2023-04-21 13:25:09 +00:00
{
2023-12-14 14:30:15 +00:00
"Event" : {
"analysis" : "2" ,
"date" : "2018-06-15" ,
"extends_uuid" : "" ,
"info" : "Clipboard Hijacker Targeting Bitcoin & Ethereum Users Infects Over 300,0000 PCs" ,
"publish_timestamp" : "1540717301" ,
"published" : true ,
"threat_level_id" : "3" ,
"timestamp" : "1540557811" ,
"uuid" : "5b276228-9270-42f9-9ecd-4a81950d210f" ,
"Orgc" : {
"name" : "CIRCL" ,
"uuid" : "55f6ea5e-2c60-40e5-964f-47a8950d210f"
} ,
"Tag" : [
{
"colour" : "#ffffff" ,
2024-04-05 12:15:17 +00:00
"local" : false ,
2023-12-14 14:30:15 +00:00
"name" : "tlp:white" ,
"relationship_type" : ""
} ,
{
"colour" : "#3a7300" ,
2024-04-05 12:15:17 +00:00
"local" : false ,
2023-12-14 14:30:15 +00:00
"name" : "circl:incident-classification=\"malware\"" ,
"relationship_type" : ""
} ,
{
"colour" : "#00223b" ,
2024-04-05 12:15:17 +00:00
"local" : false ,
2023-12-14 14:30:15 +00:00
"name" : "osint:source-type=\"blog-post\"" ,
"relationship_type" : ""
} ,
{
"colour" : "#0088cc" ,
2024-04-05 12:15:17 +00:00
"local" : false ,
2023-12-14 14:30:15 +00:00
"name" : "misp-galaxy:tool=\"ClipboardWalletHijacker\"" ,
"relationship_type" : ""
}
] ,
"Attribute" : [
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1529308093" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "5b27626a-0b5c-499f-b32c-49fa950d210f" ,
"value" : "https://www.bleepingcomputer.com/news/security/clipboard-hijacker-targeting-bitcoin-and-ethereum-users-infects-over-300-0000-pcs/" ,
"Tag" : [
{
"colour" : "#00223b" ,
2024-04-05 12:15:17 +00:00
"local" : false ,
2023-12-14 14:30:15 +00:00
"name" : "osint:source-type=\"blog-post\"" ,
"relationship_type" : ""
}
]
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1529308069" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "5b276289-7e74-4cd5-b56c-46f1950d210f" ,
"value" : "A malware campaign spreading a clipboard hijacker has infected over 300,000 computers, according to Chinese security firm Qihoo 360 Total Security.\r\n\r\nThe campaign has been raging for the past week and has spread a malware which Qihoo researchers have named ClipboardWalletHijacker." ,
"Tag" : [
{
"colour" : "#00223b" ,
2024-04-05 12:15:17 +00:00
"local" : false ,
2023-12-14 14:30:15 +00:00
"name" : "osint:source-type=\"blog-post\"" ,
"relationship_type" : ""
}
]
} ,
{
"category" : "External analysis" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"timestamp" : "1529308085" ,
"to_ids" : false ,
"type" : "link" ,
"uuid" : "5b2763ad-40a8-46e2-8bb1-41de950d210f" ,
"value" : "https://blog.360totalsecurity.com/en/new-cryptominer-hijacks-your-bitcoin-transaction-over-300000-computers-have-been-attacked/" ,
"Tag" : [
{
"colour" : "#00223b" ,
2024-04-05 12:15:17 +00:00
"local" : false ,
2023-12-14 14:30:15 +00:00
"name" : "osint:source-type=\"blog-post\"" ,
"relationship_type" : ""
}
]
}
] ,
"Object" : [
{
"comment" : "" ,
"deleted" : false ,
"description" : "An address used in a cryptocurrency" ,
"meta-category" : "financial" ,
"name" : "coin-address" ,
"template_uuid" : "d0e6997e-78da-4815-a6a1-cfc1c1cb8a46" ,
"template_version" : "2" ,
"timestamp" : "1529308177" ,
"uuid" : "5b276411-7dc4-47d6-a36f-4f00950d210f" ,
"Attribute" : [
{
"category" : "Financial fraud" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "address" ,
"timestamp" : "1529308177" ,
"to_ids" : true ,
"type" : "btc" ,
"uuid" : "5b276411-8e78-4250-9cf9-4eac950d210f" ,
"value" : "1FoSfmjZJFqFSsD2cGXuccM9QMMa28Wrn1"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "symbol" ,
"timestamp" : "1529308178" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "5b276412-dc58-4d1f-9245-4b23950d210f" ,
"value" : "BTC"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "An address used in a cryptocurrency" ,
"meta-category" : "financial" ,
"name" : "coin-address" ,
"template_uuid" : "d0e6997e-78da-4815-a6a1-cfc1c1cb8a46" ,
"template_version" : "2" ,
"timestamp" : "1529308195" ,
"uuid" : "5b276423-15a8-4e24-b174-438e950d210f" ,
"Attribute" : [
{
"category" : "Financial fraud" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "address" ,
"timestamp" : "1529308195" ,
"to_ids" : true ,
"type" : "btc" ,
"uuid" : "5b276423-890c-4166-8773-44f7950d210f" ,
"value" : "19gdjoWaE8i9XPbWoDbixev99MvvXUSNZL"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "symbol" ,
"timestamp" : "1529308196" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "5b276424-4524-40c1-bf1e-4981950d210f" ,
"value" : "BTC"
}
]
} ,
{
"comment" : "" ,
"deleted" : false ,
"description" : "An address used in a cryptocurrency" ,
"meta-category" : "financial" ,
"name" : "coin-address" ,
"template_uuid" : "d0e6997e-78da-4815-a6a1-cfc1c1cb8a46" ,
"template_version" : "2" ,
"timestamp" : "1529308212" ,
"uuid" : "5b276434-a5e4-4b4e-b566-439f950d210f" ,
"Attribute" : [
{
"category" : "Financial fraud" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "address" ,
"timestamp" : "1529308212" ,
"to_ids" : true ,
"type" : "btc" ,
"uuid" : "5b276434-6aa4-48ba-a645-46ad950d210f" ,
"value" : "0x004D3416DA40338fAf9E772388A93fAF5059bFd5"
} ,
{
"category" : "Other" ,
"comment" : "" ,
"deleted" : false ,
"disable_correlation" : false ,
"object_relation" : "symbol" ,
"timestamp" : "1529308213" ,
"to_ids" : false ,
"type" : "text" ,
"uuid" : "5b276435-acbc-483c-bce3-4845950d210f" ,
"value" : "ETH"
}
]
}
2023-04-21 13:25:09 +00:00
]
2023-12-14 14:30:15 +00:00
}
2023-04-21 13:25:09 +00:00
}