Once CryptoShuffler spots the address of a cryptocurrency wallet, it will intrude the victim’s wallet at the time of transaction and replace the attacker wallet address. as a result, the cryptocurrency will be Transferred into attacker Wallet address instead of the User intended recipient wallet ID.
According to Kaspersky, The malware has been around since last year and has been targeting many popular cryptocurrencies including Bitcoin, ZCash, Ethereum, Monero, among others.
The basic format of Crypto currency transaction, if a user wants to transfer crypto coins to another user, they need to know the recipient’s wallet ID ,a unique multi-digit number.
In This case ,CryptoShuffler Trojan monitor the device’s clipboard, utilized by users when making a payment and it will replace the malware authors wallet ID in software address line.
Eventually, it will be replaced by the malware author’s wallet ID when user pasting the ID of original user recipient and finally attacker wallet ID and send the money to attacker wallet.
Victims will be having no idea about this malicious activities by this CryptoShuffler Trojan while making the transaction.
Till now this Malware author earned 23 BTC about $140,000 at the current exchange rate in Dollar.
The other cryptocurrency wallets belonging to CryptoShuffler’s creators were found to contain sums ranging from tens to thousands of dollars.It took the Trojan a little more than a year to collect that money. Peak activity in late 2016 was followed by a slump, but then in June 2017, CryptoShuffler reawakened. Kaspersky Said.
Based Blockchain Network