Author

Topic: [PSA]: Binance warns of threat about Clipper Malware (Read 155 times)

hero member
Activity: 1064
Merit: 501
It's been 7 long(2017) years since this clipper malware attack started in crypto. We can't amount to how many coins have been lost to this clipper malware. It's unfortunate that clipper malware is succeeding in the crypto space. Well, the duty lies on us to stay vigilant and protect our coins at all costs by double-checking wallet addresses before sending crypto coins and keeping our software and operating gadgets up to date.

It will not be a good experience to condole with if any of us or our relatives experiences this ''clipper malware''
legendary
Activity: 2716
Merit: 1225
Once a man, twice a child!
It's a good thing that Binance has come public to talk about this clipboard malware. I experienced it not too long ago. It was like a dream but what saved me was my insistence on always running through the first 5 letters, the middle and the last ones. I can't fully remember now what halted me but I think it was the last few letters that spiked my suspicion. I looked closely and there it was, different letters from the copied one. I quickly ended that transaction and logged out. Waited a few minutes and then tried again. It went  successfully.

So, two weeks ago someone in a group I belonged complained about Bybit doing same and changing deposit addresses; I told them it was a malware and that I had experienced it on Binance too. I guess this is now spreading like a wildfire. If these popular exchanges with strong financial strength and trust rating are suffering that, imagine what's happening with average Cexs then.
hero member
Activity: 686
Merit: 403
DGbet.fun - Crypto Sportsbook
He who have ears let him hear.

If Binance is finally saying something about this clipboard hack then it is growing rapidly, they have finally noticed this simply because the numbers of victims are growing, if you like take this like its nothing, I pray you don't become a victim too.

I have a brother who was a victim to clipboard attack on his PC, this was what set him back to the grass, till that time he is still struggling to recover what he lost because it was really a lot of money, those who became a victim are not stupid, they just maybe thought that it can never happen to them.

Don't wait till such happens to you, always be vigilant, cross-check your address again and again before pressing the withdrawal button.
legendary
Activity: 2268
Merit: 1379
Fully Regulated Crypto Casino
That's why it's adviced to check the first few characters and the lasts to be certain you copying the right address
If possible Cross check everything
Can't be too cautious.
For phones, It's most prevalent on Android devices.
Yeah, a friend of mine victimized of this method too. He was shocked that the funds he transact didnt arrived and yet to recognize that the string on the last end was replace by few figures and letters. This is crazy, how does hacker able to change an address close to what the original address of the victim.
legendary
Activity: 3080
Merit: 1353
Clipper malware and clip board virus isn't a new thing in the crypto space and especially in the case of bitcoin it's a very common occurrence. However the more vigilant and current you are the better for you. Of course it can be sometimes difficult to detect some set of malware of these viruses on your computer however the more vigilant and knowledgeable you are about things like this the more difficult it is for you to fall a victim of these kind of attacks.

When doing anything like sending money to wallets addresses it's very important to cross check just to make sure the address hasn't been changed or swapped. Literally if you agree with me everyone copies and pastes addresses and of such you need to check manually if it was changed. To do this you have to be more conscious about the last characters more since it's easier to get an address with similar first characters.

It might not be a new thing for you, but as you can see there are still a lot of victims here that's why Binance makes this announcement on their official page. Which means that criminals are just repeating their old model here, and hiding it on anything that crypto enthusiast will download on their smart phones.

So we still need to be very careful when sending, when we copy the address that we will send to, just make sure that everything is correct and that it is not change by a single character or swapped. Sometimes I do check with the first 3 and last 3 characters, but it's not enough though, we really need to go to the address and make sure that 100% we are sending it to the right one.
hero member
Activity: 1526
Merit: 555
Why binance didn't release address of this scammer in public?
I think that android OS on smartphones is competing with wind0ws OS for most released malware and malicious software.
Best way to protect from this attacks is to stop installing random apps on your phones, have absolute minimum apps on your device especially if you are using that phone for anything related with crypto, banks and financial stuff.

Correct. I forget to mentioned that one reason why there are a lot of victims are per Binance is that individuals are downloading apps from unofficial source and so that's why they got this Clipper malware.

Sometimes it's hard to fathom that people with thousands worth of crypto failed to do diligence when installing apps in their pc or their smartphones.

