By Isaac • June 19, 2026 3:28 pm •
Microsoft Threat Intelligence said on June 17, 2026 that it found a Windows crypto clipper that has been hitting users since February 2026.
Microsoft Defender Antivirus flags it as Trojan:Win32/CryptoBandits.A.
This is more than an exchange breach or a smart-contract exploit. It is old-school removable-media malware aimed straight at how everyday people move coins.
The target list reads like a wallet user’s worst day: BIP39 seed phrases, Bitcoin private keys, and Ethereum private keys, the two assets sitting at the top of the market.
ALERT: @Microsoft identifies USB-spreading malware that hijacks crypto transfers by silently swapping copied wallet addresses with attacker-controlled ones before you paste. Disable AutoRun for USBs, block .lnk file execution, and always
Continue reading
Join the conversation!
Please share your thoughts about this article below. We value your opinions, and would love to see you add to the discussion!