Crypto clipper malware uses Tor and USB propagation to steal digital assets (opens in new tab)

A new Windows-based cryptocurrency clipper has been identified that uses worm-like propagation to spread via USB storage devices. The malware replaces legitimate document files on removable media with malicious shortcuts that execute a script-based payload. Once active, it establishes persistence through scheduled tasks and employs multi-layered obfuscation to evade static detection by security tools. <a href="