So let this be a warning to all of us not to downloading anything from unofficial source.
hero member
Activity: 868
Merit: 952
A victim of this https://bitcointalksearch.org/topic/m.63911200
It's quite subtle that the addresses would look so similar if you not careful enough.
That's why it's adviced to check the first few characters and the lasts to be certain you copying the right address
If possible Cross check everything
Can't be too cautious.
For phones, It's most prevalent on Android devices.


The thing is the first letters are almost the same considering the type of address you’re using. This attack is commonly done in such a way that both the prefixes and suffixes are even the same, one need to have the habit of cross checking the entire address before broadcasting the transaction, this malware is even common to laptops or computers than phones, the Windows operating system is one common operating system that can be easily get manipulated, that’s why if there is means with the device the use of the even QR code is way better than copy and pasting the address.

legendary
Activity: 2184
Merit: 1302
Playbet.io - Crypto Casino and Sportsbook
That's why it's adviced to check the first few characters and the lasts to be certain you copying the right address
If possible Cross check everything
It is better to check every character in your address, especially when you are making a transaction of a good amount of money, if you only check the first and last four or five characters, scammers can use vanity address to create an address that looks very similar to your own and you'd miss it and send funds to the scammer, so to be on the safer side, double check all characters if you can.
legendary
Activity: 1890
Merit: 1537
There have been so many victims. Some people are not even aware that their device already has the virus until the damage is done. And once it is done, it is not. There is no reversal.

The best way to know if your device is infected, is to always double check addresses.
It's true as with the increasing number of victims and the increased activity of scammers using Clipboard hijacking, which caused a lot of financial losses to Binance customers who may have accused Binance of fraud as a result of what they were exposed to, which prompted the exchange team to publish this warning announcement to users now, this technique used to hijack the clipboard, despite its old, it may have become more effective lately, especially with many newcomers entering the cryptocurrency space who may not be aware that scammers can manipulate the clipboard and replace their copied wallet addresses.

For android devices, if the user can restore the device to its default setting this can clear of the malware. I am not too sure if an antivirus can detect this in the case that the user is concerned about wiping important document on their device. If the person can't then they should not carry out any financial transactions on that device because the clipper malware cannot work on it own, it needs a copy and paste function to be activated.
Antivirus software will actually be an extra layer of security, and can potentially detect this malware. Also, checking the permissions of the applications, specifically the clipboard permissions granted to these malicious applications, and disabling them would be a good step. It is better to avoid using the primary devices to test these malwares, as dkbit98 pointed out, as there are many who tend to download files from email attachments or prefer using cracked software and apps, which increases the risk.
legendary
Activity: 2212
Merit: 7064
Why binance didn't release address of this scammer in public?
I think that android OS on smartphones is competing with wind0ws OS for most released malware and malicious software.
Best way to protect from this attacks is to stop installing random apps on your phones, have absolute minimum apps on your device especially if you are using that phone for anything related with crypto, banks and financial stuff.
sr. member
Activity: 560
Merit: 265
A victim of this https://bitcointalksearch.org/topic/m.63911200
It's quite subtle that the addresses would look so similar if you not careful enough.
That's why it's adviced to check the first few characters and the lasts to be certain you copying the right address
If possible Cross check everything
Can't be too cautious.
For phones, It's most prevalent on Android devices.

There have been so many victims. Some people are not even aware that their device already has the virus until the damage is done. And once it is done, it is not. There is no reversal.

The best way to know if your device is infected, is to always double check addresses.

For android devices, if the user can restore the device to its default setting this can clear of the malware. I am not too sure if an antivirus can detect this in the case that the user is concerned about wiping important document on their device. If the person can't then they should not carry out any financial transactions on that device because the clipper malware cannot work on it own, it needs a copy and paste function to be activated.
hero member
Activity: 714
Merit: 521
DGbet.fun - Crypto Sportsbook
There's threat on scam from everywhere, not even the exchanges are safe anymore from the way scammers are operating, even if we are using a non-custodial wallet, we are not safe except we are able to maintain a good utilization of our crypto asset, but once we create a vulnerable space for them to be able to attack, then they will find their way in, we should always considers for all this when we are using exchanges because anything can happened at any time.
sr. member
Activity: 910
Merit: 284
Clipboard hijackers are not really a new concept and I wonder what took so long to give this warning right now because I am sure this happens all the time to any kind of wallets/exchanges while sending funds to an address which is why we should never just copy and paste the address they even advanced to create the recieving address similar to the one we copy by having similar characters that starts and ends with.
sr. member
Activity: 448
Merit: 560
Crypto Casino and Sportsbook
Clipper malware and clip board virus isn't a new thing in the crypto space and especially in the case of bitcoin it's a very common occurrence. However the more vigilant and current you are the better for you. Of course it can be sometimes difficult to detect some set of malware of these viruses on your computer however the more vigilant and knowledgeable you are about things like this the more difficult it is for you to fall a victim of these kind of attacks.

