EclecticIQ Fusion Center Report: ComboJack Malware Alters Clipboards to Steal Cryptocurrency (English)
Report from EclecticIQ Fusion Center from Tuesday 6 March 2018.
Key Findings:
- The malware is being spread via a spam email campaign targeting primarily American and Japanese users.
- Malware: ComboJack functions by replacing clipboard addresses with an attacker- controlled address which sends funds into the attacker’s wallet.
- The malware is after Ethereum, Monero, Bitcoin, and Litecoin, but also after funds transferred via Qiwi, WebMoney, and Yandex Money.
- EclecticIQ Fusion Center analysts uncovered additional related indicators and a user potentially behind this malware.
About EclecticIQ
EclecticIQ develops analyst-centric products that align our clients’ cybersecurity focus with their threat reality. The result is intelligence-led security, improved detection, prevention, and response.
EclecticIQ Fusion Center
EclecticIQ Fusion Center delivers thematic intelligence bundles providing a single curated source of relevant CTI from leading suppliers all in a single contract.
Download Report
About EclecticIQ
EclecticIQ develops analyst-centric products that align our clients’ cybersecurity focus with their threat reality. The result is intelligence-led security, improved detection, prevention, and response.
EclecticIQ Fusion Center
EclecticIQ Fusion Center delivers thematic intelligence bundles providing a single curated source of relevant CTI from leading suppliers all in a single contract.