ESET researchers have discovered dozens of copycat Telegram and WhatsApp websites that offer trojanized versions of these popular instant messaging apps, with the intention of stealing victims’ cryptocurrencies.
Some of the malicious apps discovered by the researchers are classified as clippers, which either steal or alter clipboard contents, specifically focusing on cryptocurrency funds and wallets. This marks a new frontier for cybercriminals targeting the growing number of people using cryptocurrencies.
The clippers intercept victims’ messaging interactions and substitute transmitted or received cryptocurrency wallet addresses with those controlled by the attackers, enabling them to steal funds from unsuspecting users.
The investigation highlights the importance of staying vigilant in protecting one’s digital assets, and the growing threat of cryptocurrency-focused malware.