Security Warning: Hackers Can Copy Your Clipboard to Gain Your Crypto Information

August 28, 2021, 10:00 AM AEST - 1 month ago

If you think storing your passwords and seed phrases in your notes on your computer is safe, think again. Your computer’s clipboard keeps this information and leaves you open to hackers who can intercept it. It’s called the “clipboard hack”.

The Clipboard Hack: How It Works

If you click on the wrong thing, or visit the wrong site, you can accidentally install a malware bug that can access your computer’s clipboard. Some malware is specifically designed to target crypto users.

When dealing in crypto, users are often copying and pasting addresses and passwords to exchange tokens from one wallet or exchange to another. Some malware bugs are designed to swap out the copied text – a wallet address, say – and replace it with their own, meaning if you aren’t careful you can accidentally send your crypto straight to a hacker instead of where you intended it to go.

To avoid falling victim to this, make sure to always double-check a pasted wallet address to ensure it matches the code you originally copied. Secondly, ensure you have an updated anti-malware solution to protect your digital assets from malicious actors. If you’re on a Mac, for example, you can use an anti-malware software such as MalwareBytes. Another way to protect yourself is to clear or disable your computer’s clipboard feature.

How to Clear/Disable Your Clipboard 

How to View & Manage Clipboard in Windows 10

How to Clear Your Windows 7 Clipboard

How to view and manage clipboard history on a Mac:

More Tips on Staying Safe

Here are some extra precautions you can take to keep safe when doing crypto transactions:

  1. Always lock your wallet when you are not using it. This will prevent other websites that you visit (that could be potentially dangerous) from connecting to it. Here’s how to do that in MetaMask:
Click on Accounts, top right corner, then select Lock

Lock your wallet with MetaMask

Your MetaMask Wallet is now locked until you login in again by entering your password

Unlock and back in business

2. Use a different browser for crypto; this way you avoid forgetting to lock your wallet and minimise your exposure to other insecurities. For example, you could use Chrome for day-to-day stuff and Brave specifically for crypto.

3. For extra peace of mind, close all other tabs except the one via which you connect your wallet. This way you avoid malicious pop-ups from other possibly dodgy website pages open on other tabs, which could intercept your wallet and steal your crypto. See below – this fake MetaMask pop-up, which looks almost identical to the real thing, tricks users into entering their password and giving full control of their wallet to the hacker.

Scam Alerts

There are so many scams to watch out for online; in crypto, even more so. Beware of fake crypto trading websites. Crypto News Australia has also reported on the latest Australian crypto scams going around in 2021.

Lastly, never store your seed phrases or passwords digitally on your computer or online; keep them safe as hard copies instead. Always be careful you are accessing the legitimate sites, apps and contract addresses. Double and triple-check everything. To be paranoid is to be aware.

Disclaimer: The content and views expressed in the articles are those of the original authors own and are not necessarily the views of Crypto News. We do actively check all our content for accuracy to help protect our readers. This article content and links to external third-parties is included for information and entertainment purposes. It is not financial advice. Please do your own research before participating.