This article brings awareness about dangerous malware such as address switchers. This type of malware can infect your PC and lead to loss of funds if you are not very careful when confirming the transactions.
How does it work?
The malware is triggered each time you copy to the clipboard any string of letters and digits that is similar to the address of certain crypto. Once you copied the address, the malware replaces the copied address in the clipboard with its own malicious address. More about malware you can read here.
For example, you are sending 1 BTC to the exchange. You go to the exchange, you copy the exchange’s deposit address for BTC. Then you go to Ledger Live and click send 1 BTC and in the address field, you paste the address from the clipboard. If you pay attention, you will notice that the address was replaced in the clipboard, and instead of pasting the address from the exchange, you are pasting the address of the scammer.
What should I do?
To prevent sending funds to the incorrect address, please do the following:
- ALWAYS VERIFY the transaction details (address, amount) on your Ledger device before confirming the transaction. Ledger device will show the final destination address where the funds will be sent. It is called clear signing. Learn more.
- Do a full scan of your PC for malware.
- Make sure you have the latest version of antivirus installed on your computer.
- Regularly run a full scan with antivirus software.
- Secure your network.
- Do not click on untrustworthy links.
- Avoid suspicious sites and unlicensed software.
Additionally, in certain cases, Ledger Live may detect such suspicious activity and inform you about that. It can happen in the case when you are sending the funds from the exchange to Ledger Live address.
If you see the message “Mismatch between the copied address and the one in the clipboard”, immediately abort the transaction and consider that your PC is infected, and do a full scan of your PC.
You can learn more about this warning here.
Already sent funds to the incorrect address?
If you have already sent crypto assets to an incorrect address and the transaction was confirmed on the blockchain, unfortunately, we cannot cancel the transaction now due to the irreversible nature of blockchain transfers. You can contact us for further information.