ETHERLive delivers real-time price and volume data across 16+ exchanges to users in a clear and easy-to-understand package. Users can get up-to-the-second updates for each exchange/currency pair, as well as aggregated market averages for each exchange, currency, and the market as a whole. It also provides a global converted average of all the currency pairs monitored by ETHNews, converted to USD.


24hr ---

The Basics

Learn the basics of Ethereum and various cryptocurrency technologies

Learn More

What is Ethereum?

Understand the underlying principles of the Ethereum Platform

Learn More

The Blockchain

Discover the revolutionizing technology known as the blockchain

Learn More

Press Release

Submit a press release for consideration on ETHNews

Submit Press

Story / Dapp

Submit a story or DAPP to be considered for publication on ETHNews.

Submit Story


Submit "Ethereum Explainer" content for consideration to be featured on ETHNews

Submit Topic
ETHNews Logo
Ether Price Analysis
Contact Us

'CryptoShuffler' Malware Swaps Wallet Addresses Copied To Clipboards




A recently identified piece of malware replaces wallet addresses copied to users’ clipboards with public keys belonging to a hacker, making it possible for users to inadvertently send their cryptocurrency to the hacker’s wallet rather than the intended recipient's.

On October 31, Sergey Yunakovsky of the Russian cybersecurity firm Kaspersky Lab published an account of a malware plot that his company had uncovered, a Trojan horse-style software that he calls “CryptoShuffler.” In this scheme, malicious code that can recognize cryptocurrency wallet addresses is surreptitiously loaded onto the web browser of a victim’s computer. Once the victim copies a wallet address to his or her clipboard, the malware replaces it with a public key corresponding to a wallet belonging to the attacker. If the victim pastes this key into the recipient field of a webpage or other module controlling the transfer of cryptocurrency and executes the transaction, he or she will send the assets in question to the attacker’s wallet rather than the intended party.

While some online wallet services and exchanges admonish their users to copy and paste addresses rather than typing them, warnings to double check the accuracy of a copied key are rarer. As is the case with many crypto scams, there exist no reliable means for victims of this scheme to recover lost funds.

As Yunakovsky reported, similar scams in the past have targeted bitcoin and WebMoney, but this particular piece of malware “is aimed at all popular cryptocurrencies,” including Ether, dogecoin, Litecoin, Dash, Monero, and Zcash.

The bitcoin wallet associated with this scam has received over 23 BTC since September 2016, equivalent to upwards of $160,000 at press time, but it’s unclear what portion of this amount can be attributed to the malware.

Other recent cryptocurrency scams have involved deceitful URLs, misleading or fraudulent token sales, and the practice of hijacking victims’ web browsers or processing power for the purpose of mining tokens.

Adam Reese

Adam Reese is a Los Angeles-based writer interested in technology, domestic and international politics, social issues, infrastructure and the arts. Adam holds value in Ether, Bitcoin, and Monero.

ETHNews is committed to its Editorial Policy

Like what you read? Follow us on Twitter @ETHNews_ to receive the latest CryptoShuffler, malware or other Ethereum wallets and exchanges news.