LIVE
Strategy Pauses Bitcoin Buys Until Preferred Shares RecoverBitcoin Held Inverse U.S. Dollar Correlation in Q2 2026SEC Approves Increase in BlackRock IBIT Options LimitCzech Republic Orders ISPs to Block PolymarketSBI launches Japan's first tokenized equity fund on SolanaInteractive Brokers Expands Crypto Trading and Transfers: ReportSpot Ethereum and Solana ETFs Edge Closer After S-1 UpdateStrategy Sold $466M of MSTR Stock While Bitcoin Reserves Stayed FlatSBI Holdings and Solana Launch Market in JapanThailand Reportedly Audits High-Volume Tether USDT TransfersStrategy Pauses Bitcoin Buys Until Preferred Shares RecoverBitcoin Held Inverse U.S. Dollar Correlation in Q2 2026SEC Approves Increase in BlackRock IBIT Options LimitCzech Republic Orders ISPs to Block PolymarketSBI launches Japan's first tokenized equity fund on SolanaInteractive Brokers Expands Crypto Trading and Transfers: ReportSpot Ethereum and Solana ETFs Edge Closer After S-1 UpdateStrategy Sold $466M of MSTR Stock While Bitcoin Reserves Stayed FlatSBI Holdings and Solana Launch Market in JapanThailand Reportedly Audits High-Volume Tether USDT Transfers
Homepage/News/Kaspersky Discovers Sourceforge Malware Targeting Crypto Users
NEWS

Kaspersky Discovers Sourceforge Malware Targeting Crypto Users

BY Solomon M.·1 MIN READ·APRIL 9, 2025

Kaspersky has identified a malware operation targeting cryptocurrency users, primarily Russian speakers, through fake Microsoft Office add-ins on SourceForge between January and March 2025.

KEY FINDINGS - EVIDENCE LEVEL: MULTI-SOURCE
1Key sections mapped in this report
0Internal references connected to related coverage
2External source domains cited in the article
1 minEstimated time to read the full report
Key Takeaways:

  • ClipBanker malware targets crypto users via SourceForge.
  • Over 4,600 Russian-speaking users affected.
  • No major cryptocurrency market disruption reported.

The incident highlights the vulnerability of cryptocurrency users to malware attacks, especially those relying on unofficial software downloads. Kaspersky Anti-Malware Research Team stated,

“Distributing malware disguised as pirated software is anything but new. As users seek ways to download applications outside official sources, attackers offer their own. They keep looking for new ways to make their websites look legit.”

Although individual crypto transactions are targeted, there has been no significant disruption in major cryptocurrencies.

Key players

Key players such as Kaspersky have identified the campaign facilitated by fake Microsoft Office add-ins. The attackers aim to hijack clipboard data and redirect cryptocurrency funds.

The ClipBanker malware was distributed through SourceForge, impacting over 4,600 users. It primarily affected individuals by substituting wallet addresses during transactions, which did not influence blockchain networks.

The financial impact remains undetermined, but losses are presumed significant given the number of affected users. No immediate regulations have been imposed, although security firms are alert to the threat.

Kaspersky’s warning emphasizes the importance of downloading from trusted sources. This attack represents a broader trend of leveraging platforms like SourceForge and Telegram for malware distribution. SourceForge Report from cybersecurity analysts confirmed this by stating that the campaign leveraged SourceForge, creating a deceptive project page resembling legitimate developer tools.

As crypto users face ongoing threats, increased attention to cybersecurity best practices is recommended. Vigilance against unofficial downloads and understanding new methods of legitimate-looking threats are crucial in maintaining security.

SOURCE TRANSPARENCY
  • External Source - Referenced domain: kaspersky.com
  • External Source - Referenced domain: cointelegraph.com
  • Byline - Reported by Solomon M.
  • Coverage Desk - Primary editorial category: News
  • Media Asset - Featured image served from the WordPress media library
Kaspersky Discovers Sourceforge Malware Targeting Crypto Users | TheCCPress