A disguised Chromium extension linked to wallet-address swapping shows how a small permissioned add-on can become a last-mile fraud tool.
A decoy apartment site, a dropped APK, and a loader chain that turns a simple lure into a mobile account-abuse risk.
A disguised browser add-on linked to a crypto clipper campaign shows how transaction tampering can happen inside the browser, not on the blockchain.
Researchers flagged a browser-extension campaign that impersonates a familiar note-taking tool and aims to swap cryptocurrency wallet addresses at transaction time.
A new Windows malware family is reported to spread through USB devices and use Tor, while altering wallet addresses to steal cryptocurrency.
A deceptive trust layer is being abused to make a crypto clipper look safer than it is, turning stars, reviews, and clipboard swaps into a quiet route to theft.
A Windows crypto-clipper campaign is notable less for the theft itself than for the way it routes control through a local SOCKS5 proxy and Tor, reducing the value of simple IP-based hunting.
A Windows-based crypto clipper reportedly leans on WScript, ActiveXObject, and Tor, a combination that can blur the line between ordinary scripting and malicious automation.
A newly spotted lightweight backdoor combines removable-media spread with cryptocurrency theft, showing how compact malware can still punch through modern defenses.
Microsoft says a Windows-based cryptocurrency clipper has been active since February 2026, and its design leans on built-in scripting, shortcut abuse, and Tor-hosted command infrastructure.
A reported campaign pairs AI-style narration, fake reputation signals, and a Rust-based clipboard hijacker to quietly redirect cryptocurrency payments.
A reported CountLoader campaign shows how obfuscated JavaScript and PowerShell can be chained into a clipboard-hijacking clipper aimed at cryptocurrency wallets.
A reported CountLoader campaign shows how Windows-native scripts, staged execution, and memory-resident payloads can turn a routine infection path into a theft mechanism aimed at crypto users.