1. Home
  2. VPN / Privacy

CryptoShuffler Trojan – How to Keep Your Wallet Protected

Cryptocurrencies such as Bitcoin and Ethereum are getting a lot of attention. Anyone with a powerful computer can mine these digital currencies and convert them to standard cash, a process that’s making a lot of people a lot of money. The ease of cryptocurrency mining has its drawbacks, unfortunately. One such failing is the CryptoShuffler trojan, a piece of malware that replaces a coin miner’s wallet ID so all their hard earned crypto money is funneled into someone else’s pockets.

Overview of Cryptocurrency Mining

Cryptocurrency has a well-deserved reputation for being complex and difficult to understand. While this is certainly true for the inner workings of blockchains and cryptography verification, you don’t need to be a netsec expert to mine a few digital currencies. With a computer and a simple piece of software, you can set any number of devices to peck away in the virtual mines to make a little money while you sleep.

Bitcoin is one of the most popular and certainly the best-known of all the cryptocurrencies, but there are thousands of publicly traded digital coins out there on the market. Each one works in about the same way. First, a payment takes place out of a user’s wallet, such as paying for a VPN subscription. The transaction is broadcast to the coin’s network where miners solve cryptography puzzles to verify the transaction and submit proof to the public network. That transaction is linked to other verified transactions in what is called the blockchain. Next, other miners verify that block’s integrity, and the process continues down the line. Checks and balances keep the network’s integrity intact, making cryptocurrencies an incredibly useful digital-only money that’s both easy and safe to use.

How the CryptoShuffler Trojan Works

CryptoShuffler is an insidious piece of malware that’s so simple it might make you scoff. One of the steps everyone takes when they mine bitcoins is to enter a wallet address into their software. This is the crypto equivalent of entering bank account details to get paid. Wallet addresses are long strings of numbers and letters that look like a crazy complicated password: 1Mz7153HmmUnZ3XTuR2R1t78mGSdzaAtWX. No one’s going to type that in manually; they’re just going to copy/paste it into their mining software. And that’s where CryptoShuffler steps in.

The CryptoShuffler trojan quietly sits on your computer and monitors the clipboard. When it sees a string of text that looks like a cryptocurrency wallet, it replaces it with another wallet address. If the miner isn’t paying attention all of their coins will be deposited directly into the trojan author’s account. It sounds too basic to work, but since 2016 CryptoShuffler has stolen an estimated $150,000 in bitcoin.

Do I Have the CryptoShuffler Malware?

In all likelihood your computer isn’t infected with the CryptoShuffler trojan. It’s not too common, and it only affects people who actively mine cryptocurrency. The malware doesn’t steal information or hold your device for ransom, it just quietly replaces pasted wallet addresses and collects the resulting revenue. A good virus scanner can easily detect the trojan and remove it, so don’t hesitate to fire up your anti-virus app just to be on the safe side.

How to Protect Yourself from CryptoShuffler

If you do use or mine digital coins such as Litecoin, Bitcoin, Monero, Ethereum, or Zcash, CryptoShuffler is something you should be aware of. The good news is that it’s one of the easiest viruses to detect and remove. The trojan depends on user error to function properly, so a little attention and a few precautions are all you need to keep your Bitcoin wallet safe.

Double Check Your Crypto Wallet

The easiest way to protect yourself from CryptoShuffler is to double check your wallet address after pasting it. You don’t need to memorize the entire string, just look at the first few digits when you copy, then make sure they’re the same after you paste. You can also avoid using the clipboard entirely by typing wallet addresses by hand, but any errors may lead to invalid entries or accidentally deposit the coins into someone else’s wallet.

Keep Your Anti-Virus Scanner Active

A lot of people think anti-virus programs eat up a ton of system resources and don’t need to run in the background. They couldn’t be more wrong. Active scanners check files you download and run, watching for suspicious patterns and stopping viruses in their tracks. If you disable your scanner you’re essentially inviting malware onto your system. Always keep it active, and perform regular scans to catch any sneaky viruses before they become a problem.

Install the Right Browser Extensions

Some trojans and viruses are delivered through scripts that run in your browser. Most of them depend on users clicking fake links or running certain programs while connected, but there are others that hijack forms or send you to other sites that shift malware onto your system. By installing a few trusted browser extensions, however, you can head off most of these malicious attacks before they even begin.

  • uBlock Origin – One of the best adblocking extensions around. Stops most banners, pop-ups, pop-unders, and even script-based miners from loading.
  • Privacy Badger – An incredible script blocking extension that prevents sites from running bad code or tracking you across the web.
  • HTTPS Everywhere – A security extension that forces websites to use encrypted connections to keep you safe from data leaks.

