Hackers hide crypto address-swapping malware in Microsoft Office add-in bundles
0
0
A malware that swaps a victim's copied crypto wallet address with an attacker's is being included with Microsoft Office extension packages on SourceForge.
Malicious actors are attempting to steal crypto with malware embedded in fake Microsoft Office extensions uploaded to the software hosting site SourceForge, according to cybersecurity firm Kaspersky.
One of the malicious listings, called “officepackage,” has real Microsoft Office add-ins but hides a malware called ClipBanker that replaces a coped crypto wallet address on a computer's clipboard with the attacker's address, Kaspersky’s Anti-Malware Research Team said in an April 8 report.
“Users of crypto wallets typically copy addresses instead of typing them. If the device is infected with ClipBanker, the victim’s money will end up somewhere entirely unexpected,” the team said.
0
0
Manage all your crypto, NFT and DeFi from one placeSecurely connect the portfolio you’re using to start.
