Our support team has received several reports of a new virus affecting some bitcoin purchases. While we have no reason to believe that the virus is widespread, we wanted to notify bitcoin users to be on the lookout. In this post, we offer some tips for recognizing and avoiding the Trojan.Coinbitclip virus.
The Trojan.Coinbitclip virus attacks a computer's clipboard. When the bitcoin user copies and pastes the bitcoin address of his intended recipient, the valid bitcoin address is changed to a bitcoin address controlled by the attacker who introduced the virus. The attacker's bitcoin address (which often looks very similar to the original address) receives the funds.
This virus has not compromised any wallets or payment systems. Instead, it's introduced into Windows computers through malicious software or email attachments.
Symantec assembled a thorough report on other characteristics of the virus and the steps you can take to prevent it. As with cash, bitcoin payments cannot be reversed. That means it's especially important to do regular security checkups on the devices you use to hold and spend bitcoin.
In the meantime, if you have reason to believe that one or more of your devices has been infected (you've sent a bitcoin payment which did not arrive to its intended destination), please take the precaution to review your payment details before sending. With some extra attention to detail, it's possible to spot this attack every time.