When doing anything like sending money to wallets addresses it's very important to cross check just to make sure the address hasn't been changed or swapped. Literally if you agree with me everyone copies and pastes addresses and of such you need to check manually if it was changed. To do this you have to be more conscious about the last characters more since it's easier to get an address with similar first characters.
sr. member
Activity: 490
Merit: 397
Playbet.io - Crypto Casino and Sportsbook
A victim of this https://bitcointalksearch.org/topic/m.63911200
It's quite subtle that the addresses would look so similar if you not careful enough.
That's why it's adviced to check the first few characters and the lasts to be certain you copying the right address
If possible Cross check everything
Can't be too cautious.
For phones, It's most prevalent on Android devices.
full member
Activity: 252
Merit: 175
cout << "Bitcoin";
Binance has issued a warning about a global threat wherein a clipper malware is altering the withdrawal addresses and we really don't know about it until it's too late. And obviously, this groups have been targeting Binance users and they could have been receiving a lot of complaints about it and so they need to warn their users about it.

In the community though, we are not short of reminding crypto enthusiast, newbies of have a experience here to be very careful of this types of attack. You can also read How to lose your Bitcoins with CTRL-C CTRL-V by @LoyceV.


If this information from binance was very recent, then it means that this clipper malware situation is very serious, and it's not just a random malware issue. I remembered reading similar post sometime this week(if I remember correctly), and it turns of to be from my local board. From what I read, the malware changes the output of whatever someone copies on a clipboard, i.e when a user copies and taste a wallet address while making transactions, the malware does the job by replacing the real address with the attacker's.

Some people will want to know about cryptocurrencies and be using it but they do not research about how they can avoid scammers and hackers. It is better for newbies to read about crypto malware and also read about how to avoid them.  This malware is not new.

That's very true. But the chance of a newbie reading/learning about some of these hacks and scamming tactics isn't even 70% guaranteed, except the newbie happens to find him/her in a community that talks about it often, like BTT. Newbies that are new to crypto might be reluctant to this vital information, as they might believe it's not common, and doesn't affect much, but failed to understand that anyone can be a target even while still being a professional or enthusiast.
hero member
Activity: 2632
Merit: 833
I think it's about time that Binance has acknowledged or maybe they are the first exchange to really gives warning about this customer about this potential malware that could be lurking in the shadows and trap them.

Yes, we have been given warnings about this kind of malware, nevertheless, one slip and we all lose our crypto. Might be better to really check our machine as well for anything. And it's better to be paranoid in this world that we move in, just double checking everything before we send our transactions and be sure that the address is correct.
legendary
Activity: 1064
Merit: 1298
Lightning network is good with small amount of BTC
Some people will want to know about cryptocurrencies and be using it but they do not research about how they can avoid scammers and hackers. It is better for newbies to read about crypto malware and also read about how to avoid them.  This malware is not new.
hero member
Activity: 1036
Merit: 933
Find your Digital Services at- cryptolibrary.pro
At last Binance officially announced something about this clipboard virus.  Although this is the third time I've seen this clip board virus thread. Although there have been more multiple time topic discussions about this in the forum.
Although I can't remember exactly whether we had a local mate who was affected by this clipboard virus.  And he lost some of his funds. And one of the things we should keep in mind to avoid clipboard virus I think is to double check every time we copy and paste a wallet address and I do it beforehand.
Anyway, I didn't know that Loycv had a topic in 2019. Thanks for sharing.  Tongue
hero member
Activity: 1526
Merit: 555
Binance has issued a warning about a global threat wherein a clipper malware is altering the withdrawal addresses and we really don't know about it until it's too late. And obviously, this groups have been targeting Binance users and they could have been receiving a lot of complaints about it and so they need to warn their users about it.



https://www.binance.com/en/blog/security/protect-your-crypto-understanding-the-ongoing-global-malware-attacks-and-what-we-are-doing-to-stop-them-7968393135385409266

In the community though, we are not short of reminding crypto enthusiast, newbies of have a experience here to be very careful of this types of attack. You can also read How to lose your Bitcoins with CTRL-C CTRL-V by @LoyceV.
Jump to: