New Laplas Clipper Malware Targeting Cryptocurrency Users via SmokeLoader

Teilen:

Cryptocurrency users are being targeted with a new clipper malware strain dubbed Laplas by means of another malware known as SmokeLoader.

SmokeLoader, which is delivered by means of weaponized documents sent through spear-phishing emails, further acts as a conduit for other commodity trojans like SystemBC und Raccoon Stealer 2.0, according to an analysis from Cyble.

Observed in the wild since circa 2013, SmokeLoader functions as a generic loader capable of distributing additional payloads onto compromised systems, such as information-stealing malware and other implants. In July 2022, it was found to deploy a backdoor called Amadey.

Cyble said it discovered over 180 samples of the Laplas since October 24, 2022, suggesting a wide deployment.

Bild30

Clippers, also called ClipBankers, fall under a category of malware that Microsoft calls cryware, which are designed to steal crypto by keeping close tabs on a victim’s clipboard activity and swapping the original wallet address, if present, with an attacker-controlled address.

Bild31

The goal of clipper malware like Laplas is to hijack a virtual currency transaction intended for a legitimate recipient to that owned by the threat actor.

“Laplas is new clipper malware that generates a wallet address similar to the victim’s wallet address,” the researchers pointed out. “The victim will not notice the difference in the address, which significantly increases the chances of successful clipper activity.”

 

The newest clipper malware offers support for a variety of wallets like Bitcoin, Ethereum, Bitcoin Cash, Litecoin, Dogecoin, Monero, Ripple, Zcash, Dash, Ronin, TRON, Cardano, Cosmos, Tezos, Qtum, and Steam Trade URL. It’s priced from $59 a month to $549 a year.

It also comes with its own web panel that enables its purchasers to get information about the number of infected computers and the active wallet addresses operated by the adversary, in addition to allowing for adding new wallet addresses.

“SmokeLoader is a well-known, highly configurable, effective malware that TAs [threat actors] are actively renovating,” the researchers concluded.

“It is a modular malware, indicating it can get new execution instructions from [command-and-control] servers and download additional malware for expanded functionality. In this case, the TAs use three different malware families for financial gain and other malicious purposes.”

https://thehackernews.com/2022/11/new-laplas-clipper-malware-targeting.html

Kommentar verfassen

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert

lade-bild
London, GB
12:13 pm, Juli 8, 2025
Wetter-Symbol 21°C
L: 19° | H: 22°
klarer Himmel
Luftfeuchtigkeit: 43 %
Druck: 1018 mb
Wind: 3 mph NNE
Windböe: 12 mph
UV-Index: 0
Niederschlag: 0 mm
Wolken: 0%
Regen Chance: 0%
Sichtbarkeit: 10 km
Sonnenaufgang: 4:53 am
Sonnenuntergang: 9:17 pm
TäglichStündlich
Tägliche VorhersageStündliche Vorhersage
Today 10:00 pm
Wetter-Symbol
19° | 22°°C 0 mm 0% 8 mph 43 % 1019 mb 0 mm/h
Tomorrow 10:00 pm
Wetter-Symbol
15° | 26°°C 0.1 mm 10% 8 mph 59 % 1023 mb 0 mm/h
Do. Juli 10 10:00 pm
Wetter-Symbol
18° | 30°°C 0 mm 0% 7 mph 75 % 1024 mb 0 mm/h
Fr. Juli 11 10:00 pm
Wetter-Symbol
19° | 29°°C 0 mm 0% 9 mph 68 % 1023 mb 0 mm/h
Sa. Juli 12 10:00 pm
Wetter-Symbol
18° | 28°°C 0 mm 0% 11 mph 71 % 1020 mb 0 mm/h
Today 1:00 pm
Wetter-Symbol
21° | 21°°C 0 mm 0% 8 mph 43 % 1018 mb 0 mm/h
Today 4:00 pm
Wetter-Symbol
22° | 24°°C 0 mm 0% 7 mph 39 % 1018 mb 0 mm/h
Today 7:00 pm
Wetter-Symbol
23° | 24°°C 0 mm 0% 7 mph 33 % 1017 mb 0 mm/h
Today 10:00 pm
Wetter-Symbol
19° | 19°°C 0 mm 0% 5 mph 40 % 1019 mb 0 mm/h
Tomorrow 1:00 am
Wetter-Symbol
17° | 17°°C 0 mm 0% 5 mph 50 % 1020 mb 0 mm/h
Tomorrow 4:00 am
Wetter-Symbol
15° | 15°°C 0 mm 0% 4 mph 59 % 1021 mb 0 mm/h
Tomorrow 7:00 am
Wetter-Symbol
16° | 16°°C 0 mm 0% 5 mph 53 % 1021 mb 0 mm/h
Tomorrow 10:00 am
Wetter-Symbol
21° | 21°°C 0 mm 0% 6 mph 59 % 1022 mb 0 mm/h
Name Preis24H (%)
Bitcoin(BTC)
€92,765.64
0.17%
Ethereum(ETH)
€2,185.72
0.19%
Fesseln(USDT)
€0.85
0.00%
XRP(XRP)
€1.95
0.21%
Solana(SOL)
€128.70
-0.85%
USDC(USDC)
€0.85
0.00%
Dogecoin(DOGE)
€0.144482
-1.00%
Shiba Inu(SHIB)
€0.000010
0.84%
Pepe(PEPE)
€0.000009
-0.14%
Nach oben scrollen