Microsoft warns of 'CryptoBandits' malware that swaps wallet addresses

Microsoft has discovered a malware campaign dubbed 'CryptoBandits' that swaps cryptocurrency wallet addresses with an attacker's address, U.Today reported. The malware spreads through USB drives and converts documents, PDFs, and Excel files on a user's PC into malicious executables with the same names. The malware is installed when a user, mistaking the file for the original document, runs it. Once infected, the program monitors the user's clipboard every 0.5 seconds. If a cryptocurrency wallet address or seed phrase is copied, it is automatically replaced with the attacker's address. This can lead to users unknowingly sending their assets to the attacker's wallet if they do not double-check the address before confirming a transaction. Microsoft advised users to refrain from using USB drives from unknown sources and to always reconfirm wallet addresses before sending cryptocurrency.