Bitcoin Clipper malware made in Python.

Related tags

Cryptographypython-malware-analysisbitcoin-clipperpython-malwarebtc-clipper
Overview

BTC-Clipper | PROOF OF CONCEPT

THIS TOOL SHOULD ONLY BE USED FOR EDUCATIONAL PURPOSES ONLY

About

a BTC Clipper or a "Bitcoin Clipper" is a type of malware designed to target cryptocurrency transactions.

It operates by replacing the recipient cryptocurrency wallet addresses with ones owned by the cyber criminals. This tool demonstrates how certain cyber criminals redirect cryptocurrency transactions by replacing clipboard data. When users copy the addresses of cryptowallets that they wish to use to transfer bitcoin to, the copied information is stealthily replaced by the attacker's.

When the clipboard data is pasted, the addresses belong to the criminals' cryptocurrency wallets instead of being the cryptocurrency wallet for the intended recipient.

This is a project created to make it easier for malware analysts or ordinary users to understand how Bitcoin clippers work and can be used for analysis, research, reverse engineering, or review.

Please be sure to know what you're doing (such as knowing how to remove it) because when the .py file is run because it does modify some stuff in your system such as your Startup registry.

Demonstration

gif video (1)

Features

  • AUTO STARTUP (PATH FOR .py + REGISTRY ENTRY)
  • SELF DESTRUCT
  • REPLICATE AND HIDE
  • No external Python modules required
  • Add self destruct message

How to use

  • Change BTC_ADDRESS to wallet address.
  • Change self destruct message
  • Run -> python btcClip.py

How it works

When the .py file is run it automatically self destructs and replicates itself to the user's %APPDATA% folder (C:\Users\username\AppData\Roaming).

  • Replicated the .py file

Picture 1

It then adds itself to the user's Startup registry (HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run) so that it can run again when the PC is turned on.

  • In the startup registry

Picture 2

How to delete

  • Navigate to C:\Users\user\AppData\Roaming or you can type %appdata% on the top of the folder.

Picture 3

  • then delete btcClip.py

  • To delete from the registry, open up the Registry Editor for Windows and navigate to > HKEY_LOCAL_MACHINE > SOFTWARE > Microsoft > Windows > CurrentVersion > Run

  • Then right click it and delete

Owner
Nightfall
16 | Python
Nightfall
GitHub Repository
Kyrie Eleison - The best and unique way to encrypt some data or a file safely

Encrypt your important data and files easily and safely with Kyrie Eleison.

Billy 39 Oct 27, 2022
A tool used to encrypt Python scripts version < 2.7 and version < 3.9

A tool used to encrypt Python scripts version 2.7 and version 3.9

Fajar Kim 1 Dec 14, 2021
Basic Ethereum Miner Lib

EthMine ⛏ Basic Ethereum Miner Library. Developers can integrate this algorithm to mine blocks from their ethereum supported chain efficiently. Instal

Jaival Patel 1 Oct 30, 2021
Version three of the Accounting Project. You can now connect multiple computers together who are on the same IP (I'm sure I could set it up so it would work on different IP's) and add to a distributed ledger verified by blockchain.

Accounting_Cycle_V3 As I talked about in the second iteration of the accoutning project, I was going to add networking capabilities to the project. Re

J. Brandon Walker 1 May 13, 2022
The (Python-based) mining software required for the Nintendo Switch mining project.

ntgbtminer - Nintendo Switch edition This is a version of ntgbtminer that works with the Nintendo Switch bitcoin miner. ntgbtminer ntgbtminer is a no

4 Jun 03, 2021
This program can encrypt/ decrypt any string

Ceasar_cipher Hey this is J0ey, this program is a very basic Caesar cipher encoder/decoder. In order to use this program, you will need to have Python

1 Jan 11, 2022
Tracking (of choice) cryptocurrencies' daily prices and moving average.

Crypto-price-moving_average Tracking (of choice) cryptocurrencies' daily prices and moving average. About Alpha Vantage The Alpha Vantage library (htt

Thong Huynh 2 Jan 22, 2022
Deribit_Algo_Project_Python - Deribit algo project written in python trading crypto futures

This is a Algo/script trading for Deribit. You need an account with deribit, to

24 Jan 09, 2023
Small utility to encrypt and decrypt messages

Safe Safe is a small utility to encrypt and decrypt messages using a pair of public and private keys. Installation You need to have GPG installed in y

Gustavo Eguez 2 Dec 21, 2021
Meraki-apiv0-audit - CLI application that will export all Meraki Dashboard v0 API calls for one, multiple, or all Meraki Dashboard Organizations

Meraki Audit v0 API Requests (v0audit.py) (Note: this API key belongs to the Mer

Zach Brewer 1 Feb 18, 2022
Python wrapper for the Equibles cryptos API.

Equibles Cryptos API for Python Requirements. Python 2.7 and 3.4+ Installation & Usage pip install If the python package is hosted on Github, you can

Equibles 1 Feb 02, 2022
blockchain address database

Blockchain Address Ownership Database The database is in data/addresses.db This is a SQLite database of addresses from several blockchains. It's obtai

37 Nov 26, 2022
An extreme encryption for everyone, encrypt your text before sending to anyone.

An extreme encryption for everyone, encrypt your text before sending to anyone. Alphabets and numbers are going to be encrypted like a hell

Saad 6 Oct 28, 2022
Generate bitcoin public and private keys and check if they match a filelist of existing addresses that have a nonzero balance

btc-heist Running Install deps, i.e., python3 -m pip install -r requirements.txt Download the CSV dump of all bitcoin addresses with a balance and cut

Denis Khoshaba 103 Dec 05, 2022
⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡

⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡

11.2k Jan 09, 2023
PyBeacon is a collection of scripts for dealing with Cobalt Strike's encrypted traffic.

PyBeacon is a collection of scripts for dealing with Cobalt Strike's encrypted traffic. It can encrypt/decrypt beacon metadata, as well as pa

NCC Group Plc 162 Dec 21, 2022
Learn Blockchains by Building One, A simple Blockchain in Python using Flask as a micro web framework.

Blockchain ✨ Learn Blockchains by Building One Yourself Installation Make sure Python 3.6+ is installed. Install Flask Web Framework. Clone this repos

Vaibhaw 46 Jan 05, 2023
Simple python crypto bot to trade crypto on Binance based on RSI. Utilizing web sockets to get real-time prices

Py Crypto Bot Using Binance WebSocket API to get real-time price data for cryptocurrencies. Using the TA-Lib library to calculate the RSI and execute

Kennedy Ngugi Mwaura 15 Jan 04, 2023
A crypto wallet to send bnb and ether coin using web3.py and moralis speedy node

A crypto wallet to send bnb and ether coin using web3.py and moralis speedy node

Ciscoquan 3 Aug 16, 2022
Stai Beta Of Staiking Chain - Food, Water And Electricity - Worldwide

Stai Beta Of Staiking Chain - Food, Water And Electricity - Worldwide

STATION-I 2 Feb 05, 2022