: It can monitor the system clipboard and replace cryptocurrency wallet addresses with those owned by the attacker.
The most common vector is spear-phishing emails containing malicious attachments. xworm 3.1