Zenon Clipper

The Zenon Clipper is a small hacking tool that is being sold to cybercriminals via hacking forums actively. The authors of the threat use the name 'Asper_soft,' and they claim to be able to provide lifetime updates to all their customers, as well as make sure that their malware is Fully Undetectable (FUD) periodically. Many malware creators make such promises, but few manage to deliver – making a threat FUD is the 'Holy Grail' for malware developers because it would enable them to bypass any anti-virus application. Thankfully, Zenon Clipper's advertisement is false, and an up-to-date anti-malware software suite can keep you safe from this malware.

A for the Zenon Clipper's features, they are limited but very threatening. The threat is able to use Windows exploits to bypass User Account Control (UAC) and gain persistence. Furthermore, it spreads its files to multiple hidden directories and is able to avoid Virtual Machines (VM) that may be used for malware analysis.

Computers that the Zenon Clipper infects will not exhibit abnormal behavior. This malware is not meant to cause mayhem and, instead, it wants to work for extended periods, without raising too many red flags. The Zenon Clipper will monitor the Windows clipboard actively and check for strings that match the patterns used by popular cryptocurrency wallets – Bitcoin, Ethereum, Monero, Dash, ZCash, LiteCoin and others. If the user has copied such content, the Zenon Clipper will replace it with a wallet address controlled by the malware's operator, therefore enabling them to hijack cryptocurrency transactions silently.

Clipper malware is very popular among hackers because of its simplicity and the potential profits it can bring. The Zenon Clipper is, by no mean, the only threat of this sort being sold on hacking forums – other malware like the Qulab Clipper and the BitCoin Clipper also are very popular. You should keep your computers protected from the Zenon Clipper and similar malware using a reliable anti-malware software suite.