Binance has issued an alert about a “global threat” from hackers. According to the exchange’s security team, the attackers are reportedly running malware capable of stealing cryptocurrencies through compromised applications.
“We have identified a global malware issue that is significantly impacting cryptocurrency transactions by altering withdrawal addresses during the transaction process.”
Binance
According to the report from Binance, this is a type of attack known as “clipper malware.” This malware is capable of intercepting data stored in a device’s clipboard and changing it. It primarily targets cryptocurrency addresses such as Bitcoin. This means that when a user uses an infected app and copies and pastes a Bitcoin or other cryptocurrency address to make a withdrawal, the malware changes this information to the attacker’s address.
As a result, The victim suffers an irreversible loss of his money when making the transaction to the malicious address if you don’t notice the change before.
Binance’s security team said they detected a spike in malware activity on August 27, “resulting in significant financial losses for affected users.”
They also point out that This type of malware is usually distributed through “unofficial” applications and plugins, particularly through Android apps and web plugins. However, they say iOS users should be on the lookout as well.
“Many users unwittingly install these malicious applications while searching for software in their native languages or through unofficial channels, often due to restrictions in their countries,” the exchange team notes.
The warning did not specify which applications or web plug-ins were affected by the malware, nor did it provide figures on potential losses.
Preliminary measures to stop the attack
The Binance security team is already taking measures. The first of these is to blacklist the suspicious addresses of attackers, in order to prevent further fraudulent transactions. According to Binance, this has already prevented numerous attacks from being perpetrated.
Additionally, the exchange informed affected users about the malware with the recommendation to check their devices for any suspicious software or add-ons.
Finally, the team asked affected users for details about suspicious activities and the thefts that had occurred, to identify and analyze the malware and plug-ins involved.
This method had been used by attackers relatively frequently between 2017 and 2019. However, there were not many reports about this malware in subsequent years. Until last year, when it was detected that a clipper malware had stolen USD 400,000 in cryptocurrencies in a matter of months, as reported by CriptoNoticias.
Cryptocurrency thefts are the order of the day, and those affected are not just new users. In June last year, a Binance user suffered the loss of a million dollars, although in that case the attackers used other methods.
