It’s not a new method of attack. However, a new malware has been spotted in the wild on the internet. And it specifically targets crypto traders, hijacking the clipboard app. The name of this new cryptocurrency threat is ‘Laplas.’
Why Hijack the Clipboard
The reason this malware attacks the clipboard is because this app handles the ‘copy and paste’ actions of a computer or smart device.
Whenever sending or receiving cryptos it’s highly likely a person will use the copy-and-or paste functions.
Laplas works on crypto traders’ computers, monitoring copy-paste habits for crypto wallets. It eventually gains enough data to perfectly time a hijacking, where the malware can insert the crypto-wallet address of the hackers that deployed Laplas to the victim’s computer.
Once the cryptos have been sent, the victim can not get the funds back typically.
Why Security Companies are Worried
This is a clipper malware strain discovered in over 180 samples since October 24, 2022. It’s been seen since before that date but after the 24th, the number of discoveries has exploded. Cyble reports show upwards of 50 times more malware infections than normal.
Because of this alarming growth, a warning has been sent out. The data is suggestive of a massive deployment that may have happened.
How do computers get Laplas?
This is a clipper malware strain. It’s passed to victims through weaponized documents. And those docs are sent via spear-phishing emails.
An easy solution: For the Average Joe with little tech experience, simply do not open email attachments from people you do not know.
Many times Laplas is loaded to a computer via another malware named SmokeLoader. This alternate, related malware is also capable of stealing user information.
As mentioned, this freshly popular malware is a Clipper or ClipBanker strain. Microsoft refers to it as cryware.
