Microsoft warns users of 'Crypto Clipper' malware spread via USB drives

The malware blends data theft with remote code execution, “turning a financially motivated stealer into a lightweight backdoor,” Microsoft said.

Microsoft Threat Intelligence is warning Windows users about a cryptocurrency clipper strain of malware transmitted via USB drives.

The malware, which has been affecting users since February, steals clipboard data to extract wallet credentials using “high-frequency clipboard theft, screenshot exfiltration, and wallet-address substitution,” Microsoft said Wednesday.

The crypto clipper also hides legitimate files and replaces them with lookalike shortcuts, so victims unknowingly execute malware while a worm component propagates automatically to USB storage devices.

Read more