menu_book Malware Family

ViperSoftX

Also known as: Viper SoftX

ViperSoftX is a long-running information stealer and loader that specialises in cryptocurrency theft, including clipboard hijacking to swap wallet addresses. It spreads through cracked software and uses PowerShell-based stages to evade detection.

What is ViperSoftX?

ViperSoftX is a stealer-loader hybrid focused heavily on cryptocurrency. Beyond harvesting wallet data and credentials, it deploys a clipboard hijacker that silently replaces copied crypto wallet addresses with attacker-controlled ones.

Techniques

ViperSoftX uses multi-stage PowerShell scripts, DLL side-loading, and a browser extension component to maintain access and steal data while evading analysis.

How VantaPrism Tracks ViperSoftX

VantaPrism captures credential and wallet exposures from crypto-focused stealers like ViperSoftX, helping organisations gauge financial-theft risk from an infection.

Check Your Exposure arrow_forward

Frequently Asked Questions

What is clipboard hijacking?

expand_more

A technique where malware monitors the clipboard and replaces copied cryptocurrency wallet addresses with the attacker's address, redirecting payments. ViperSoftX uses this.

Related Terms

Infostealer Malware arrow_outward

Infostealer malware is a category of malicious software designed to silently harvest sensitive data — passwords, sess…

Stealer Logs arrow_outward

A stealer log is the package of data exfiltrated from a single device by infostealer malware. It typically contains s…

Loader Malware arrow_outward

Loader malware (a loader or dropper) is software whose job is to install other malware on a compromised device. Loade…

Cookie Theft arrow_outward

Cookie theft is the stealing of browser cookies — especially authenticated session cookies — so attackers can imperso…

← All Glossary Terms Last reviewed: June 2026