MistTrack, a prominent cybersecurity firm, has recently uncovered a new threat in the cryptocurrency space that targets users’ wallets through a sophisticated hijacking exploit embedded within a printer driver.
According to a recent post by MistTrack, the backdoor program disguised within an official printer driver is capable of intercepting users’ clipboard activity, replacing any copied crypto wallet address with that of the attacker. This sneaky tactic allows the malicious actor to redirect cryptocurrency transactions to their own wallet, ultimately leading to the theft of funds.
On-chain data provided by MistTrack reveals that the attacker has already siphoned off 9.3086 Bitcoin (BTC) from multiple on-chain addresses, amounting to nearly $1 million at current prices. The crypto wallet address associated with the exploit has been active since April 22, 2016, with its most recent transaction recorded on March 14, 2024, and is linked to various crypto exchanges.
The modus operandi of this exploit involves the installation of malware through seemingly legitimate programs, such as printer drivers, on users’ devices. Once installed, the malicious driver monitors the clipboard for crypto wallet addresses. When a user copies a wallet address to initiate a transaction, the malware swiftly replaces it with the attacker’s address. Consequently, the unsuspecting user unknowingly sends funds to the attacker instead of the intended recipient.
This method of attack is not entirely new, as a similar exploit named MassJacker was previously identified by CyberArk in March 2025. MassJacker utilized over 750,000 unique addresses to reroute cryptocurrency transactions to the attacker’s wallets, resulting in the unauthorized transfer of funds. Unlike the printer driver exploit, MassJacker infiltrated devices through pirated and cracked software downloaded from unofficial sources.
In light of these emerging threats, it is crucial for users to exercise caution when installing software and to regularly update their security measures to mitigate the risk of falling victim to such sophisticated cyber attacks. Stay vigilant and stay informed to safeguard your digital assets in the ever-evolving landscape of cryptocurrency security.