Binance Issues Global Alert Over Clipper Malware That Alters Crypto Wallet Addresses

Binance has issued a global alert warning cryptocurrency users of a rising malware threat known as “Clipper malware.”

This malware alters wallet addresses during transactions, leading to financial losses. It swaps the user’s copied wallet address with one controlled by attackers. As a result, funds are sent to the wrong destination without the user realizing it.

Binance Highlights Risks of Clipper Malware in Crypto Transactions

Since August 27, 2024, Binance has seen a spike in incidents, with Android users being the primary targets. However, iOS users are not entirely safe, as the malware spreads through unofficial apps and plugins. These often come from unverified sources, especially when users search for software in their local languages.

“We’ve identified a global malware issue that alters withdrawal addresses during the transaction process. Be cautious of plugins and apps you’ve installed, especially on Android and web apps, and stay alert on iOS too,” Binance stated.

To mitigate this threat, Binance’s security team has blacklisted suspicious addresses, notified impacted users, and is actively monitoring for additional risks. Users were also advised to triple-check withdrawal addresses to prevent Clipper malware from interfering with their transactions.

“To be extra safe, you can take a screenshot of the withdrawal address right before sending the payment and have the recipient verify it against a photo to leave text-altering malware no chance,” Binance advised.

Read more: Top 5 Flaws in Crypto Security and How To Avoid Them

In addition, Binance stressed the importance of verifying the authenticity of apps and plugins and using reliable security software.

Market analysts note that Clipper malware is a variant of the address poisoning attack. Scammers use this technique to trick users into sending funds to similar-looking but fraudulent addresses. Earlier this year, this tactic led to the theft of $70 million in wrapped Bitcoin (WBTC) from an investor.

This Binance alert comes amid a broader increase in malware targeting crypto users. Earlier this month, McAfee uncovered a new mobile malware, “SpyAgent,” that steals users’ mnemonic keys. A mnemonic key is a 12-word phrase used to recover cryptocurrency wallets.

SpyAgent spreads through fake Android apps disguised as banking, government, and utility services. According to McAfee, 280 fake apps have been identified since the start of the year.

Read more: 15 Most Common Crypto Scams To Look Out For

These threats reflect a persistent issue within the crypto industry. The FBI recently reported that crypto investors lost $5.6 billion to scams and hacks in 2023.