The goal of the malware was to steal valuable data from compromised devices, including cryptocurrencies stored in mobile app wallets. The malware used different methods to achieve this. One method involved overlaying crypto apps with fake user interfaces to capture users’ credentials. Another method was to hijack the clipboard and replace copied crypto wallet addresses with addresses belonging to the attackers. This way, victims unknowingly sent their money to the attackers.
