Not-so-private messaging: Trojanized WhatsApp and Telegram apps go after cryptocurrency wallets
ESET researchers have discovered dozens of copycat Telegram and WhatsApp websites targeting mainly Android and Windows users with trojanized versions of these instant messaging apps. These malicious apps are clippers, which steal or modify the contents of the clipboard, and are after victims’ cryptocurrency funds. The malware can switch the cryptocurrency wallet addresses the victim sends in chat messages for addresses belonging to the attacker, and some of the clippers abuse optical character recognition to extract text from screenshots and steal cryptocurrency wallet recovery phrases. In addition to clippers, remote access trojans (RATs) were also found bundled with malicious Windows versions of WhatsApp and Telegram. Malware: Clipper [View Article](https://www.welivesecurity.com/2023/03/16/not-so-private-messaging-trojanized-whatsapp-telegram-cryptocurrency-wallets/)