Microsoft has discovered a new piece of malware designed to steal cryptocurrency, according to Ars Technica.
The malware, called Crypto Clipper, is described as a lightweight backdoor — a small, stealthy program that quietly gives attackers a foothold on an infected machine. Its purpose, per the Ars Technica report, is to siphon off victims' cryptocurrency.
Two details make this discovery notable. First, Crypto Clipper is self-propagating and spreads over USB, meaning it can hop from one computer to another through plugged-in drives rather than relying solely on a victim clicking a malicious link or email attachment. That ability to move on its own makes it harder to contain once it reaches an environment.
Second, the malware communicates over Tor, the anonymizing network better known for masking web browsing. By routing its traffic through Tor, Crypto Clipper can hide where it is sending stolen data and receiving instructions, making the attackers behind it much harder to trace and the activity harder for defenders to spot.
Aars Technica characterizes the find as a new strain of self-propagating malware built specifically for stealing cryptocurrency.
Why it matters: cryptocurrency transactions are effectively irreversible, so malware that quietly diverts funds can cause permanent losses — and a threat that spreads on its own through USB drives while hiding its tracks over Tor is exactly the kind of quiet, hard-to-detect tool that can do damage long before anyone notices.