Crypto 101 Daily

You copy your friend’s crypto address, paste it, double-check the start and end, hit send — and the money goes to a thief. How? A nasty type of malware silently swapped the address at the moment you pasted it. Clipboard hijacking is sneaky precisely because everything looks normal. Here’s the plain-language guide to recognising and avoiding it.

What clipboard-hijacking malware does

Some malware sits quietly on an infected device and watches your clipboard — the temporary memory that holds whatever you’ve copied. When it detects that you’ve copied something that looks like a crypto address, it instantly replaces it with the attacker’s address. So you copy the correct address, but what gets pasted is the thief’s address. Because crypto addresses are long and unmemorable, most people don’t notice the switch — and once sent, the transaction is irreversible.

Why it’s so dangerous

This attack is dangerous because it defeats the usual “copy-paste instead of typing” advice. We tell people to paste addresses to avoid typos — but clipboard malware turns that safe habit against you. It requires no trickery in the moment, no fake website, no phishing message; it just waits in the background. And since blockchain transactions can’t be reversed, by the time you realise the money went to the wrong place, it’s gone.

How devices get infected

The malware gets onto your device the usual ways: downloading pirated software or cracked apps, clicking malicious links or email attachments, installing browser extensions or programs from untrustworthy sources, or fake apps and “wallet” software. In other words, the same poor habits that invite any malware also invite this one — which means good general device hygiene is most of the defence.

How to protect yourself

The single most important habit: always verify the entire pasted address — or at least carefully check several characters at both the beginning and the end — right before you confirm a send. Don’t just glance; actually compare it to the intended address. Even better, for any significant amount, send a tiny test transaction first and confirm it arrived at the right place. Beyond that: keep your device free of pirated or untrusted software, be cautious with downloads, browser extensions, and attachments, keep your system and security software updated, and consider a hardware wallet (which shows the real destination address on its own screen for you to verify). Good device hygiene plus careful address-checking beats this scam. This is education, not financial advice.

Key takeaways

Clipboard-hijacking malware silently swaps a crypto address you’ve copied for the attacker’s address when you paste it, sending your funds to a thief — and the transfer can’t be reversed. It’s dangerous because it turns the safe copy-paste habit against you. Defend yourself by carefully verifying the whole pasted address (start and end) before confirming, sending a small test first, keeping your device free of pirated/untrusted software, and considering a hardware wallet. This is education, not financial advice.

New here? This is the hidden danger behind how to send crypto safely, and a strong reason to consider a hardware wallet. It often arrives via fake crypto apps.