{ "Event": { "analysis": "2", "date": "2018-06-15", "extends_uuid": "", "info": "Clipboard Hijacker Targeting Bitcoin & Ethereum Users Infects Over 300,0000 PCs", "publish_timestamp": "1540717301", "published": true, "threat_level_id": "3", "timestamp": "1540557811", "uuid": "5b276228-9270-42f9-9ecd-4a81950d210f", "Orgc": { "name": "CIRCL", "uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f" }, "Tag": [ { "colour": "#ffffff", "local": false, "name": "tlp:white", "relationship_type": "" }, { "colour": "#3a7300", "local": false, "name": "circl:incident-classification=\"malware\"", "relationship_type": "" }, { "colour": "#00223b", "local": false, "name": "osint:source-type=\"blog-post\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:tool=\"ClipboardWalletHijacker\"", "relationship_type": "" } ], "Attribute": [ { "category": "External analysis", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1529308093", "to_ids": false, "type": "link", "uuid": "5b27626a-0b5c-499f-b32c-49fa950d210f", "value": "https://www.bleepingcomputer.com/news/security/clipboard-hijacker-targeting-bitcoin-and-ethereum-users-infects-over-300-0000-pcs/", "Tag": [ { "colour": "#00223b", "local": false, "name": "osint:source-type=\"blog-post\"", "relationship_type": "" } ] }, { "category": "External analysis", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1529308069", "to_ids": false, "type": "text", "uuid": "5b276289-7e74-4cd5-b56c-46f1950d210f", "value": "A malware campaign spreading a clipboard hijacker has infected over 300,000 computers, according to Chinese security firm Qihoo 360 Total Security.\r\n\r\nThe campaign has been raging for the past week and has spread a malware which Qihoo researchers have named ClipboardWalletHijacker.", "Tag": [ { "colour": "#00223b", "local": false, "name": "osint:source-type=\"blog-post\"", "relationship_type": "" } ] }, { "category": "External analysis", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1529308085", "to_ids": false, "type": "link", "uuid": "5b2763ad-40a8-46e2-8bb1-41de950d210f", "value": "https://blog.360totalsecurity.com/en/new-cryptominer-hijacks-your-bitcoin-transaction-over-300000-computers-have-been-attacked/", "Tag": [ { "colour": "#00223b", "local": false, "name": "osint:source-type=\"blog-post\"", "relationship_type": "" } ] } ], "Object": [ { "comment": "", "deleted": false, "description": "An address used in a cryptocurrency", "meta-category": "financial", "name": "coin-address", "template_uuid": "d0e6997e-78da-4815-a6a1-cfc1c1cb8a46", "template_version": "2", "timestamp": "1529308177", "uuid": "5b276411-7dc4-47d6-a36f-4f00950d210f", "Attribute": [ { "category": "Financial fraud", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "address", "timestamp": "1529308177", "to_ids": true, "type": "btc", "uuid": "5b276411-8e78-4250-9cf9-4eac950d210f", "value": "1FoSfmjZJFqFSsD2cGXuccM9QMMa28Wrn1" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "symbol", "timestamp": "1529308178", "to_ids": false, "type": "text", "uuid": "5b276412-dc58-4d1f-9245-4b23950d210f", "value": "BTC" } ] }, { "comment": "", "deleted": false, "description": "An address used in a cryptocurrency", "meta-category": "financial", "name": "coin-address", "template_uuid": "d0e6997e-78da-4815-a6a1-cfc1c1cb8a46", "template_version": "2", "timestamp": "1529308195", "uuid": "5b276423-15a8-4e24-b174-438e950d210f", "Attribute": [ { "category": "Financial fraud", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "address", "timestamp": "1529308195", "to_ids": true, "type": "btc", "uuid": "5b276423-890c-4166-8773-44f7950d210f", "value": "19gdjoWaE8i9XPbWoDbixev99MvvXUSNZL" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "symbol", "timestamp": "1529308196", "to_ids": false, "type": "text", "uuid": "5b276424-4524-40c1-bf1e-4981950d210f", "value": "BTC" } ] }, { "comment": "", "deleted": false, "description": "An address used in a cryptocurrency", "meta-category": "financial", "name": "coin-address", "template_uuid": "d0e6997e-78da-4815-a6a1-cfc1c1cb8a46", "template_version": "2", "timestamp": "1529308212", "uuid": "5b276434-a5e4-4b4e-b566-439f950d210f", "Attribute": [ { "category": "Financial fraud", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "address", "timestamp": "1529308212", "to_ids": true, "type": "btc", "uuid": "5b276434-6aa4-48ba-a645-46ad950d210f", "value": "0x004D3416DA40338fAf9E772388A93fAF5059bFd5" }, { "category": "Other", "comment": "", "deleted": false, "disable_correlation": false, "object_relation": "symbol", "timestamp": "1529308213", "to_ids": false, "type": "text", "uuid": "5b276435-acbc-483c-bce3-4845950d210f", "value": "ETH" } ] } ] } }