Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11What is Clipper Malware? How does it affect Android users?
On January 8, 2019, users saw the first version of Clipper malware on Google Play Store. It has disguised as a harmless application to trick all downloads, then start redirecting electronic money to the owner of the malware.
But what is Clipper malware, how does it work and how can it be avoided from this malware?
Learn about Clipper malware
- What is Clipper malware?
- How Clipper works
- How long has Clipper existed?
- Which applications contain Clipper?
- The increase in electronic money attacks
- How to avoid an attack from Clipper?
What is Clipper malware?
Clipper targets e-wallet addresses in a transaction. This wallet address is like the pre-electronic version of the bank account number. If you want someone to pay you electronically, you must provide them with your wallet address and the payer enters it into their payment details.
Clipper hijacks e-money transactions by swapping addresses for real addresses with Clipper's wallet. When users make payments from an electronic money account, they will pay the author of Clipper instead of the original intended recipient.
This can cause some serious financial losses if malware manages and appropriates a high-value transaction.
How Clipper works
Clipper does this swap by tracking the clipboard (where the copied data is stored) of a device infected with Clipper. Every time a user copies data, Clipper checks whether the clipboard contains any e-wallet addresses. If so, Clipper will swap it with the address of the creator of the malware.
Now, when users paste the address, they will paste the address of the attacker instead of the legal address.
Clipper exploits the complex nature of wallet addresses. These are long strings of numbers and letters that seem to be randomly chosen. It is unlikely that the payee will recognize the address that has been swapped, unless they have used this wallet address many times.
Even worse, its complexity makes users tend to copy and paste addresses more than manually typing with the keyboard. This is exactly what Clipper wants!
How long has Clipper existed?
Clipper itself is nothing new. It appeared around 2017 and mainly focused on Windows computers. Since then, Clipper aimed at Android has been developed and sold on the black market. Infected applications can be found on shady sites.
Such sites are the foundation for the 2016 Gooligan malware, which has infected over 1 million devices.
This is the first version of the application on Google Play Store, officially infected with Clipper. Successfully downloading malware-infected applications to the official app store is a desirable scenario for malware distributors. The App downloaded from the Google Play Store provides a certain sense of security, making it more reliable than the apps found on a random website.
This means that people often download and install apps from here without a doubt, that's exactly what the creators of the malware want.
Which applications contain Clipper?
Clipper is in an application called MetaMask. It is a real service that allows browser-based distributed applications for Ethereum electronic money. MetaMask does not yet have an official Android application, so malware creators have taken advantage of this to make people think that the official version has been released.
This fake MetaMask application has done more than exchanging electronic money addresses in the clipboard. It also requires the user's Ethereum account details as part of a fake account setup. Once the user has entered the details, the malware creator will have all the information they need to log into the account.
Fortunately, a security company discovered Clipper before it caused too much damage. The fake MetaMask application was uploaded on February 1, 2019, but was reported and removed just over a week later.
The increase in electronic money attacks
Although this type of attack is quite new, it is not too surprising. Electronic money is a huge business now, and with it comes the potential to earn huge sums of money. While most people are satisfied with making money through legal means, there will always be those who choose to exploit illicit money from others.
Electronic money is the favorite target of malware makers worldwide. They take control of the processor on the device, turning it into electronic money for them without being detected by the main user.
Like this example of Clipper malware, security companies have found those who want to exploit illegal electronic money to infect malware on applications on Google Play Store. Thus, this may be just the beginning of electronic money-based malware that attacks users on Android phones.
How to avoid an attack from Clipper?
This sounds very scary, but avoiding an attack from Clipper is quite simple. Clipper depends on whether the user is ignorant of its existence and ignores the warning signs. Understanding how Clipper works is important to defeat it. By reading this article, you have completed 90% of the job!
First, always make sure you download the app from Google Play Store. Although Google Play is not perfect, it is much safer than other Internet shady sites. Try to avoid websites that act as a third-party app store for Android, as these sites are more likely to contain malware than Google Play.
