Bitcoin Clipper malware made in Python.

Last update: Dec 30, 2022

Overview

BTC-Clipper | PROOF OF CONCEPT

THIS TOOL SHOULD ONLY BE USED FOR EDUCATIONAL PURPOSES ONLY

About

a BTC Clipper or a "Bitcoin Clipper" is a type of malware designed to target cryptocurrency transactions.

It operates by replacing the recipient cryptocurrency wallet addresses with ones owned by the cyber criminals. This tool demonstrates how certain cyber criminals redirect cryptocurrency transactions by replacing clipboard data. When users copy the addresses of cryptowallets that they wish to use to transfer bitcoin to, the copied information is stealthily replaced by the attacker's.

When the clipboard data is pasted, the addresses belong to the criminals' cryptocurrency wallets instead of being the cryptocurrency wallet for the intended recipient.

This is a project created to make it easier for malware analysts or ordinary users to understand how Bitcoin clippers work and can be used for analysis, research, reverse engineering, or review.

Please be sure to know what you're doing (such as knowing how to remove it) because when the .py file is run because it does modify some stuff in your system such as your Startup registry.

Demonstration

Features

AUTO STARTUP (PATH FOR .py + REGISTRY ENTRY)
SELF DESTRUCT
REPLICATE AND HIDE
No external Python modules required
Add self destruct message

How to use

Change BTC_ADDRESS to wallet address.
Change self destruct message
Run -> python btcClip.py

How it works

When the .py file is run it automatically self destructs and replicates itself to the user's %APPDATA% folder (C:\Users\username\AppData\Roaming).

Replicated the .py file

It then adds itself to the user's Startup registry (HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run) so that it can run again when the PC is turned on.

In the startup registry

How to delete

Navigate to C:\Users\user\AppData\Roaming or you can type %appdata% on the top of the folder.

then delete btcClip.py
To delete from the registry, open up the Registry Editor for Windows and navigate to > HKEY_LOCAL_MACHINE > SOFTWARE > Microsoft > Windows > CurrentVersion > Run
Then right click it and delete

Bitcoin Clipper malware made in Python.

Related tags

Overview

BTC-Clipper | PROOF OF CONCEPT

THIS TOOL SHOULD ONLY BE USED FOR EDUCATIONAL PURPOSES ONLY

About

Demonstration

Features

How to use

How it works

How to delete

Owner

Nightfall

Mizogg-Bitcoin-Tools - A Python Tools for Bitcoin Information Balance, HASH160, DEC

A bot that escrows crypto transactions on Reddit

A web app to scan crypto markets based on candlestick pattern recognition from

A Docker image for plotting and farming the Chia™ cryptocurrency on one computer or across many.

This project is a proof of concept to create a dashboard using Dash to display information about various cryptocurrencies.

A python tool to track prices of various cryptocurrencies and alert

Encrypt Your Script Python

A simple and secure password-based encryption & decryption algorithm based on hash functions, implemented solely based on python.

A simple Python tool to help anyone use Liquidity Pools on the BitShares blockchain.

Bsvlib - Bitcoin SV (BSV) Python Library

Django-based Crypto Portfolio Tracker – keep an eye on Shiba Inu and other Crypto

SHIBgreen is a cryptocurrency forked from Chia and uses the Proof of Space and Time consensus algorithm

Cryptocurrency with implementet Blockchain

A crypto bot that checks the price movement in the markets and creates buy and sell signals

Aggregate real-time market data from cryptocurrency exchanges, filter, sort and format as TradingView watchlists.

Bitcoin Clipper malware made in Python.

Um sistema de Criptografia RSA feito totalmente em Python

keyring MITkeyring (🥉27 · ⭐ 630) - Store and access your passwords safely. MIT

A curated list for getting up to speed on crypto and decentralized networks

DCAStack: an Automated Dollar Cost Averaging Bot for Your Crypto