Glossary

Clipboard Hijacking

1 min read

A type of malware attack where malicious software monitors a user’s clipboard and replaces copied bitcoin addresses with the attacker’s own address during paste. Because bitcoin transactions are irreversible, victims who fail to notice the altered address lose their funds permanently.

Clipboard hijacking is a type of malware attack that targets a user’s clipboard (copy/paste), secretly replacing copied Bitcoin addresses with an address controlled by the attacker. Because bitcoin transactions are irreversible, this tactic exploits the fact that wallet addresses are long and difficult to verify manually, increasing the chance that a user will unknowingly send funds to a fraudulent destination.

In the context of Bitcoin, clipboard hijacking often occurs when a device is infected through malicious downloads, compromised browser extensions, or trojanized wallet software. Once active, the malware monitors the clipboard for strings resembling Bitcoin addresses and instantly swaps them for the attacker’s address, usually without any visible change to the user.

Protecting against clipboard hijacking requires using reputable wallet software, keeping devices free of malware, and verifying the first and last characters of a Bitcoin address before sending a transaction. Users can also employ hardware wallets or address-verification tools as an added safeguard against this common attack vector.

Related Terms
Malware
Malware targeting bitcoin steals private keys, alters transactions, and compromises wallet security.
Learn more.
Embezzlement
Embezzlement in bitcoin exchanges occurs when insiders steal or misuse customer funds.
Learn more.
SIM Swap
A SIM swap lets attackers hijack your phone number to access bitcoin accounts and bypass SMS 2FA. Learn how SIM swaps work and how to protect your bitcoin from phone-based identity theft.
Learn more.
Explore More Terms