When downloading apps on Google Play, double-check the total number of app downloads before installing. If an application has existed for a long time and has a low number of downloads, the download may be at risk. Similarly, if the application claims it is a mobile version of a popular service, check the developer name carefully.
If another name (even slightly different) from the official developer name, it is an important warning sign that something is not right.
Even if the phone is infected with Clipper, users can avoid an attack by being more cautious. Carefully check every wallet address that will be pasted to make sure it is not changed midway. If the address you paste is different from the copied address, that means Clipper is hiding on the system.
Perform full Android virus scans and delete any recently installed shady applications.
Clipper can harm anyone who handles large amounts of electronic money. The complex nature of wallet addresses, combined with typical user copy and paste trends, gives Clipper an opportunity to attack.
Many people may not even realize what they did until it was too late!
Fortunately, beating Clipper malware is simple: Never download suspicious applications and double check all wallet links before confirming the transaction.
Jessica TannerYou should read it
- How many types of malware do you know and how to prevent them?
- 5 types of malware on Android
- What is Goldoson Malware? How can you protect yourself?
- Learn about polymorphic malware and super polymorphism
- Modular Malware - New stealth attack method to steal data
- What is Malware Joker? How to fight Malware Joker?
- What is Malware? What kind of attack is Malware?
- 10 typical malware types
May be interested
- 5 types of malware on Android
malware or malware can affect mobile devices as well as computers. a little bit of knowledge and proper precautions can protect you from threats like ransomware and sextortion scam. - Security vulnerability discovered on Windows 7, affecting millions of usersa security hole has just been discovered in windows 7 that can affect millions of users. security researchers recently found a local privilege vulnerability in windows 7 that could affect millions of windows users who haven't updated since this release.
- What is an SSL certificate? How does it affect your website?what is an ssl certificate? how does it affect your website? is an issue that many users are interested in and learn about. this certificate is considered a very important factor related to internet security.
- How to fix Bluestacks blue screen error when playing gamesjust like the black screen error on bluestacks makes users uncomfortable, a blue screen error occurs when we play a game that will affect the character control.
- Instructions to adjust the screen brightness of Android phoneschanging the screen brightness of android phones is a simple way to help you choose the screen brightness suitable for the surrounding environment, avoid the phone screen is too bright or too dark to affect health, especially especially the eyes.
- Root way of Android phones 7.0 / 7.1 Nougat with KingoRootandroid 7.0 / 7.1 nougat has been officially released for a while. as the latest operating system, many users wonder how to root android quickly and easily. kingo offers android users a safe, fast and rooted android phone.
- How to fix the game playing error is escaping on Androidthe error is playing games on android phones with friends, but the situation of self-exit constantly occurs quite popularly today causing many discomforts and annoyances for users. in fact, this error comes from many different causes including 4 main reasons including: spill ram, full of memory, phone does not meet game configuration, software bugs, operating system. all these errors, if not handled and overcome thoroughly, will directly affect your gaming experience.
- 6 useful Android settings you may not know yetas an android user for many years, many people may think that they know quite well about the android settings menu. however, there are some useful settings that users can ignore or not know about.
- List of phones eligible for Android 12 Beta upgrade from todaygoogle has officially launched android 12 with a major overhaul of the interface, improved smoothness and privacy. what android users look forward to the most right now is to update the new operating system experience.
- Create and manage RAR files on Android like on a computerwinrar has long been a popular compression utility for windows and it is also the best compression and decompression support tool for both compression formats rar and zip among software with the same features. one of winrar's most useful features is support for multivolumes compression, which allows users to select and perform large compressed files into smaller blocks for easier processing.
Is the file IAStorIcon.exe a virus?
What is Safe Malware? Why is it so dangerous?
Modular Malware - New stealth attack method to steal data
The best antivirus programs for Windows 7
3 ways to check if anti-virus software on PC is working?
How to use IObit Advanced SystemCare