Microsoft Discovers Malware Stealing Crypto from Windows Wallets via USB

Microsoft has uncovered a sophisticated malware that targets cryptocurrency users by spreading through USB drives. The malware intercepts shortcut files and installs a worm that monitors the Windows clipboard, harvesting private keys from the clipboard and inserting its own destination wallet addresses when it detects a transfer.

The malware operates by detecting when a user copies a cryptocurrency wallet address to the clipboard. It then replaces the legitimate address with one controlled by the attackers, ensuring that any funds sent are diverted to their wallets. This method is particularly insidious as it exploits a common user behavior without requiring direct interaction with malicious links or files.

For everyday cryptocurrency users, this discovery highlights the importance of vigilance when handling digital assets. The malware underscores the need for secure practices, such as double-checking wallet addresses before confirming transactions and using hardware wallets that are less susceptible to such attacks. Users should also be cautious when using USB drives, especially those from untrusted sources.

Microsoft has not yet provided specific details on the prevalence of this malware, but users are advised to update their antivirus software and remain alert for any unusual activity in their wallets. Keeping software up to date and using reputable security tools can help mitigate the risk of such attacks.