Microsoft said researchers identified a Windows-based cryptocurrency clipper campaign active since February 2026 that spreads through malicious USB shortcut files and targets crypto wallet data. The malware, detected by Microsoft Defender Antivirus as Trojan:Win32/CryptoBandits.A, monitors clipboard contents for cryptocurrency addresses and other sensitive wallet material, replaces them with attacker-controlled wallet addresses, and can exfiltrate screenshots. Microsoft said the campaign uses...

Read the original article