Microsoft has uncovered a sly new piece of malware called Crypto Clipper, which sneaks into devices via USB drives to pilfer cryptocurrency credentials. The malware leaves no digital trail by using Tor and a local proxy, making it hard for security systems to spot. Its lightweight design allows it to blend in with normal files, masquerading as innocuous .lnk files that silently install itself when plugged in.

The worm's clever clipboard monitoring means it can grab seed phrases or wallet addresses instantly. Once the credentials are nabbed, Crypto Clipper snaps five quick screenshots and sends them along with the stolen info to an attacker-controlled server using Tor’s anonymous routing. The malware is so stealthy that it even renames .lnk files on infected USB drives to avoid detection.

Microsoft warns: your USB drive could be a backdoor, a gateway for this lightweight but dangerous crypto thief. Just like the Trojan horse of old, Crypto Clipper tricks you into letting its code in under the guise of harmless data transfers.

For users and businesses handling sensitive financial information, this discovery is a stark reminder to keep your USB drives up-to-date with antivirus software and regular security checks. The world of cryptocurrency theft keeps evolving, and it’s crucial to stay vigilant against these sophisticated threats.