Microsoft finds USB worm that steals cryptocurrency through clipboard hijacking and Tor

Microsoft finds USB worm that steals cryptocurrency through clipboard hijacking and Tor

Microsoft Threat Intelligence has identified a new strain of self-propagating malware that spreads through USB drives, monitors the Windows clipboard for cryptocurrency wallet addresses and seed phrases, and routes all stolen data through a portable Tor client to avoid detection. The campaign has been active since at least February 2026, according to Microsoft’s analysis published […] This story continues at The Next Web

Microsoft Details CryptoBandits Clipper Campaign Targeting Windows Wallets Via USB Worms

Reading Time: 3 minutesKey Takeaways: Operating under the definitions Trojan:Win32/CryptoBandits, this discovered malware targets active Windows desktop environments processing cryptocurrency workflows. Initial infection networks leverage malicious, hidden .lnk shortcuts planted on physical USB flash storage drives to bypass boundary network firewalls. The clipper runtime checks the clipboard every 500 milliseconds, automatically substituting t…

Microsoft Warns of New USB-Based Malware Targeting Crypto Users – #CryptoUpdatesGNIT

Key Takeaways Microsoft Defender flagged a new USB malware that exposes bitcoin transactions to theft.The script steals 12 or 24-word seed phrases, threatening tron and monero wallet security.Microsoft next urges users to block shortcuts to stop the malware from spreading trough removable drives. Microsoft Alerts About Windows Malware That Changes Cryptocurrency Addresses The team behind Microsoft Defender, Windows’ embedded malware and virus se…

Microsoft Warns of New USB-Based Malware Targeting Crypto Users

Microsoft has alerted about a malware that spreads through flash drives that use Windows shortcut files to infect devices. The so-called “clipper” malware searches for crypto addresses in the clipboard and substitutes them with other addresses controlled by attackers. Microsoft Alerts About Windows Malware That Changes Cryptocurrency Addresses The team behind Microsoft Defender, Windows’ embedded […]

Microsoft Discovers STONEDRIVE: USB Crypto Stealer Evades Detection via Tor

Microsoft has uncovered a sophisticated cryptocurrency stealer malware that primarily spreads through infected USB drives and relies on the Tor network for command and control communications. Security researchers at the company detailed the threat in a recent analysis, highlighting how the malware combines old-school propagation methods with modern evasion techniques to target digital asset holders. The discovery, reported by Slashdot, centers o…

Microsoft Discovers Cryptocurrency Stealer That Spreads Through USB Drives and Uses Tor

Ars Technica's senior security editor reports: Microsoft says it has detected new self-propagating malware that spreads through USB drives in search of cryptocurrency credentials, which it then sends to attacker-controlled servers. The company named the worm Crypto Clipper because it monitors...