Cybercriminals built a global reputation network using GitHub, SourceForge, YouTube, VirusTotal, and fake news sites to promote a Rust-based clipboard hijacker that steals cryptocurrency on Windows and macOS. Check Point says the campaign uses coordinated trust manipulation to lure crypto owners and traders into downloading fake tools that hide the malware and hijack wallet addresses from clipboards. #CheckPoint #GitHub #SourceForge #VirusTotal #YouTube
Keypoints
- The campaign targets Windows and macOS users with a Rust-based clipboard hijacker.
- Fake tools and decryptors are used to trick crypto owners and traders.
- Attackers spread the lure through GitHub, SourceForge, YouTube, and phishing sites.
- VirusTotal votes and comments were manipulated to make the files appear safe.
- The malware steals cryptocurrency wallet addresses from the clipboard and persists on infected devices.