Cryptocurrency exchange Binance has warned its users about a growing malware threat that is causing significant financial losses by changing cryptocurrency withdrawal addresses.
In a statement titled “Protect Your Crypto, Understand the Ongoing Global Malware Attacks and What We’re Doing to Stop Them,” Binance urged users to take extra precautions to protect their funds.
Commonly known as “Clipper malware,” the malware targets users’ cryptocurrency wallet addresses during transactions. When a user copies and pastes a wallet address, it captures the clipboard data and replaces the original address with an address controlled by the attacker. If the user does not notice the change and completes the transfer, the cryptocurrency is sent to the attacker’s wallet, causing the user to lose their funds.
Binance reported a significant increase in malware activity on August 27, 2024, with users around the world falling victim to such attacks. Malware is typically distributed through unofficial apps and plugins, particularly on Android and web platforms, but iOS users are also at risk. Many victims unknowingly install these malicious programs while searching for software in their own language or through unofficial channels.
Binance’s security team has stated that it is actively combating this threat with various countermeasures:
- Blacklisting Suspicious Addresses: Binance blacklisted known attacker addresses, preventing further fraudulent transactions and stopping a large number of withdrawal attempts from potential victims.
- User Notifications: The exchange has notified affected users and advised them to check their devices for any suspicious software or plugins.
- Incident Reporting: Binance collects detailed reports from victims to help analyze the malware involved in these attacks.
- Ongoing Monitoring: Binance continues to monitor emerging threats and updates its security protocols as necessary.
Binance urged its users to take the following steps to protect themselves from malware:
- Verify the Authenticity of Apps and Add-ons: Download software only from official sources to avoid malicious versions.
- Double-check withdrawal addresses: Always verify the address before completing any transaction. Binance recommends taking a screenshot of the address and having the recipient confirm it, minimizing the risk of falling victim to text-altering malware.
- Stay Informed: Follow the latest security updates from Binance and other trusted sources to stay informed about emerging threats.
- Use Security Software: Install reliable security software and update it regularly to detect and remove malware.
*This is not investment advice.
