- Binance has warned about new malware targeting crypto withdrawal addresses.
- The exchange said the threat could result in “significant financial” losses.
- Users have been urged to take certain measures to mitigate the risk.
The world’s largest crypto exchange by trade volume, Binance, has warned about “ongoing global malware attacks” targeting crypto withdrawal addresses.
Binance’s alert followed a recent FBI report indicating a staggering $5.6 billion lost to crypto hacks and scams in 2023. This is not to mention the $1.4 billion lost to crypto-related cybercrimes in the first half of 2024, underscoring how the persistent threat of malicious actors has long haunted the industry.
Binance’s Alerts on Crypto Malware Threats
In a recent blog post, Binance said its security team had identified a malware issue that “significantly” impacts crypto transactions by altering withdrawal addresses during a transfer process.
Sponsored
Often known as the “Clipper malware,” the compromised software intercepts data stored in the clipboard to replace original addresses with the ones designed by the hacker. This happens when a user copies and pastes a wallet address to transfer digital assets.
“If the user completes the transfer without noticing the change, the cryptocurrency is sent to the attacker's wallet, resulting in financial loss,” Binance wrote. “The issue has seen a notable spike in activity, particularly on August 27, 2024, leading to significant financial losses for affected users.”
Per the post, the malware is often spread through unofficial applications and plugins on Android and web apps. However, Binance warned that iOS users should also remain vigilant as the malware can target them when searching for crypto-related software in their native language or through unofficial channels in the case of restrictions.
The crypto exchange said it had taken various countermeasures to mitigate the challenge, including blacklisting suspicious addresses, incident reporting, ongoing monitoring, and notifying affected users.
Meanwhile, Binance urged users to verify the authenticity of addresses before authorizing withdrawal transactions and install advanced security software that can identify and remove the malware threat from a compromised device.
Read how WazirX users alleged that the recent $230M hack on the exchange was an inside job:
WazirX Users Allege $230M Crypto Heist Was an Inside Job
Stay updated on how much hackers stole from the crypto industry in August:
Hackers Steal $313.86M in Crypto Across Over 10 Incidents in August