Be Careful on Torrenting Sites

Another common method of distribution for trojans is attaching them to files downloaded from P2P and torrent sites. You may think you’re downloading an app or a game, but what you’re really getting is a virus installation program. The best way to protect yourself here is to avoid downloading anything that might be pirated. Virus authors like to distribute their malware with popular cracked software, including PC games and programs like Adobe Photoshop. When you run the downloaded files the virus is quietly placed on your system, ready to attack. Stick with legitimate sources at all times and you won’t have to worry about malware stealing your Bitcoin profits.

Remove CryptoShuffler with Anti-Virus Software

Most virus scanners have long since been updated with the necessary definitions to search for, quarantine, and remove the CryptoShuffler trojan. It isn’t a stubborn virus by any means, so anti-virus programs can make quick work of it. If you keep your anti-virus app running, it should have kept you safe from this trojan making its way onto your system. You can always run a full scan just in case. Follow the steps below to check your system and remove CryptoShuffler.

  1. Open your device’s virus scanner.
  2. Find the settings page and choose “Update virus definitions
  3. Run a full system scan. This may take up to an hour.
  4. When the scan is complete your software will quarantine and remove any malware.
  5. To see if you had CryptoShuffler, check your definitions for an entry named Trojan-Banker.Win32.CryptoShuffler.gen

Stay Safe Online by Using a VPN

Cryptocurrencies are slowly leaving the niche geek world and becoming a mainstream obsession. Software companies have sprung up to provide mining services, data collection, and even Bitcoin debit cards, all of which push these currencies into the spotlight. As more stores accept crypto payments, more malicious parties will arise to take advantage of unsuspecting users.

VPNs won’t directly stop programs like CryptoShuffler, but they do provide an incredible amount of online privacy and security. Running a VPN means every piece of data that leaves your device gets encrypted, scrambling the information so no one can read it. VPNs also swap your physical IP address with a virtual one to help defeat geo-locating blocks and keep your identity safe. They’re indispensable tools in the modern digital world, and they’re extraordinarily easy to use, too.

You don’t have to tear your hair out when researching a good VPN. We’ve added a few recommended services below, all based on the following criteria. Read up on their strengths and choose the one that best suits your needs. No matter which VPN you sign up for, you’ll enjoy a safer and more private internet experience.

  • Big server network – The more servers a VPN runs, the more options you’ll have for low-latency connections.
  • High speed downloads – VPNs can be slower than unencrypted connections, which is why you need a service that focuses on speed.
  • No bandwidth restrictions – You can’t enjoy the internet if a VPN restricts how much you can download in a day.
  • Zero-logging policy – Privacy is crucial when using a VPN. If the service keeps logs, your data simply isn’t safe.

1. ExpressVPN

CryptoShuffler Trojan - How to Stay Protected - ExpressVPN

A fast connection is everything when it comes to browsing the internet. If you want to stream a movie, watch Netflix, or download large files, you need all the speed you can get. ExpressVPN is one of the fastest VPNs in the world, offering lightning-fast downloads no matter where you live. You’ll also get incredible privacy features to help you stay safe, including 256-bit AES encryption, and a zero-logging policy on traffic, DNS requests, and IP addresses!

Get started with ExpressVPN today by taking advantage of an EXCLUSIVE deal for Addictive Tips readers. Sign up for a year with ExpressVPN at $6.67 per month and get 3 months FREE! There’s also an amazing 30-day money back guarantee, just in case you’re not completely satisfied.

2. NordVPN

CryptoShuffler Trojan - How to Stay Protected - NordVPN

The size of a VPN’s network directly impacts your daily internet usage. The more servers a company offers, the more options are at your disposal. NordVPN has one of the largest networks in the business, running nearly 1,500 servers in 61 different countries. No matter where you work, live, or travel, with NordVPN you’ll be able to access a fast and secure server without any hassle.

Stay safe online by joining one of the most affordable VPNs on the market. Sign up today and get a 66% discount on a 2-years subscription to NordVPN, just $3.99 a month! All plans are backed by a 30-day money back guarantee.

3. VyprVPN

CryptoShuffler Trojan - How to Stay Protected - VyprVPN

VyprVPN goes to extreme lengths to provide incredible privacy features. It starts with the Chameleon protocol, an exclusive piece of technology that wraps metadata in an extra layer of encryption, defeating censorship blocks and geo-restricted content in an instant! Combine that with 256-bit AES encryption on all devices, DNS leak protection, and a zero-logging policy that covers both traffic and DNS requests and you’ve got the makings of a super private VPN!

Sign up with VyprVPN today and save 50% off your first month of service! If you’re not sure, VyprVPN also offers a free 3-day trial so you can test everything out before joining.

Stay Protected with More Tips

The CryptoShuffler Trojan was something of a surprise. How could something so simple be so effective? With the right tools and a little attention, you can keep yourself safe from malicious code like CryptoShuffler. Do you have any favorite methods you deploy to keep trojans at bay? Let us know in the comments below!

Leave a comment