Main topics of the post:
A global threat is underway, in which malware alters users' cryptocurrency withdrawal addresses, leading to significant financial losses for victims.
The Binance security team is identifying and whitelisting suspicious addresses, informing affected users, and monitoring and combating these threats.
We recommend users to verify the authenticity of apps and plugins, double-check withdrawal addresses, and stay informed to protect themselves from this scam.
We have identified a global malware issue that is significantly impacting cryptocurrency transactions by altering withdrawal addresses during the transaction process. This type of malware, often referred to as “Clipper malware,” intercepts data stored in the clipboard, primarily targeting cryptocurrency wallet addresses. When a user copies and pastes a wallet address to transfer cryptocurrency, the malware replaces the original address with one designated by the attacker. If the user completes the transfer without noticing the change, the cryptocurrency will be sent to the attacker’s wallet, resulting in financial loss.
This issue has seen a notable increase, particularly on August 27, 2024, leading to significant financial losses for affected users. Malware is often distributed through unofficial apps and plugins, especially on Android and web apps, but iOS users should also remain vigilant. Many users inadvertently install these malicious apps while searching for software in their native languages or through unofficial channels, often due to restrictions in their countries.
Binance's measures
Our security team is actively addressing this issue through several measures:
Blocklist of suspicious addresses: We blacklisted the attackers’ addresses to prevent further fraudulent transactions. This has prevented numerous withdrawal attempts by potential victims.
User Notifications: We inform affected users about the malware and advise them to scan their devices for any suspicious software or plugins.
Incident Reports: We request incident details from affected users to help us identify and analyze the malware and plugins involved.
Continuous Monitoring: Our team continues to monitor new threats and update our security protocols.
Measures to stay safe
To protect yourself from this type of malware, follow these security tips:
Authentication check: Make sure that the apps and plugins you are using are authentic versions and not fake or potentially harmful ones. Avoid downloading software from unofficial sources.
Double-check addresses: Always double-check or triple-check your withdrawal address before completing any transaction. This simple step can prevent significant financial loss. To be extra safe, you can take a screenshot of the withdrawal address just before sending the payment and have the recipient verify it with a photo to prevent malware from altering the text.
Stay informed: Stay up to date with the latest security advisories from Binance and other trusted sources. Awareness is a key component of cybersecurity.
Use security software: Install reputable security software on your devices to detect and remove malware. Regularly update this software to protect yourself against new threats.
By following these guidelines and remaining vigilant, you can significantly reduce your risk of falling victim to this type of scam. The Binance security team remains committed to protecting your assets and providing you with the tools and information you need to stay safe as the situation unfolds.