New lightweight, self-propagating crypto stealing malware delivered by USB spotted by Microsoft researchers – Crypto Clipper script-based stealer hunts for vulnerable wallets

• Microsoft warns of “Crypto Clipper,” a worm spreading via malicious .LNK files on USB drives
• Malware maintains persistence, connects to Tor C2, enables remote code execution, and steals clipboard crypto data
• It swaps wallet addresses, exfiltrates seed phrases/private keys, and uploads screenshots to assess target value

Microsoft is warning of an ongoing campaign targeting cryptocurrency owners with a clipboard-jacking worm.

In a new in-depth report published late last week, Microsoft’s security researchers explained that they recently analyzed a thumb drive that contained seemingly normal documents (Word files, Excel spreadsheets). However, the documents were replaced with Windows shortcut (.LNK) files which actually launched a piece of malware called Crypto Clipper.

This malware does a couple of things. First, it spreads by creating malicious .LNK files on USB drives and other removable media. It also sets up scheduled tasks to maintain persistence and automatically infect newly connected USB devices. Second, it behaves...

Copyright of this story solely belongs to techradar.com. To see the full text click HERE