XRP and BTC Among Coins Targeted in New Malware Campaign

XRP and BTC Among Coins Targeted in New Malware Campaign

Source: UToday

Published:2026-07-01 20:00

BTC Price:$60010.2

#xrp #btc #cryptosecurity

Analysis

Price Impact

Med

The malware targets several cryptocurrencies by swapping wallet addresses. while sophisticated, it targets specific actions within a user's browser, so the direct impact on the overall market price of xrp or btc might be limited. however, it could lead to a decrease in user confidence and potentially a slight selling pressure if widespread.

Trustworthiness

High

Price Direction

Bearish

Malware campaigns that steal funds can erode investor confidence. users might become more cautious, leading to reduced trading activity or even selling pressure on the affected assets, particularly if they perceive their holdings to be at risk.

Time Effect

Short

The immediate impact of such news tends to be felt in the short term as traders react to the security risk. if the campaign is contained or mitigated quickly, the price effect may diminish.

Original Article:

Article Content:

Cover image via depositphotos.com The "Google Notes" disguise Server-side wallet mapping Advertisement Cybersecurity researchers at McAfee Advanced Threat Research have uncovered an extremely sophisticated cryptocurrency-stealing malware campaign dubbed "Silent Swap." It relies on a malicious browser extension to intercept and modify user clipboards and then swap legitimate cryptocurrency wallet addresses with fake ones. The bad actors are hunting for Bitcoin (BTC), Ethereum (ETH), XRP, Bitcoin Cash, Dash, as well as other cryptocurrencies. HOT Stories 2.6T Shiba Inu (SHIB) Exits to On-Chain Ahead of Q3; 3-Month Trend Saves XRP at $1, Citi Slashes Bitcoin Price Target by 27% Because of AI - Morning Crypto Report Bitcoin (BTC), Stellar (XLM), XRP and Hyperliquid (HYPE) Price Analysis for July 1: Market Must Regain the Foundation Silent Swap is different from primitive "crypto clippers" due to its alarming level of sophistication. Advertisement You Might Also Like Wed, 06/03/2026 - 05:38 Microsoft Warns of Crypto-Stealing Trojan By Alex Dovbnya The campaign relies on advanced browser manipulation, decentralized command-and-control (C2) infrastructure, and other cutting-edge techniques. The "Google Notes" disguise The infection typically begins with the victim downloading unsigned .NET or Golang installers. They are often disguised as free or cracked versions of legitimate software. Advertisement The installer then deploys a malicious extension that masquerades as a benign "Google Notes" application. By tampering with the browser's configuration files, Silent Swap forcibly sideloads itself into Chromium-based browsers, including Google Chrome, Microsoft Edge, Brave, and Opera Normally, Chromium browsers store security verification data. Silent Swap bypasses this defense by recalculating and updating these security values after injecting its code. The "Google Notes" extension, which gets installed by uninitiated victims, grants itself invasive permissions. Server-side wallet mapping As soon as the extension detects a copied address matching the regex patterns for BTC, ETH, XRP, Bitcoin Cash, or Dash, it does not use a hardcoded replacement. Instead, it queries the attacker's backend server. The malicious actors behind Silent Swap also do not hardcode their command-and-control (C2) domains into the malware. Instead, they utilize a technique known as "EtherHiding." Silent Swap has a globally distributed infection footprint, with a particularly high concentration of victims in India. #XRP News #Bitcoin Cash News #Cryptocurrency Crime