Can Clipboard malware affects phone users?

[KiaKia]

There are a few posts about clipboard malware that changes users addresses whenever they want to carry out new transactions and I have only seen this happened to a friend's laptop but not a smartphone, is it possible for this clipboard malware to affect a smartphone and swap your address to a fake address?

[Beparanf]

There are a few posts about clipboard malware that changes users addresses whenever they want to carry out new transactions and I have only seen this happened to a friend's laptop but not a smartphone, is it possible for this clipboard malware to affect a smartphone and swap your address to a fake address?

Android and IOS has a unique security system which doesn’t allowed virus to enter its core. Correct me if I’m wrong but the reported virus affecting an android or ios device is very rare unless you root your phone that unlock all features of the phone break it’s main security.

But in general. A clipboard malware will not gonna affect mobile device if you didn’t change the default setup of you device such is installing from unknown source and so on.

[Kalchef]

The biggest threat with a clipboard on android phones is using a third-party keyboard, some third-party keyboard spies on the sensitive words you type using the keyboard and send them out to the creator or builder through the cloud without you noticing, this is why it's always good and safe to stick with OEM keyboards on your smartphones.

[MFahad]

There are a few posts about clipboard malware that changes users addresses whenever they want to carry out new transactions and I have only seen this happened to a friend's laptop but not a smartphone, is it possible for this clipboard malware to affect a smartphone and swap your address to a fake address?

As far as you use system built-in keyboard, you are safe from clipboard malware. Playstore verified by Play protect Apps are also save and their is very low security risk. I am using smartphone for many years and have not faced such problem.
I searched in google about this and article found which is created in 2019 that one App ""Clipper"" was used for this purpose but no information that it steal any fund
Reference

Laptop is very high risky for online payment systems. We should be careful about when we enter any phrase or putting address. We usually did not install windows from official website which is first reason open the door for malware attack. I have also faced this so many time and now I stopped transaction through laptop. I uses Kiwi or Mises browser whenever I need website to connect Metamask or install chrome extensions and work fine for me so far.

[jackg]

Android and IOS has a unique security system which doesn’t allowed virus to enter its core. Correct me if I’m wrong but the reported virus affecting an android or ios device is very rare unless you root your phone that unlock all features of the phone break it’s main security.

Imo it could happen if you open an app and it injects it onto your clipboard (such as a game) but you'd likely have to have opened the game between copying the address and opening your wallet.

Android and iOS share the methods of Linux in stopping apps from accessing the operating system unless the user has let them run in the background or has opened them on the screen.

Clipboards are normally stored on keyboards though so the biggest ways to attack this vulnerability are via infected keyboards and wallet related apps.

[DdmrDdmr]

<...>

I’m not aware of how often it happens but there is a case reported here from 2019 (on Android):
https://www.bleepingcomputer.com/news/security/first-cryptocurrency-clipboard-hijacker-found-on-google-play-store/

It all begins by downloading an app with malware - on this occasion, a fake metamask app. The article depicts two malware methods used by the app. The former aimed at stealing private keys and seeds of ethereum wallets. The latter is the one really related to the topic here, since the app was capable of monitoring the clipboard for bitcoin and ethereum addresses, and swapping them for those controlled by the attacker.

If this is widespread and still feasible (i.e. no way to patch it) is something I don’t really know, though if there is no way to patch it, likely it's still a thing.

[Falconer]

Don't use the cellphone that you use every day as a storage wallet, it clearly has a high risk for the security of your funds. Let's be honest that you never know when you've made the mistake of accidentally clicking on a malicious link or automatically downloading it from a group chat or your friends. This is really dangerous even if you have kept your clipboard safe from malware.

Use 2 phones if you don't have the hardware wallet, but you may need to keep one of them offline while still needing to backup the wallet for the wallet. This is just about user experience from me, but I really believe this clipboard is not safe if you are not careful.

[PrivacyG]

Android and iOS share the methods of Linux in stopping apps from accessing the operating system unless the user has let them run in the background or has opened them on the screen.

And then you have all sorts of weird applications in the Play Store you can download for free and use.  If you look for a free Screen Recorder you can find a lot of sketchy apps that even have a lot of positive reviews.  Any of these apps can have this hidden malware.  Also all the free photo editing apps many people download and use.  Easy to become a victim this way.  Very few of us have a clean Android phone, the people I know have it clogged up in all sorts of unnecessary software.

Linux may be helping by stopping apps, but then it is still user's responsibility from that point forward.

-
Regards,
PrivacyG

[stompix]

<...>

If this is widespread and still feasible (i.e. no way to patch it) is something I don’t really know, though if there is no way to patch it, likely it's still a thing.

I think that standalone clipboard hijackers for Android are not that spread because you need to go the same way of infecting and getting permissions as a normal private key malware, so it makes little sense to have just a  clipboard hijacker installed when you can have a wallet drainer, even for the one mentioned in that article the main attack was the stealing of keys. After all, if you want to steal something you want to go for the jackpot with the least traces possible, so probably that's why everyone is focused on other types of malware.

Also, rather than clipboard hijackers one should watch out for QR code malware, scammers have understood that for some users it's a pain in the ass to copy-paste addresses so they release a lot of those apps that "help" you with these on playstore.
https://www.bitdefender.com/blog/hotforsecurity/bitcoin-thieves-use-malicious-qr-code-readers-to-steal-45000-this-month/

[rat03gopoh]

The system default clipboard (for unrooted devices) may not be changed (read-only mode), but there are some clipboard managers out there that if you install them require permissions to disable and switch the role of default apps to third-party ones. Yep, it can be tampered with and malware attacks.

