Dismiss Notice
Welcome to the forum.

If your computer has been locked down by ransomware and you need help, please create an account on our forum and make a post in the Ransomware Help & Support section of the forum.

You can also create an account to talk to other members with similar interests as you (eg. ransomware) or help someone who is having trouble.

Clipboard hijacking malware could be more profitable than ransomware?

Discussion in 'Payment Negotiations, Bitcoin & Darknet' started by Alchemist, Jun 28, 2017.

  1. TS
    Alchemist

    Alchemist Administrator Staff Member

    Joined:
    Jan 30, 2017
    Messages:
    97
    Likes Received:
    3
    Trophy Points:
    8
    Let's say the malware targets bitcoin addresses. When the victim copy and pastes the person's bitcoin address, it gets hijacked by the malware and is replaced with the criminal's bitcoin address.

    So the victim ends up sending BTC to the criminal instead of the person they wanted to send BTC to.

    I'm not sure how often this happens, but this seems like it would be more profitable than certain types of ransomware going around the world wide web. It's a nasty trick but don't you think it could be more profitable than ransomware? Why do you think people are resorting to ransomware when the possibility of this exists?
     
  2. Yapoz

    Yapoz Moderator Staff Member

    Joined:
    Dec 30, 2016
    Messages:
    151
    Likes Received:
    16
    Trophy Points:
    18
    I have seen this around on the darkweb before. One guy claims to have nicked 3 BTC in one go.

    I think this is definitely something more cybercriminals may consider, given that it's a lot more stealthy and one could build a big network without anybody else being the wiser.

    It's also conceivable to combine the two in order to "double dip". Tell the victim they need to pay to address A, then when they copy it replace it with address B, then tell them that they failed to pay the ransom.
     
  3. Senor.Bla

    Senor.Bla Member

    Joined:
    Sep 19, 2016
    Messages:
    203
    Likes Received:
    20
    Trophy Points:
    18
    That is why one should always double check the address. It will not be just one different letter, but a total different address, so it is easy to notice if you look.

    The failed attempt would be not so easy to realise since you would need a solution tailored to the wallet of the victim.
     

Share This Page