Another timely lesson in crypto security comes as a user reports malware stealing 13 Bitcoins by automatically replacing their destination address.
When u/ask_for_pgp appealed to miners on Reddit in an attempt to halt the transaction before it was confirmed, the community soon realized the worst.
“I copy pasted BTC address into electrum and confirmed the bitcoin transaction. the clipboard replaced my […] bitcoin address with a different one. few minutes later i discuss with friend if he already sees it in his wallet. he didnt. It sent to wrong address,” the user wrote.
“i checked all browser windows, private messages, chat histories. i do not know this address that grabbed the 13 BTC.”
Others swiftly pointed out the address was likely changed by malware, specifically a clipboard-altering program which has, in fact, been in production for several years.
The funds were seemingly not backed up by hardware, yet the threat which successfully stole them is hard to guard against for the average Bitcoin bagholder.
Hardware wallets, another Reddit respondent points out, would “securely” display the destination wallet address before confirmation.
The 13 BTC transaction to the presumed malware operators has since been confirmed, despite petitions to major mining pools.