipboard hijacker malware in order to steal Bitcoins from victims.
The big picture
Researchers from My Online Security detailed the steps taken in this new phishing campaign that delivers clipboard hijackers.
Why it matters - ‘Task.exe’ clipboard hijacker monitors the Windows Clipboard for bitcoin addresses and if any detected, it will swap it for the bitcoin address (3MSghqkGW8QhHs6HD3UxNVp9SRpGvPkk5W) that is owned by the attacker.
“As cryptocurrency addresses are typically long and hard to remember, attackers understand that when sending bitcoins, most people will copy an address from another page, site, or program. This malware will detect the copied address in the clipboard and replace it with their own in the hopes the victim won't notice the swap,” researchers said.
What should you do to protect yourself?