Threat actors are distributing a self-spreading USB worm that steals cryptocurrency wallet data via Windows shortcut files. The malware uses the Tor network to hide command-and-control communications.
The malware operates as a clipboard-stealing trojan with self-propagation capabilities, spreading through removable USB drives. When infected shortcut files (.lnk) are executed, the worm establishes hidden connections through Tor to exfiltrate cryptocurrency wallet credentials and clipboard contents.
The attack targets users storing digital assets on infected systems or accessing wallets through web browsers. The self-spreading mechanism allows the malware to propagate to connected USB devices, creating a secondary infection vector for air-gapped systems.
The use of Windows shortcut files exploits user trust in familiar file types. Combined with Tor routing, the infrastructure makes attribution and traffic analysis difficult for security researchers.
Security researchers recommend disabling autorun features for USB devices, monitoring clipboard activity, and implementing application whitelisting. Users should avoid executing unfamiliar files from removable media and maintain offline backups of cryptocurrency wallet private keys.
Let's Encrypt experienced widespread certificate renewal failures today, according to the service status page. The incident affected numerous users attempting to renew their SSL certificates.
Microsoft has identified a lightweight backdoor malware that targets cryptocurrency wallets and spreads via USB drives. The malware, known as Crypto Clipper, communicates through the Tor network to evade detection.
India's government told the Delhi High Court that Telegram acknowledged its inability to proactively detect channels selling leaked exam papers. The platform was warned two weeks before being blocked in the country.
Australia's communications regulator will require businesses to register their SMS and MMS sender identities. The move aims to combat spam and fraudulent messaging.