Microsoft discovers new lightweight backdoor that steals cryptocurrency
Summary
Microsoft disclosed Crypto Clipper, a lightweight self-propagating malware that spreads via USB drives to steal cryptocurrency credentials. It monitors clipboard content for wallet addresses or seed phrases, captures screenshots, and exfiltrates data through Tor using a local SOCKS5 proxy, then replaces attacker's wallet addresses to divert funds.