This news highlights a sophisticated malware campaign targeting holders of various cryptocurrencies, including xrp, eth, and btc. while concerning for users, the direct impact on the price of these major cryptocurrencies is likely to be minimal as the attack targets individual users and their wallets, rather than the underlying network infrastructure or overall market sentiment. security vulnerabilities and scams are a recurring theme in the crypto space and are generally priced in by the market.
The news focuses on a security threat affecting individual users, not a fundamental change in the technology or adoption of xrp, eth, or btc. while users should be cautious, this type of news typically does not cause significant price movements for the broader market. it may lead to temporary increased caution among traders, but it's unlikely to shift the overall price trajectory.
The immediate aftermath of such news might see a slight dip in trading activity as users become more vigilant. however, the market tends to absorb security-related incidents relatively quickly, especially when they affect individual users rather than the core functioning of the blockchain.
Cover image via depositphotos.com The "Google Notes" disguise Server-side wallet mapping Advertisement Cybersecurity researchers at McAfee Advanced Threat Research have uncovered an extremely sophisticated cryptocurrency-stealing malware campaign dubbed "Silent Swap." It relies on a malicious browser extension to intercept and modify user clipboards and then swap legitimate cryptocurrency wallet addresses with fake ones. The bad actors are hunting for Bitcoin (BTC), Ethereum (ETH), XRP, Bitcoin Cash, Dash, as well as other cryptocurrencies. HOT Stories Holders of XRP, ETH, BTC, and Other Tokens Targeted in New Malware Campaign 2.6T Shiba Inu (SHIB) Exits to On-Chain Ahead of Q3; 3-Month Trend Saves XRP at $1, Citi Slashes Bitcoin Price Target by 27% Because of AI - Morning Crypto Report Silent Swap is different from primitive "crypto clippers" due to its alarming level of sophistication. Advertisement You Might Also Like Wed, 06/03/2026 - 05:38 Microsoft Warns of Crypto-Stealing Trojan By Alex Dovbnya The campaign relies on advanced browser manipulation, decentralized command-and-control (C2) infrastructure, and other cutting-edge techniques. The "Google Notes" disguise The infection typically begins with the victim downloading unsigned .NET or Golang installers. They are often disguised as free or cracked versions of legitimate software. Advertisement The installer then deploys a malicious extension that masquerades as a benign "Google Notes" application. By tampering with the browser's configuration files, Silent Swap forcibly sideloads itself into Chromium-based browsers, including Google Chrome, Microsoft Edge, Brave, and Opera Normally, Chromium browsers store security verification data. Silent Swap bypasses this defense by recalculating and updating these security values after injecting its code. The "Google Notes" extension, which gets installed by uninitiated victims, grants itself invasive permissions. Server-side wallet mapping As soon as the extension detects a copied address matching the regex patterns for BTC, ETH, XRP, Bitcoin Cash, or Dash, it does not use a hardcoded replacement. Instead, it queries the attacker's backend server. The malicious actors behind Silent Swap also do not hardcode their command-and-control (C2) domains into the malware. Instead, they utilize a technique known as "EtherHiding." Silent Swap has a globally distributed infection footprint, with a particularly high concentration of victims in India. #XRP News #Bitcoin Cash News #Cryptocurrency Crime