Researchers from cybersecurity firm CyberArk have recently discovered a sophisticated virus targeting cryptocurrency users. "Captain MassJacker Sparrow" is a malware designed to steal credentials or hijack transactions.
In its report, CyberArk explains that this malware uses a discreet yet effective method to spread: online file conversion services. These platforms, often free, allow users to convert documents, but some pirated or malicious versions inject harmful code into the downloaded file. The user ends up with a compromised file, which executes the malware in the background once opened, leading to an infection unnoticed by the victim, allowing the hacker to start stealing their crypto or exploiting their resources.
One of the most insidious features of "Captain MassJacker Sparrow" is its ability to manipulate the clipboard ("clipboard hijacking"). When a user copies a crypto wallet address to make a transfer, the malware automatically replaces it with the hacker's address. If the user doesn’t check before pasting, they unwittingly send their funds directly to the attackers. This type of attack is formidable, as crypto addresses are long and complex, making it hard to detect changes with the naked eye.
