Hackers have created an exploit that watches 2.3 million high-value crypto wallets and replaces the addresses in the Windows clipboard with an address associated with the hackers.
In other words, you could paste your own wallet and the malware would subtly change it to the hacker’s own private wallet. Because it happens in the clipboard most people wouldn’t notice the change between copying and pasting.
The malware runs a massive, 83MB DLL file that masquerades as a Direct X service. Inside the DLL is a 2.5 million line text file full of bitcoin addresses.
Multiple anti-virus engines are now tagging this DLL as dangerous and you should be safe as long as you keep your virus protection up to date.