Threat Intelligence Report

EclecticIQ Fusion Center Report: ComboJack Malware Alters Clipboards to Steal Cryptocurrency (English)

Unit 42 researchers discovered a new currency stealer dubbed "ComboJack", which targets cryptocurrencies and online wallets.

Report from EclecticIQ Fusion Center from Tuesday 6 March 2018.

Key Findings:

  • The malware is being spread via a spam email campaign targeting primarily American and Japanese users.
  • Malware: ComboJack functions by replacing clipboard addresses with an attacker- controlled address which sends funds into the attacker’s wallet.
  • The malware is after Ethereum, Monero, Bitcoin, and Litecoin, but also after funds transferred via Qiwi, WebMoney, and Yandex Money.
  • EclecticIQ Fusion Center analysts uncovered additional related indicators and a user potentially behind this malware.

Download Report

About EclecticIQ

EclecticIQ develops analyst-centric products that align our clients’ cybersecurity focus with their threat reality. The result is intelligence-led security, improved detection, prevention, and response.

EclecticIQ Fusion Center

EclecticIQ Fusion Center delivers thematic intelligence bundles providing a single curated source of relevant CTI from leading suppliers all in a single contract.