Copycat websites for popular instant messaging services like Telegram and WhatApp are being used to spread malware known as cryptocurrency clipper that infects users on Android and Windows devices.
“All of them are chasing victims’ cryptocurrency funds, with some targeting cryptocurrency wallets,” ESET researchers Lukáš Štefanko and Peter Strýček said in a recent report. Although clipper malware initially appeared on the Google Play Store in 2019, this development represents the debut of Android-based clipper malware in instant messaging apps.