Crypto Clipping: how to avoid the technique that can strip you of your cryptocurrencies in minutes?

Can you imagine losing all the investment you have made in cryptocurrencies What Bitcoin or ethereum just for copying the address of your electronic wallet without realizing that a malicious program is lurking on your computer? The mortifying thing about the subject is that this is precisely what Crypto Clipping consists of, a technique that cyber criminals they are using to steal digital assets from hundreds of users.

The emergence of this modality that specifically targets electronic currency transfers has caused concern among investors and people who operate with them, since they could lose huge amounts of money with just a command from their keyboard if the right conditions are met. . Below we provide you with information about this type of crime, its origin and ways in which we can protect ourselves from its fearsome scope.

What is Crypto Clipping?

Also called “crypto hack” for its Spanish translation, this term refers to a technique that subtly replaces a user’s e-wallet address with one that is controlled by cybercriminals. In this way, the criminal can divert the assets to his own account during a transaction using malicious software.

Sol Gonzalezsecurity researcher ESET Latin Americaexplained to Trade that the disconcerting thing about this modality is that a large amount of cryptocurrencies can be stolen in a matter of minutes. he indicated.

By copying the address of your e-wallet in order to carry out an operation with your digital assets, the user is condemned since this information can be modified by malware installed on the computer. Basically, what the user thought he copied changes completely when pasting it in the corresponding box in such a clever way that it is often imperceptible.

The program chosen by criminals is called twitterwhich is a variant of malware known as Phorpiex. Unfortunately, this crime tool is sold under the form of Malware as a Service (MaaS) for little money through channels such as Dark Web marketplaces and even Telegram.

However, Gonzalez mentioned that manipulating this program is not as easy as acquiring it. , he pointed it out to this newspaper.

Contrary to what one would expect, the base of this malware is not new and has much more history than one might expect.

Phorpiex and his background

In December 2021, the researcher alexey bukhteyev of the firm Check Point Research public “Phorpiex botnet is back with a new Twizt: Hijacking Hundreds of crypto transactions”a report that revealed the existence of twitterits focus on the electronic wallets of thousands of users around the world and, above all, its origin. Phorpiex is a botneta set of electronic equipment infected with malware to be remotely controlled by cybercriminals, detected in 2010 that has evolved over the years.

This network has been involved in several cyber attacks in the last decade with cases such as sending mass spam, carrying out denial of service (DDoS) attacks and even for download harmful software on the devices of their victims as gandcrab and XMRigthe latter used to mine cryptocurrencies.

However, the most mediatic event in which he participated was a campaign of sextortion of 2019, one of the largest in history. This modality consisted of sending an email to a user indicating that his computer had been compromised with malware and he had been filmed entering pages with adult content, threatening to publish the recordings if they were not paid between US$300 and US$5,000 in cryptocurrencies such as Bitcoin.

The investigation revealed that, in just one year, . All this, resulting in about half a million dollars. The scope of this variant is based on the fact that does not need active command and control servers to operate and in that it is compatible with more than 30 types of electronic wallets for different currencies on the Blockchain.

Although Gonzalez mentioned that there is no exact data on the number of units stolen with this technique and its equivalent in dollars, ESET telemetry indicates that the number of incidences of Phorpiex Twizt in Latin American countries such as Guatemala, Mexico and even Peru has increased during the last 6 months. In Peru, for example, the number of attacks with this modality amounts to about 170 between August 2021 and January 2022 as indicated by the following chart published on the company’s official blog.

What to do to avoid being a victim of Crypto Clipping?

Given that more and more people are manipulating and operating cryptocurrencies, it is important to consider some ways in which you can avoid being one more case in the growing list of attacks that use the Crypto Clipping technique. Among them we have the always reliable installation of anti-virus software can deal with the Phorpiex Twizt and completely remove it from the team.

Another is verify without fail the address of the virtual wallet during the transaction to know if the user’s was not replaced by another. A more complex but safe way is not to copy the e-wallet address and instead type it manually. It takes more time, but in this way we make sure that we are entering the correct data.

Also, we can make a transaction of a minimum test amount to be totally sure that we will receive the desired cryptocurrencies.

The rest is the classic advice related to any type of cyber attack: do not install programs from unofficial sources, always be on the lookout for phishing emails or messages that contain links of dubious origin and always verify that the web address of the wallet, Exchange or other platform related to cryptocurrencies is the real one.

It is important to remember that, although these measures may be uncomfortable or may require more time and attention from the user, since it is up to us to take all necessary precautions so as not to lose our valuable money.