Last week, I was in Amsterdam to attend the FIRST TC 2022 where I talked about Python used for malicious purposes in the Windows ecosystem[1]. Amongst multiple examples, I mentioned a sample of Python code that tries to steal cryptocurrencies. It’s not the first time that I found a piece of code that monitors the clipboard and swap the BTC address found with the attacker’s one. This time, the script that I found supports a lot of cryptocurrencies!
Article Link: InfoSec Handlers Diary Blog - SANS Internet Storm Center