MT
Michael Thornton
July 2, 2026 · 2 min read
Signals

Malware Targets XRP and Bitcoin in Sophisticated Attack

Malware Targets XRP and Bitcoin in Sophisticated Attack

How Silent Swap Manipulates Transactions

Cybersecurity researchers at McAfee have uncovered a new malware campaign, dubbed Silent Swap, which targets cryptocurrency users. The campaign was discovered on January 7, 2026. It affects Chromium browsers, including Google Chrome.

The malware forcibly sideloads a fake Google Notesextension into the browsers. This allows attackers to manipulate cryptocurrency transactions. The fake extension is highly sophisticated, making it difficult to detect.

The malware campaign specifically targets users of XRP and Bitcoin. It does this by altering the content of clipboard data. When a user copies a cryptocurrency address, the malware replaces it with an address controlled by the attackers. This results in unsuspecting users sending cryptocurrency to the wrong address.

Can Users Protect Themselves?

The attackers behind Silent Swap are likely motivated by financial gain. By stealing cryptocurrency, they can profit from the transactions. McAfee researchers have not disclosed the exact amount of cryptocurrency stolen.

To protect against Silent Swap, users should be cautious when copying and pasting cryptocurrency addresses. They should also regularly review their browser extensions and monitor their transactions for suspicious activity.

The discovery of Silent Swap highlights the ongoing threat of malware to cryptocurrency users. As the use of cryptocurrency continues to grow, it is likely that attackers will develop new tactics to steal funds.

Frequently Asked Questions

What is Silent Swap? Silent Swap is a malware campaign that targets cryptocurrency users by sideloading a fake browser extension.

How can I protect myself from Silent Swap? Users can protect themselves by being cautious when copying and pasting cryptocurrency addresses and regularly reviewing their browser extensions.

What should I do if I've been affected by Silent Swap? If you suspect you've been affected, immediately stop using the compromised browser and report the incident to the relevant authorities.

More stories:

Content written by Michael Thornton for ai-trading-guru.com editorial team, AI-assisted.

Share:

Leave a comment