CryptoShuffler Malware Trojan
3 min read

Beware the CryptoShuffler, A Trojan that Will Steal Your Coins

By Editorial Team

Given that so many people are moving into cryptocurrencies and are using them to make payments, a new opportunity has opened up for cyber criminals. We have all heard of the high profile ransomware hacks that make a public statement by requesting BTC in return for decryption services, yet there are many more threats which work by being unnoticeable.

One of these latest threats that has been disclosed by Kaspersky labs is a Trojan that attempts to change your Cryptoccurrency address when you copy and paste it. Hence, it makes you an unwitting agent that inadvertently sends funds to the malware creator.

What is the Cryptoshuffler?

The CryptoShuffler is a Trojan that avoids any sort of flashy displays or effects. It tries to slip onto your PC and not be noticed. Once it is there, it will remain in your PC’s memory and keeps tabs on your clipboard. This is the temporary storage area in your memory where the PC keeps your cut / paste operations.

So, if you were to copy an address from an exchange or receive an address from someone you were paying, the Trojan would automatically identify this as a cryptocurrency address. This is usually quite easy to do as cryptocurrency addresses are rather unique and the type of characters gives it away.

Upon spotting the address, the Trojan swaps out the copied one for that of the Malware’s author. Hence, when you paste the address in your wallet and sign the transaction, the funds will go to the wrong address and end up in the hands of the criminal. As you may know, Bitcoin transactions are immutable and cannot be reversed, so this is an easy way for them to get away with your coins.

Results of the Shuffler

When Kaspersky studied the malware they discovered that it goes after a whole host of cryptocurrencies including Bitcoin, Monero, Ethereum, Zcash, Dash and a number of other lesser known types. So far, the Trojan has been able to grab about 23.24 BTC. You can see the running total to the Bitcoin address on blockchain.info. Below is the amount and number of transactions as it stood at press time.

CryptoShuffler Trojan Wallet

Image Source

In the malware creator’s other wallets, there appeared to be funds ranging from a few dollars to thousands of dollars. The Trojan has also been around for some time and has been operating since at least 2016. There is no doubt though that the disclosures and more awareness around Bitcoin addresses could have stemmed the flow.

Lessons to be Learnt

What this Trojan shows us is that there are a number of threats from hackers with cryptocurrency. Some may choose to hold your PC ransom while others may use your processing power for “mineware” to mine cryptocoins. Others may use your complacency for social engineering attacks such as phishing. Yet, in the case of the CryptoShuffler, merely changing your address is enough steal a substantial amount of coins.

The lesson?

Always double check the address that you are sending coins to. Even though your PC may not be infected, it is good practice and can limit the potential incorrect transactions.

Featured Image via Fotolia

Editors at large. Posting the latest news, reviews and analysis to hit the blockchain.
View all posts by Editorial Team -> Best Crypto Deals ->

Latest Posts

PrimeXBT vs Bybit 2022: Which Exchange is Best for Crypto Trading?

PrimeXBT vs Bybit 2022: Which Exchange is Best for Crypto Trading?

September 27, 2022 26 min read
How to Buy Bitcoin on Binance

How to Buy Bitcoin on Binance

September 26, 2022 7 min read
How to buy Polkadot at FTX
How to Buy Polkadot (DOT) on FTX Exchange
How to buy Polkadot at FTX

How to Buy Polkadot (DOT) on FTX Exchange

September 23, 2022 9 min read
Crypto Safety 101: How to Protect your Crypto

Crypto Safety 101: How to Protect your Crypto

September 22, 2022 44 min read
Blockchain Security: How to Understand Blockchain Audits to Stay Safe in DeFi

Blockchain Security: How to Understand Blockchain Audits to Stay Safe in DeFi

September 21, 2022 26 min read
IDEX Review
IDEX Review 2022: The First Hybrid Approach to Non-Custodial, High-Performance Crypto Trading
IDEX Review

IDEX Review 2022: The First Hybrid Approach to Non-Custodial, High-Performance Crypto Trading

September 14, 2022 37 min read
Using Modern Portfolio Theory to Build a Crypto Portfolio
Using Modern Portfolio Theory and How to Build a Crypto Portfolio
Using Modern Portfolio Theory to Build a Crypto Portfolio

Using Modern Portfolio Theory and How to Build a Crypto Portfolio

September 12, 2022 48 min read

Related Posts

Crypto Safety 101: How to Protect your Crypto

Crypto Safety 101: How to Protect your Crypto

September 22, 2022 44 min read
Blockchain Security: How to Understand Blockchain Audits to Stay Safe in DeFi

Blockchain Security: How to Understand Blockchain Audits to Stay Safe in DeFi

September 21, 2022 26 min read
Top 5 Crypto Scams to Avoid in 2022

Top 5 Crypto Scams to Avoid in 2022

September 7, 2022 30 min read
What is Etherscan and how to use it
Etherscan Review: Public Face of Ethereum
What is Etherscan and how to use it

Etherscan Review: Public Face of Ethereum

August 30, 2022 16 min read
Can you still make money mining Monero
Can You Still Make Money Mining Monero in 2022?
Can you still make money mining Monero

Can You Still Make Money Mining Monero in 2022?

August 27, 2022 16 min read
Crypto Staking Complete Guide
Stake and Earn: Complete Guide to Staking Crypto
Crypto Staking Complete Guide

Stake and Earn: Complete Guide to Staking Crypto

August 25th, 2022 33 min read
What is a rug pull
Crypto Rug Pulls: How To AVOID Them and Keep SAFE!
What is a rug pull

Crypto Rug Pulls: How To AVOID Them and Keep SAFE!

August 13, 2022 15 min read