Close Menu
  • Instructions
  • News
    • DeFi
    • Smart Contract
    • Markets
    • Web3
    • Adoption
    • Memecoins
    • Analysis
    • Mining
    • Scams
    • Security
  • Education
    • Learn
    • Wallets & Exchange
  • Documentaries
  • Videos
    • Alessio Rastani
    • Altcoin Buzz
    • Coin Bureau
    • Dapp University
    • DataDash
    • Digital asset News
    • EllioTrades Crypto
    • MMCrypto
    • Lark Davis
    • Ivan on Tech
    • Benjamin Cowen
  • Market
    • Crypto Market Cap
    • Heat Map
    • Converter
    • Metal Prices
    • Stock prices
  • Bonus Books
  • Tools
What's Hot

XRP and BTC Among Coins Targeted in New Malware Campaign

July 2, 2026

Securitize tokenizes $295 million of its own stock on Solana and Avalanche amid NYSE debut

July 2, 2026

CSWAP Announces New Integration That Simplifies Bitcoin Access to Cardano Ecosystem

July 2, 2026
Facebook X (Twitter) Instagram
Recession Profit AlertsRecession Profit Alerts
  • Instructions
  • News
    • DeFi
    • Smart Contract
    • Markets
    • Web3
    • Adoption
    • Memecoins
    • Analysis
    • Mining
    • Scams
    • Security
  • Education
    • Learn
    • Wallets & Exchange
  • Documentaries
  • Videos
    • Alessio Rastani
    • Altcoin Buzz
    • Coin Bureau
    • Dapp University
    • DataDash
    • Digital asset News
    • EllioTrades Crypto
    • MMCrypto
    • Lark Davis
    • Ivan on Tech
    • Benjamin Cowen
  • Market
    • Crypto Market Cap
    • Heat Map
    • Converter
    • Metal Prices
    • Stock prices
  • Bonus Books
  • Tools
Recession Profit AlertsRecession Profit Alerts
Home»Security»XRP and BTC Among Coins Targeted in New Malware Campaign
Security

XRP and BTC Among Coins Targeted in New Malware Campaign

July 2, 2026No Comments2 Mins Read

Cybersecurity researchers at McAfee Advanced Threat Research have uncovered an extremely sophisticated cryptocurrency-stealing malware campaign dubbed “Silent Swap.”

It relies on a malicious browser extension to intercept and modify user clipboards and then swap legitimate cryptocurrency wallet addresses with fake ones.

The bad actors are hunting for Bitcoin ($BTC), Ethereum ($ETH), $XRP, Bitcoin Cash, Dash, as well as other cryptocurrencies.

Silent Swap is different from primitive “crypto clippers” due to its alarming level of sophistication.

The campaign relies on advanced browser manipulation, decentralized command-and-control (C2) infrastructure, and other cutting-edge techniques.

The “Google Notes” disguise

The infection typically begins with the victim downloading unsigned .NET or Golang installers. They are often disguised as free or cracked versions of legitimate software.

The installer then deploys a malicious extension that masquerades as a benign “Google Notes” application.

By tampering with the browser’s configuration files, Silent Swap forcibly sideloads itself into Chromium-based browsers, including Google Chrome, Microsoft Edge, Brave, and Opera

Normally, Chromium browsers store security verification data. Silent Swap bypasses this defense by recalculating and updating these security values after injecting its code.

The “Google Notes” extension, which gets installed by uninitiated victims, grants itself invasive permissions.

Server-side wallet mapping

As soon as the extension detects a copied address matching the regex patterns for $BTC, $ETH, $XRP, Bitcoin Cash, or Dash, it does not use a hardcoded replacement. Instead, it queries the attacker’s backend server.

The malicious actors behind Silent Swap also do not hardcode their command-and-control (C2) domains into the malware. Instead, they utilize a technique known as “EtherHiding.”

See also  Truth Social Pushes Into Crypto ETFs With BTC, ETH and CRO Exposure

Silent Swap has a globally distributed infection footprint, with a particularly high concentration of victims in India.

Source link

Among BTC Campaign Coins Malware Targeted XRP

Related Posts

U.S. Treasury Sanctions 134 Crypto Wallets Linked to ISIS-K in Major Crackdown

July 2, 2026

Drift Protocol Rebrands to Velocity DEX Ahead of Relaunch

July 2, 2026

Edel Finance loses $403K as flash-loan oracle exploit hits xStock lending reserves

July 2, 2026

Attackers deliver infostealer to Polymarket trading bot users, DeFi devs through npm packages

July 2, 2026
Top Posts

An Altcoin Listed on Major Exchanges Announces It Has Been Hacked

April 29, 2026

Bitcoin falls with ether, solana while decred, AI-linked tokens advance

February 27, 2026

Memecoin Resurgence and Altcoin Outperformance in Early 2026

February 17, 2026

Type above and press Enter to search. Press Esc to cancel.