Lumaktaw patungo sa pangunahing content

Clipboard hacking

Does this article need to be translated?

Contribute to the Help Center

Submit translations, corrections, and suggestions on GitHub, or reach out on our Community forums.

info

Clipboard hacks vs Keylogging attacks

Clipboard hacks have a closely related cousin in keylogging. Rather than just focusing on your clipboard, keyloggers allow bad actors to monitor every single keystroke on your computer. For more information, see this thorough post by one of our Community admins.

What is clipboard hacking?

The good news is that clipboard hacking does not mean you now need to be suspicious of people bearing clipboards. The bad news is that it is a genuine and insidious method for stealing your crypto.

As they are hexadecimal (base16) and are many characters long, crypto wallet addresses do not lend themselves to being memorised or typed in manually, just as you would type in an email or username.

Enter copy and paste, the unsung hero of crypto transactions. Many wallets and exchanges, including MetaMask, include built-in 'copy' or 'copy to clipboard' shortcuts that allow you to copy your wallet address with a single click. These features smooth the process of pasting into a third-party site to which you may be transferring tokens, for example.

Clipboard hacking exploits the copy and paste function to rob you. Rather than relying on users' inexperience or exploiting their trust, malicious actors will create and disseminate malware.

Once this malware has infected your computer, most likely hidden within a seemingly innocuous download, it will automatically intercept your clipboard, scan for crypto addresses, and, if it identifies one, replace it with their own. So by the time you hit paste, your address has been replaced, and you will be about to send your transaction to the hacker(s).

Naturally, as blockchain transactions are irreversible, there is no way to retrieve your funds once they are sent.

How can I protect myself?

A logical first port of call is to ensure you have robust anti-malware software installed, and keep it updated. Your software should identify most potential clipboard hacking malware programs, notify you, and quarantine them before they can affect your crypto activity. For more hardware/software security recommendations, see this excellent list of suggestions by one of our admins on the MetaMask Community page. It relates specifically to keyloggers, but the same principles will apply.

However, since there is a possibility that your anti-malware software may not detect the program, the only way to be safe is to double- and triple-check addresses before you confirm any transaction. Some hardware wallets may prompt you to do this anyway, but as transactions are irreversible, it is a worthwhile habit to adopt.

See here for more details on what you can do if you suspect you're the victim of a clipboard hack.