Bitcoin Clipper malware made in Python.

Last update: Dec 30, 2022

Overview

BTC-Clipper | PROOF OF CONCEPT

THIS TOOL SHOULD ONLY BE USED FOR EDUCATIONAL PURPOSES ONLY

About

a BTC Clipper or a "Bitcoin Clipper" is a type of malware designed to target cryptocurrency transactions.

It operates by replacing the recipient cryptocurrency wallet addresses with ones owned by the cyber criminals. This tool demonstrates how certain cyber criminals redirect cryptocurrency transactions by replacing clipboard data. When users copy the addresses of cryptowallets that they wish to use to transfer bitcoin to, the copied information is stealthily replaced by the attacker's.

When the clipboard data is pasted, the addresses belong to the criminals' cryptocurrency wallets instead of being the cryptocurrency wallet for the intended recipient.

This is a project created to make it easier for malware analysts or ordinary users to understand how Bitcoin clippers work and can be used for analysis, research, reverse engineering, or review.

Please be sure to know what you're doing (such as knowing how to remove it) because when the .py file is run because it does modify some stuff in your system such as your Startup registry.

Demonstration

Features

AUTO STARTUP (PATH FOR .py + REGISTRY ENTRY)
SELF DESTRUCT
REPLICATE AND HIDE
No external Python modules required
Add self destruct message

How to use

Change BTC_ADDRESS to wallet address.
Change self destruct message
Run -> python btcClip.py

How it works

When the .py file is run it automatically self destructs and replicates itself to the user's %APPDATA% folder (C:\Users\username\AppData\Roaming).

Replicated the .py file

It then adds itself to the user's Startup registry (HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run) so that it can run again when the PC is turned on.

In the startup registry

How to delete

Navigate to C:\Users\user\AppData\Roaming or you can type %appdata% on the top of the folder.

then delete btcClip.py
To delete from the registry, open up the Registry Editor for Windows and navigate to > HKEY_LOCAL_MACHINE > SOFTWARE > Microsoft > Windows > CurrentVersion > Run
Then right click it and delete

Bitcoin Clipper malware made in Python.

Related tags

Overview

BTC-Clipper | PROOF OF CONCEPT

THIS TOOL SHOULD ONLY BE USED FOR EDUCATIONAL PURPOSES ONLY

About

Demonstration

Features

How to use

How it works

How to delete

Owner

Nightfall

GmJEWEL - The monorepo for the Greedy Merchants Guild

Stenography encryption script

Discord webhooks for alerting crypto currency price changes & historical data.

Python-RSA is a pure-Python RSA implementation.

Crypto Stats and Tweets Data Pipeline using Airflow

A workshop to build an NFT smart contract on the polygon blockchain

Zero-dependency Cryptography Python Module with a self made method

This is a simple application to generate HD wallet addresses for cryptocurrency coins.

Image AES256 crypt-decrypt

Vhost password decrypt for python

Calculate your taxes from cryptocurrency gains

PyCrypter , A Tool To Encrypt/Decrypt Text/Code With Ease And Safe Using Password !

🔑 Password manager and password generator

Crypto-curriences analysis

Algorand-app - This tutorial is designed to get you started with Algorand development in a step by step process

Microllect - Fully automated btc wallet hack,using advanced protocols

BOT para o BombCrypto para infinitas contas em simultâneo!!!

A python script for AES Angecryption in Steganography

A simple python program to sign text using either the RSA or ISRSAC algorithm with GUI built using tkinter library.

Simple BRender SDK KeyGen.