RAT (remote access trojan) that is deeply obfuscated and seeks to replace wallet addresses in clipboard with its own bad addresses.

just found out about this today, tho it seems to have been active since 2019/2020 (known as vipersoftx then, now as backendsoft). you can read more about it here: https://www.fortinet.com/blog/threat-research/vipersoftx-new-javascript-threat

also a good breakdown of the modern iteration of this malware here: https://youtu.be/k-nFdF5FEwA

submitted by /u/BabyLizard
[link] [comments]