A new cryptocurrency-stealing malware campaign is using fake popularity tactics, like bogus GitHub stars and AI-generated YouTube videos, to deceive users. Check Point Research identified this Rust-based 'clipboard hijacker', which swaps crypto wallet addresses in the clipboard with attacker-controlled addresses. The campaign utilizes multiple fake social media accounts and misleading information to build trust and manipulate victims into downloading the malware.
Once installed, the application monitors clipboard activity and implements techniques to maintain persistence, even on macOS. This strategy represents a concerning evolution in malware distribution, emphasizing false reputational cues to manipulate potential victims.