[lovesmayfamilis]

In the Russian-speaking segment, news appeared that sales of the Hook Trojan had begun on the darknet, which attacks many banking and crypto wallets on the Android system.
The malware can completely capture the device and control all actions of the phone owner. It also has remote control capabilities.
The hacker sees the screen of the smartphone and can remotely perform any action, including managing crypto wallets.
The hook is currently distributed as an APK file and disguised as the Google Chrome browser.

More: https://www.cnews.ru/news/top/2023-01-20_v_darknete_za_7_tysprodayut

[Ryker1]

It could be on the file ^{[APK files]} but not the Android system itself.
So before downloading, ask yourself twice or thrice --is the app popular, does the app have a good review, transparency of the developer and what they develop --the last one is, to verify the app before downloading.
The number one sign that you must be noticed first is that your phone is usually ver heating and the battery quickly drain. So do not save valuable stuff on your mobile phone.

[mk4]

Though phone operating systems will have varying degrees of security, if a mobile device is online, clipboard malware or any other malware is possible. Even if it's decently unlikely.

[Taskford]

There are a few posts about clipboard malware that changes users addresses whenever they want to carry out new transactions and I have only seen this happened to a friend's laptop but not a smartphone, is it possible for this clipboard malware to affect a smartphone and swap your address to a fake address?

Good question ask since this could make other be informed about possibilities of all things related to clip board malware. but as far as we know security in android phones are so high so maybe its just a rare case for individual users to get affected with this. But still you need to be more careful on what you are copying and always verify for many times if the address you are putting where you want to receive your balances. Better to always have precautious consciousness to avoid this unnecessary mistake.

[kamvreto]

~snip~Clipboards are normally stored on keyboards though so the biggest ways to attack this vulnerability are via infected keyboards and wallet related apps.

This is a weakness that often attacks Android with various untrusted keyboard applications. There are several applications that are automatically downloaded when there are advertisements embedded in the game or some applications that are free.
some android application installation scanners also work to deal with applications that indicate malware so that there will be a notification that the application is not safe.
to be safer, you can also activate Google Protect so that applications that are installed safely can be used properly. Do not install apps from black market or obscure apk files. It becomes a gateway for malware.

[Stepstowealth]

There are a few posts about clipboard malware that changes users addresses whenever they want to carry out new transactions and I have only seen this happened to a friend's laptop but not a smartphone, is it possible for this clipboard malware to affect a smartphone and swap your address to a fake address?

I am not a techie, but I say if it is not something that is possible now, it doesn't mean that it cannot be possible in the closest future. More sophisticated Malwares can be made, maybe they are already in development now and will be capable of having same effect it has on computers on mobile phones. It can happen because some of these malwares that we see now, at one time we never believed that they will be existing.

[Saint-loup]

I think that standalone clipboard hijackers for Android are not that spread because you need to go the same way of infecting and getting permissions as a normal private key malware, so it makes little sense to have just a  clipboard hijacker installed when you can have a wallet drainer, even for the one mentioned in that article the main attack was the stealing of keys. After all, if you want to steal something you want to go for the jackpot with the least traces possible, so probably that's why everyone is focused on other types of malware.

Also, rather than clipboard hijackers one should watch out for QR code malware, scammers have understood that for some users it's a pain in the ass to copy-paste addresses so they release a lot of those apps that "help" you with these on playstore.
https://www.bitdefender.com/blog/hotforsecurity/bitcoin-thieves-use-malicious-qr-code-readers-to-steal-45000-this-month/

I don't think stealing private keys is so easy because usually serious wallets take care about that. They encrypt private keys/seeds and only decrypt them once the user opens the wallet after typing a pin code generally, and they never display them if the user hasn't required it. While copy-pasted adresses are commonly used when you want to send funds to an online platform. It's recommended to always check the end of the address pasted, as it is harder to forge a similar end than a similar beginning, because of the checksum, btw.

Also, rather than clipboard hijackers one should watch out for QR code malware, scammers have understood that for some users it's a pain in the ass to copy-paste addresses so they release a lot of those apps that "help" you with these on playstore.
https://www.bitdefender.com/blog/hotforsecurity/bitcoin-thieves-use-malicious-qr-code-readers-to-steal-45000-this-month/

It's surprising, because usually wallets are able to generate the QR-codes of receiving addresses. I wonder if some wallets don't generate QR-code in special formats only readable by the same software wallets though.  

[drwhobox]

I have heard non of these cases on mobile but on computer. By mobile means android, never used ios and I don't follow their community. I am an android user since I started using smartphones.
But hey, it is 2023 and anything can happen anytime so check before you send any transactions, stop trusting anything blindly be cautious and be safe.

[Cantsay]

Just to be on the safe side I'll suggest you just avoid downloading any third party keyboard most especially those ones that have a fancy look and just continue using the inbuilt keyboard. But as for the keyboard malware in phones I haven't heard or seen any case before but that doesn't mean it still not possible. You never know to what extent hackers can go just so they get access to your details. And you can as well just turn off the clipboard so as to prevent it from saving more than one copied details at a time (at least that's what it does in my device ).

[Alisha-k]

I think it is common with fancy third party keyboards. But with built in android keyboards that was installed alongside the OS hardly get Malware attack except the device is regularly using hotspots from unknown and untrusted users.