He doesn’t know if it was the work of crypto malware or a more sophisticated hack.
A Reddit user operating under the name “seraf1990” warned of a copy & paste crypto scam that replaced a wallet address he copied from Coinbase with one belonging to scammers. According to seraf1990, he lost about $350 worth of Bitcoin (BTC) — money that he notes was meant to go towards his rent for next month.
explains that seraf1990 was attempting to cash out some BTC by sending it from Binance to his account on Coinbase. After copying the exchange’s Bitcoin wallet address, he pasted it into the appropriate field back on Binance and completed the transaction “without second thought.” It was only later that he realized the address had somehow been swapped.
This type of attack is fairly common, except for one crucial difference. When a bad actor swaps out your address for one of their own, the two keys are usually completely different from one another, making the exploit reasonably easy to spot. In seraf1990’s case, however, the first four digits of the two addresses were identical.
Compounding this issue was the fact that Coinbase only displayed the first few digits of the wallet on the user’s device.
In the post, seraf1990 stated that the device used in the transaction was a Windows-powered PC. Some replies speculated that malware could be behind the crypto scam, though the method was never directly confirmed.
A similar incident was reported by Cointelegraph in June. Cybercriminals were reportedly impersonating an encrypted messaging service in order to steal Bitcoin via the copy & paste function.