Bitcoin Clipper malware made in Python.

Related tags

Cryptographypython-malware-analysisbitcoin-clipperpython-malwarebtc-clipper
Overview

BTC-Clipper | PROOF OF CONCEPT

THIS TOOL SHOULD ONLY BE USED FOR EDUCATIONAL PURPOSES ONLY

About

a BTC Clipper or a "Bitcoin Clipper" is a type of malware designed to target cryptocurrency transactions.

It operates by replacing the recipient cryptocurrency wallet addresses with ones owned by the cyber criminals. This tool demonstrates how certain cyber criminals redirect cryptocurrency transactions by replacing clipboard data. When users copy the addresses of cryptowallets that they wish to use to transfer bitcoin to, the copied information is stealthily replaced by the attacker's.

When the clipboard data is pasted, the addresses belong to the criminals' cryptocurrency wallets instead of being the cryptocurrency wallet for the intended recipient.

This is a project created to make it easier for malware analysts or ordinary users to understand how Bitcoin clippers work and can be used for analysis, research, reverse engineering, or review.

Please be sure to know what you're doing (such as knowing how to remove it) because when the .py file is run because it does modify some stuff in your system such as your Startup registry.

Demonstration

gif video (1)

Features

  • AUTO STARTUP (PATH FOR .py + REGISTRY ENTRY)
  • SELF DESTRUCT
  • REPLICATE AND HIDE
  • No external Python modules required
  • Add self destruct message

How to use

  • Change BTC_ADDRESS to wallet address.
  • Change self destruct message
  • Run -> python btcClip.py

How it works

When the .py file is run it automatically self destructs and replicates itself to the user's %APPDATA% folder (C:\Users\username\AppData\Roaming).

  • Replicated the .py file

Picture 1

It then adds itself to the user's Startup registry (HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run) so that it can run again when the PC is turned on.

  • In the startup registry

Picture 2

How to delete

  • Navigate to C:\Users\user\AppData\Roaming or you can type %appdata% on the top of the folder.

Picture 3

  • then delete btcClip.py

  • To delete from the registry, open up the Registry Editor for Windows and navigate to > HKEY_LOCAL_MACHINE > SOFTWARE > Microsoft > Windows > CurrentVersion > Run

  • Then right click it and delete

Owner
Nightfall
16 | Python
Nightfall
GitHub Repository
Privfiles - Encrypted file storage using Fernet with zero Javascript

Privfiles - Encrypted file storage using Fernet with zero Javascript Source code for the onion service: l3n6v6dm63frml22tlmzacnasvp7co7wylu4hhcs34ukxe

5 Jul 30, 2022
offline half-random brute force script for Ethereum private keys

eth200swinger offline half-random brute force script for Ethereum private keys, goes from the beginning to end of range and vice versa, saves any foun

2 Oct 06, 2022
Using with Jupyter making live crypto currency action

Make-Live-Crypto-Currency-With-Python Using with Jupyter making live crypto currency action 1.Note: 💣 You must Create a Binance account and also clic

Mahmut Can Gönül 5 Dec 13, 2021
wdepy: Decryption and Inspection for PGP WDE Disks

This is a small python tool to inspect and decrypt disk images encrypted with PGP Whole Disk Encryption (including the Symantec-branded versions like Symantec Drive Encryption). It takes advantage of

Brendan Dolan-Gavitt 17 Oct 07, 2022
Advanced Digital Envelope System Using Cryptography Techniques (Encryption & Decryption)

Advanced-Digital-Envelope-System Advanced Digital Envelope System Using Cryptography Encryption Techniques The digital envelope system is the techniqu

NelakurthiSudheer 2 Jan 03, 2022
Deribit_Algo_Project_Python - Deribit algo project written in python trading crypto futures

This is a Algo/script trading for Deribit. You need an account with deribit, to

24 Jan 09, 2023
Tracking (of choice) cryptocurrencies' daily prices and moving average.

Crypto-price-moving_average Tracking (of choice) cryptocurrencies' daily prices and moving average. About Alpha Vantage The Alpha Vantage library (htt

Thong Huynh 2 Jan 22, 2022
Bot to trade crypto trading ranges

crypto-trading-bot Crypto bot with DCA or GRID trading strategy Sends notifictions to telegram chat Crypto bot with webhook feature which can be used

3 Jun 18, 2021
Quant & Systematic Crypto Research Tools

qsec Quant & Systematic Crypto Research Tools --WORK IN PROGRESS-- This repo is a collection of research tools to help in exploring and building sys

Darren Smith 3 Jul 12, 2022
Bombcrypto-robot - Python bot to automate BombCrypto game. Updated 01.02.2022

About: This is an open-source bot, the code is open for anyone to see, fork and

LarkoPa 120 Apr 15, 2022
Python Cryptocurrency with stealth addresses

Python Cryptocurrency with stealth addresses. Goal is to have create a cryptocurency that hides transactions totally. I.E. Cant see ammount sent, to who, or from who.

3 Aug 04, 2022
Simple python crypto bot to trade crypto on Binance based on RSI. Utilizing web sockets to get real-time prices

Py Crypto Bot Using Binance WebSocket API to get real-time price data for cryptocurrencies. Using the TA-Lib library to calculate the RSI and execute

Kennedy Ngugi Mwaura 15 Jan 04, 2023
Blockchain online Voting System

decentralized-voting-system A decentralized voting system where a user can walk into a government authorized center (Ex- banks, telecom companies etc.

Mahima Arora 1 Dec 28, 2021
A Python library to wrap age and minisign to provide key management, encryption/decryption and signing/verification functionality.

A Python library to wrap age and minisign to provide key management, encryption/decryption and signing/verification functionality.

Vinay Sajip 3 Feb 01, 2022
a BTC mining program based on python3

BTC-Miner a BTC mining program based on python3 Our project refers to the nightminer project by ricmoo, which is written in Python2 (https://github.co

6 Jul 31, 2022
An BlockChain Based solution for storing the medical records

Blockchain-based Medical Records 📄 Abstract Blockchain has the ability to keep an incorruptible, decentralized, and transparent log of all patient da

Yuvraj Singh Deora 3 Jan 14, 2022
Hide secret texts inside an image, optionally encrypt them with a password using AES-256.

Hide secret texts/messages inside an image. You can optionally encrypt your texts with a password using AES-256 before encoding into the image.

Teja Swaroop 97 Dec 29, 2022
XMRiGUI is free and open-source crypto miner for Linux. It uses XMRig for mining and GTK3 for GUI.

XMRiGUI is free and open-source crypto miner for Linux. It uses XMRig for mining and GTK3 for GUI.

29 Jul 07, 2022
Meraki-apiv0-audit - CLI application that will export all Meraki Dashboard v0 API calls for one, multiple, or all Meraki Dashboard Organizations

Meraki Audit v0 API Requests (v0audit.py) (Note: this API key belongs to the Mer

Zach Brewer 1 Feb 18, 2022
A self-contained cryptographic library for Python

PyCryptodome PyCryptodome is a self-contained Python package of low-level cryptographic primitives. It supports Python 2.7, Python 3.4 and newer, and

Helder Eijs 2.2k Jan 08, 2023