TECH NEWS

Microsoft finds USB worm that steals cryptocurrency through clipboard hijacking and Tor

https://media.thenextweb.com/2026/06/microsoft-crypto-clipper-usb-malware-tor-cryptocurrency-theft.avif

TL;DR

Microsoft found a USB worm active since February that hijacks clipboards to swap crypto wallet addresses and routes stolen data through a portable Tor client.

Microsoft Threat Intelligence has identified a new strain of self-propagating malware that spreads through USB drives, monitors the Windows clipboard for cryptocurrency wallet addresses and seed phrases, and routes all stolen data through a portable Tor client to avoid detection. The campaign has been active since at least February 2026, according to Microsoft’s analysis published this week.

The malware, which Microsoft detects as Trojan:Win32/CryptoBandits.A, works as a classic USB worm with a modern payload. When a user plugs in an infected drive, they see what appear to be their usual document files. The originals have been hidden, replaced by Windows shortcut (.lnk) files bearing the same names that silently execute the malware when opened.

The .lnk files scan the drive for documents with .doc,...

Copyright of this story solely belongs to thenextweb.com. To see the full text click HERE

Read more

https://images.axios.com/AIwD0KmVmRoIqpCFRXZsg8AbBuQ=/0x0:1920x1080/1366x768/2019/01/11/1547166725357.jpg

Source: the Trump administration is close to allowing Anthropic to restore access to Fable 5; limits could be lifted as soon as this coming week

Sponsor Posts Fast, affordable law for startups — Soxton automates startup legal so founders can move faster and sleep better. We handle incorporation, advisor, employment and commercial contracts. Join the waitlist for early access! Stop vibe coding analytics — Equals AI turns questions about your business into auditable spreadsheet models and dashboards.