It is a security threat used by cybercriminals who are increasingly clever....
It was discovered by the BleepingComputer team that said how it works:
The virus called CryptoCurrency Clipboard Hijackers is installed on the computer, a DLL of the d3dx11_31.dll call is added to the Temp folder of the Windows system and an executable file called "DirectX 11" is created.
It is activated every time a user starts the system. When the user initiates a cryptocurrency exchange operation and copies the address to which he will send his funds or receive them, the virus will detect the action and replace this copied address with another one that sends the cryptocurrencies to the cyber attackers.
watch:
the source is the video. courtesy of BleepingComputer youtuber