Hackers have developed a malware (CryptoCurrency Clipboard Hijackers) that monitors the Windows clipboard for copied cryptocurrency addresses. When these addresses are pasted in order to send funds, the malware inserts an address owned by the hacker. Because cryptocurrency addresses are long strings of numbers, users rarely notice or double check the changes. The extent of the malware and its successes are unknown.
Source: Clipboard Hijacker Malware Monitors 2.3 Million Bitcoin Addresses