Kaspersky Labs discovers new Trojan stealing US$140,000 in Bitcoin

Kaspersky Labs has identified the nosy Trojan as CryptoShuffler whose best asset is to keep itself off the radar.

Cybersecurity firm Kaspersky Labs has brought a new malware out in the open that targets to snoop around cryptocurrency wallet and eventually steal money. The said malware is a Trojan which has already stolen US$140,000 in Bitcoin; however, the company warns that the Trojan's ability cuts across all other cryptocurrencies.

Kaspersky Labs has identified the nosy Trojan as CryptoShuffler in its blog post published October 31. CryptoShuffler's best asset is its ability to keep itself off the radar, making it easier to inconspicuously lurk in a computer's memory and keep tabs of the clipboard where it fleetingly harbours cut-and-pasted information.

As soon as it secures a cryptocurrency wallet's address on the clipboard, which is very easy to spot, the Trojan will replace the address with another and this address could well be the criminal's. Once the victim transfers the amount of money in cryptocurrency, that will go straight to the criminal's account.

This kind of situation is very likely to happen when paying purchases at stores with cryptocurrency terminals. Apart from Bitcoin, all other currencies are vulnerable as well, such as Etherium, Monero, Dogecoin, Dash and Zcash, among others.

Also read: Beware! This Android Trojan has already stolen US$1.5m in cash

Kaspersky Labs has revealed that victimising Bitcoin wallets are CryptoShuffler's "most lucrative activity". So far, the people behind CryptoShuffler have syphoned off more than 23 Bitcoin or about US$140,000 at the current exchange rate.

"It took the Trojan a little more than a year to collect that money," notes the post. "Peak activity in late 2016 was followed by a slump, but then in June 2017, CryptoShuffler reawakened."

The company warns that there will be no tell-tale signs that the Trojan has infected a smartphone or computer, not even a system slowdown or random messages appearing here and there.

"Many kinds of malware try to keep a low profile and to operate as stealthily as possible; the longer they remain undetected, the more money they will make for their creators," warns Kaspersky Labs.