Trojan spotted for the first time at the start of February. BitPay, one of the top Bitcoin payment processors, has published a public service announcement regarding a new emerging threat named Coinbitclip.
Discovered at the start of February, Coinbitclip is a trojan that after infecting users works by keeping a watchful eye over the victim’s clipboard.
When the user copies or cuts a string that resembles the format of a Bitcoin wallet address, Coinbitclip looks at an internal list of Bitcoin addresses, all under the attacker’s control, finds the one that looks most like the user’s address and replaces the address in the user’s clipboard with its own.
With the help of this sneaky trick, the crooks behind Coinbitclip can hijack Bitcoin transactions and make a profit on the back of infected users.
Back at the start of February, when Symantec detected Coinbitclip for the first time, the company said the crooks behind this trojan were bundling it with the Hearthstone Hack Tool, an app that promises to provide unlimited gold and dust for Hearthstone players.
BitPay says it didn’t receive complaints from customers that reported hijacked transactions traced back to Coinbitclip, but it’s raising the alarm nevertheless, so customers would know and be aware that such threat exists.
With companies involved in the Bitcoin ecosystem falling left and right to all kinds of cyber-attacks, BitPay is playing the “better be safe than sorry” card, warning customers in advance.