Menu

Categories:

Hot right now:

Follow on:

Coinsurges provides coverage of fintech, blockchain, and Bitcoin, delivering the most recent news and analyses on the future of money. Stay up-to-date with live prices, charts, and trading options for the top exchanges. Keep track of the day's top cryptocurrency gainers and losers, as well as which coins have experienced gains and losses in the past 24 hours.
Trust Coinsurges as your go-to source for all news and updates in the industry.

Menu

Categories:

Hot right now:

Follow on:

Coinsurges provides coverage of fintech, blockchain, and Bitcoin, delivering the most recent news and analyses on the future of money. Stay up-to-date with live prices, charts, and trading options for the top exchanges. Keep track of the day's top cryptocurrency gainers and losers, as well as which coins have experienced gains and losses in the past 24 hours.
Trust Coinsurges as your go-to source for all news and updates in the industry.

Crypto users targeted in SourceForge malware attack via fake Microsoft Office softwares

Share This Post

Cybercriminals are targeting crypto users by exploiting SourceForge, a well-known open-source software platform.

According to security experts at Kaspersky, malicious attackers upload fake Microsoft Office installers packed with hidden malware, including crypto miners and clipboard hijackers, to deceive unsuspecting users.

They noted that while the SourceForge project pages appear legitimate, the danger lies in their auto-generated subdomains. In one instance, Russia’s Yandex search engine indexed a fake domain, leading unsuspecting users to a page filled with counterfeit Office tools and download buttons.

Crypto Hack
Sample Search Query Results on SourceForge. (Source: SecureList)

Data from Kaspersky indicates that more than 4,600 incidents were recorded in the first quarter of 2025, with 90% of the affected users in Russia.

It was unclear if this attack had led to significant financial losses for crypto users.

The attack

In this attack, the hackers upload weaponized software to SourceForge’s project pages. These pages mimic legitimate Office-related tools, but the installers contain embedded scripts that deliver harmful payloads.

The trap begins with a small archive file named vinstaller.zip, only around 7MB. This is suspicious, as genuine Office software is significantly larger—even when compressed.

However, once the file is unzipped, it balloons into a 700MB installer packed with hidden scripts. These scripts silently fetch additional files from GitHub and scan the system for antivirus tools.

If no protection is detected, the installer loads crypto mining software and a clipbanker Trojan.

According to the blog post:

“ClipBanker is a malware family that replaces cryptocurrency wallet addresses in the clipboard with the attackers’ own. Users of crypto wallets typically copy addresses instead of typing them. If the device is infected with ClipBanker, the victim’s money will end up somewhere entirely unexpected.”

At the same time, one of the scripts sends user information to a Telegram bot, giving the hacker full access to sensitive data.

This campaign highlights how hackers leverage trusted platforms to bypass security systems and spread malware at scale.

The post Crypto users targeted in SourceForge malware attack via fake Microsoft Office softwares appeared first on CryptoSlate.

Read Entire Article
spot_img
- Advertisement -spot_img

Related Posts

Bitcoin Expert Samson Mow Reveals Why BTC Is Not Trading At $10 Million Per Coin Already

Samson Mow, a Bitcoin expert and the Chief Executive Officer (CEO) of JAN3, a BTC-focused infrastructure firm, has shared a striking take on the current valuation of the flagship cryptocurrency

From $4.5B to $20B: Grayscale Bullish on AI Crypto’s Future, Cites Key Catalysts

The market capitalization of tokens in the artificial intelligence (AI) crypto sector has surged from $45 billion in 2023 to $20 billion in just two years Growth has however slowed this year, with

XRP News Today: VivoPower Announces a $121M Private Funding to Become First XRP Treasury-focused Publicly Traded Company

The post XRP News Today: VivoPower Announces a $121M Private Funding to Become First XRP Treasury-focused Publicly Traded Company appeared first on Coinpedia Fintech News VivoPower International PLC

Ethereum Futures Market Boom As Open Interest Surges To A New Peak

Ethereum has gained bullish traction with the crypto asset reclaiming and surging past the $2,600 price level as Tuesday drew to a close ETH’s recent upward performance has been attributed to

Crypto Firms Flee Ukraine—Weld Money Becomes Latest To Exit

Ukraine’s crypto card market is shrinking fast Weld Money, a fintech that let people spend crypto through a Mastercard-linked card, is closing its doors in the country Users have been told to pull

‘Bad Idea’ Be Damned: Arkham Maps Strategy’s Billion-Dollar Bitcoin Hoard

While Strategy founder Michael Saylor dismissed the idea of exposing the firm’s bitcoin wallet addresses as a “bad idea,” Arkham Intelligence appears to have done some digital sleuthing of its
You have not selected any currencies to display