Bitcoin Clipper malware made in Python.

Related tags

Cryptographypython-malware-analysisbitcoin-clipperpython-malwarebtc-clipper
Overview

BTC-Clipper | PROOF OF CONCEPT

THIS TOOL SHOULD ONLY BE USED FOR EDUCATIONAL PURPOSES ONLY

About

a BTC Clipper or a "Bitcoin Clipper" is a type of malware designed to target cryptocurrency transactions.

It operates by replacing the recipient cryptocurrency wallet addresses with ones owned by the cyber criminals. This tool demonstrates how certain cyber criminals redirect cryptocurrency transactions by replacing clipboard data. When users copy the addresses of cryptowallets that they wish to use to transfer bitcoin to, the copied information is stealthily replaced by the attacker's.

When the clipboard data is pasted, the addresses belong to the criminals' cryptocurrency wallets instead of being the cryptocurrency wallet for the intended recipient.

This is a project created to make it easier for malware analysts or ordinary users to understand how Bitcoin clippers work and can be used for analysis, research, reverse engineering, or review.

Please be sure to know what you're doing (such as knowing how to remove it) because when the .py file is run because it does modify some stuff in your system such as your Startup registry.

Demonstration

gif video (1)

Features

  • AUTO STARTUP (PATH FOR .py + REGISTRY ENTRY)
  • SELF DESTRUCT
  • REPLICATE AND HIDE
  • No external Python modules required
  • Add self destruct message

How to use

  • Change BTC_ADDRESS to wallet address.
  • Change self destruct message
  • Run -> python btcClip.py

How it works

When the .py file is run it automatically self destructs and replicates itself to the user's %APPDATA% folder (C:\Users\username\AppData\Roaming).

  • Replicated the .py file

Picture 1

It then adds itself to the user's Startup registry (HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run) so that it can run again when the PC is turned on.

  • In the startup registry

Picture 2

How to delete

  • Navigate to C:\Users\user\AppData\Roaming or you can type %appdata% on the top of the folder.

Picture 3

  • then delete btcClip.py

  • To delete from the registry, open up the Registry Editor for Windows and navigate to > HKEY_LOCAL_MACHINE > SOFTWARE > Microsoft > Windows > CurrentVersion > Run

  • Then right click it and delete

Owner
Nightfall
16 | Python
Nightfall
GitHub Repository
Simple one-time pad (OTP) encryption

Introduction What you will make In this resource you will learn how to create and use an encryption technique known as the one-time pad. This method o

Rabih ND 6 Nov 06, 2022
Pythonic Smart Contract Language for the EVM

Introduction orfipy is a tool written in python/cython to extract ORFs in an extremely and fast and flexible manner. Other popular ORF searching tools

Vyper 4.4k Dec 30, 2022
Generate Random ETH addresses and Private Keys and Saved to file.

ethgen.py Generate Random ETH addresses and Private Keys and Saved to file. ETH address the file is stored in ETH-address.txt. ETH private keys the fi

deanondroid 2 Dec 21, 2021
A repository for Algogenous Smart Contracts created on the Algorand Blockchain.

Smart Contacts This Repository is dedicated to code for Alogrand Smart Contracts using Choice Coin. Read Docs for how to implement Algogenous Smart Co

Choice Coin 3 Dec 20, 2022
Quick and dirty script to fix MD5 hashes in poetry.lock file

fix-poetry-md5-hash Quick and dirty script to fix MD5 hashes in poetry.lock file. Usage: poetry run fix-poetry-md5-hash

2 Apr 20, 2022
Kyrie Eleison - The best and unique way to encrypt some data or a file safely

Encrypt your important data and files easily and safely with Kyrie Eleison.

Billy 39 Oct 27, 2022
Algo-burner - Burner account for the Algorand blockchain

algo-burner Burner address for Algorand's blockchain Apparently it was a problem

1 Jan 12, 2022
A bot written in Python to automatically buy tokens on the Binance Smart Chain as soon as liquidity is provided

A bot written in Python to automatically buy tokens on the Binance Smart Chain as soon as liquidity is provided. If you’ve found this bot useful and have profited from it please consider donating any

473 Dec 25, 2022
dashboard to track crypto prices and change via the coinmarketcap APIs

crypto-dashboard Dashboard to track crypto prices and change via the coinmarketcap APIs. Uses chart.js and ag-grid. Requirements: python 3 (was writte

4 Nov 09, 2021
A Python library to wrap age and minisign to provide key management, encryption/decryption and signing/verification functionality.

A Python library to wrap age and minisign to provide key management, encryption/decryption and signing/verification functionality.

Vinay Sajip 3 Feb 01, 2022
PySETO is a PASETO (Platform-Agnostic SEcurity TOkens) implementation written in Python

A Python implementation of PASETO.

Ajitomi, Daisuke 33 Dec 17, 2022
Encrypt Your Script Python

EncryptScritpPY Encrypt Your Script Python This Script For Encrypt Your File Python Tutorial Install [+] Open Termnal [+] Type: git clone https://gith

1 Oct 07, 2021
Quant & Systematic Crypto Research Tools

qsec Quant & Systematic Crypto Research Tools --WORK IN PROGRESS-- This repo is a collection of research tools to help in exploring and building sys

Darren Smith 3 Jul 12, 2022
Aza this is a text encryption software

Aza text encryptor General info Aza this is a text encryption software Help command: python aza.py --help Examples python aza.py --text "Sample text h

ToxidWorm 1 Sep 10, 2022
Generate simple encrypted messages!

Premio's Shift is a very simple text encryption, you can use it to send secret messages to your friends. Table of Content Table of Content How it work

Peterson Adami Candido 3 Aug 06, 2021
Freqtrade is a free and open source crypto trading bot written in Python

Freqtrade is a free and open source crypto trading bot written in Python. It is designed to support all major exchanges and be controlled via Telegram. It contains backtesting, plotting and money man

20.2k Jan 07, 2023
Connects to an active BitCoin Peer and communicates in order to locate a specific block number (height)

BitCoin-Peer-Client Connects to an active BitCoin Peer, and locates a predetermined block number (height) by downloading block headers. Once required

Henry Song 1 Jan 16, 2022
Fully configurable automated python script to collect most visted pages based on google dork

Ranked pages collector Fully configurable automated python script to collect most visted pages based on google dork Usage This project is still under

Security Analyzer 9 Sep 10, 2022
A tool used to encrypt Python scripts version < 2.7 and version < 3.9

A tool used to encrypt Python scripts version 2.7 and version 3.9

Fajar Kim 1 Dec 14, 2021
Pool funds to bootstrap a Uniswap pair

Seed liquidity A contract to pool funds which are then used to boostrap a new Uniswap liquidity pair. Specification A new SeedLiquidity contract is de

66 Dec 09, 2022