Type: Clipboard hijacker, clipper malware
Variants: DLL variant and EXE variant
Damage potential: Data theft, fraudulent transactions, financial loss
Laplas Clipper is a clipboard hijacker targeting cryptocurrency users. This type of malware is used to monitor, alter, or steal clipboard content and Laplas Clipper is no exception. It replaces cryptocurrency wallet addresses that users copy to their clipboard with addresses controlled by the attackers. If the user doesn’t check the recipient’s address before making a transaction, cybercriminals can redirect payments to their own accounts without being noticed.
Laplas Clipper operates insidiously, so you may not notice anything until you spot suspicious transactions in your crypto account. But if you suddenly experience slow computer performance, increased data usage and network activity, or notice unfamiliar apps on your computer, you may suspect malware infection.
Sources of infection
If you’re not cautious online, you may unintentionally download Laplas Clipper onto your computer in the following ways:
Clicking on links or attachments in phishing emails.
Visiting malware-hosting websites.
Downloading software or files from unverified sources.
Using infected USB drives and other removable media.
Cybercriminals also distribute Laplas Clipper with the help of loaders, such as SmokeLoader.
Good cybersecurity practices are essential to stay clear from Laplas Clipper and other malware.
Be careful with email attachments and links. Always check the sender and do not open any attachments or links from unknown sources.
Switch on NordVPN’s Threat Protection to scan downloads and block malicious websites.
Install a reputable antivirus or antimalware solution and update it regularly.
Use strong passwords and multi-factor authentication (MFA) to keep your accounts secure.
Double-check cryptocurrency addresses while making transactions.
You can remove Laplas Clipper from an infected device using antivirus or anti-malware software. However, the effectiveness of removal depends on the capabilities of the software and the scope of the infection. Here are some steps to follow if you want to give it a try:
Make sure your antivirus or antimalware software is up to date. If not, update it to the latest available version.
Disconnect from the internet. This can stop malware from communicating with its command and control servers and limit damage.
Restart your computer in safe mode.
Run a full system scan.
Follow the instructions of your software to quarantine and remove the malware.
If available, update your operating system and other software you use.
Change your passwords (ideally on another device, not the previously infected one) and keep an eye on your crypto accounts for suspicious activity.
If the infection persists, consider getting professional help.