Threat Intelligence Report

EclecticIQ Fusion Center Report: ComboJack Malware Alters Clipboards to Steal Cryptocurrency (English)

Unit 42 researchers discovered a new currency stealer dubbed "ComboJack", which targets cryptocurrencies and online wallets.

Report from EclecticIQ Fusion Center from Tuesday 6 March 2018.

Key Findings:

The malware is being spread via a spam email campaign targeting primarily American and Japanese users.
Malware: ComboJack functions by replacing clipboard addresses with an attacker- controlled address which sends funds into the attacker’s wallet.
The malware is after Ethereum, Monero, Bitcoin, and Litecoin, but also after funds transferred via Qiwi, WebMoney, and Yandex Money.
EclecticIQ Fusion Center analysts uncovered additional related indicators and a user potentially behind this malware.

About EclecticIQ

EclecticIQ develops analyst-centric products that align our clients’ cybersecurity focus with their threat reality. The result is intelligence-led security, improved detection, prevention, and response.

EclecticIQ Fusion Center

EclecticIQ Fusion Center delivers thematic intelligence bundles providing a single curated source of relevant CTI from leading suppliers all in a single contract.

Download Report

About EclecticIQ

EclecticIQ Fusion Center

EclecticIQ Fusion Center delivers thematic intelligence bundles providing a single curated source of relevant CTI from leading suppliers all in a single contract.