It can never be said too often, but the prevalence of malware on the Internet, especially malware targeting Bitcoin and other financial software, makes it extra important today: you can never be too careful when sending Bitcoin transactions. A Reddit user today lost 13BTC, or around $36,000, when he pasted an address from his clipboard that was not the appropriate address.
I copy pasted BTC address into electrum and confirmed the bitcoin transaction. the clipboard replaced my bitcoin intendet bitcoin address with a different one. few minutes later i discuss with friend if he already sees it in his wallet. he didnt. It sent to wrong addressThis is a trivially done malware attack. Access to the clipboard is a basic functionality for user level applications, so mostly anything can see what is there. All the malware in question has to do is remain undetected and, when it notices a Bitcoin address on the clipboard, replace it with one. More advanced developers can have it actively try to swap the address with a similar-looking one.
This malware can be contracted by any operating system, although for obvious reasons most renditions are probably authored for Windows. Its actual effects are avoidable by double-checking before sending. It’s helpful to highlight the first, middle, and last 3-5 characters of a transaction when doing this.
The 30 extra seconds (maximum) it would have taken for Reddit user ask_for_pgp would have saved him and his friend over $30,000.
The above recommendation goes in addition to always password-securing your Bitcoin wallet. Then it will ask for permission before sending, giving you another chance to look. Simply running a virus scan won’t save you, because new versions can be written and distributed before the virus definitions are updated, and you’re already copying the attacker’s addresses by that point.
Link to full article: https://www.cryptocoinsnews.com/malware-snatches-13btc-36000-bitcoin-user/