Hackers Use Clipboard Stealers To Steal From Other Hackers

Security researchers from Cyble and ASEC have uncovered a new campaign of hackers targeting fellow hackers via clipboard stealers. These stealers are disguised as cracked RATs and malware building tools.

Generally, clipboard stealers are used in monitoring the clipboard content of a victim, identifying cryptocurrency wallet addresses, hijacking financial transactions, and transferring money.

ASEC researchers detected the fake offers on hacking forums such as “Russia black hat.” Hackers are deceived into installing cracked versions of BitRAT and Quasar RAT.

To download the tool, hackers are directed to an Anonfiles page that delivers a RAR archive. This is supposedly a builder for the selected malware.

However, the “crack.exe” file contained in these archives is a ClipBanker installer that copies the malicious binary to the startup folder and executes it on the first reboot.

Cyble researchers found hackers offering a free month of AvD Crypto Stealer on a cybercrime forum. The victims are deceived into downloading an executable named ‘Payload.exe’ which ends up infecting their systems.

IT World Canada Staff
IT World Canada Staff
The online resource for Canadian Information Technology professionals.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

ITW in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

More Best of The Web