add ClipboardWalletHijacker

clusters/tool.json

@@ -2,7 +2,7 @@
   "uuid": "0d821b68-9d82-4c6d-86a6-1071a9e0f79f",
   "name": "Tool",
   "source": "MISP Project",
-  "version": 74,
+  "version": 75,
   "values": [
     {
       "meta": {
@@ -4312,6 +4312,17 @@
           "https://blog.jpcert.or.jp/2018/06/plead-downloader-used-by-blacktech.html"
         ]
       }
+    },
+    {
+      "uuid": "9f926c84-72cb-11e8-a1f2-676d779700ba",
+      "value": "ClipboardWalletHijacker",
+      "description": "The malware's purpose is to intercept content recorded in the Windows clipboard, look for strings resembling Bitcoin and Ethereum addresses, and replace them with ones owned by the malware's authors. ClipboardWalletHijacker's end-plan is to hijack BTC and ETH transactions, so victims unwittingly send funds to the malware's authors.",
+      "meta": {
+        "refs": [
+          "https://www.bleepingcomputer.com/news/security/clipboard-hijacker-targeting-bitcoin-and-ethereum-users-infects-over-300-0000-pcs/",
+          "https://blog.360totalsecurity.com/en/new-cryptominer-hijacks-your-bitcoin-transaction-over-300000-computers-have-been-attacked/"
+        ]
+      }
     }
   ],
   "authors": [