Author

Topic: [ATTN] New trojan spreads through skype and (possibly) steals wallet.dat. (Read 1395 times)

legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
My computer is bare bones OS and office only. Everything else is either installed and run, or portable (as in portable apps, run from its own directory.) I use Deep Freeze to essentially make my computer it's own virtual machine. Once rebooted or shut down, it reverts back to it's "clean" state.

I don't use Skype or Yahoo messenger or any other software. If I have to use them, I download the app, save it somewhere, reboot (optional), install the app, use it, then reboot or shutdown as appropriate.

Now, my computer could be subject to some zero day malware, but I find that unlikely. I almost always sit behind some hardware firewall (router) and the other computers in the network have different anti-virus / anti-malware installed.

Or I could always take a look at GMER. (rootkit detector).
legendary
Activity: 1526
Merit: 1002
Waves | 3PHMaGNeTJfqFfD4xuctgKdoxLX188QM8na
or don't use skype, I hate skype.

Or have a separate laptop/desktop that you use skype on.

+1
full member
Activity: 238
Merit: 100
Now they are thinking what to do with me
or don't use skype, I hate skype.

Or have a separate laptop/desktop that you use skype on.
legendary
Activity: 1526
Merit: 1002
Waves | 3PHMaGNeTJfqFfD4xuctgKdoxLX188QM8na
How do you realize that your wallet has been stolen before it is too late?
This, and they can log your passphrase just fine.

That's another reason to have one wallet for trading and one offline for keeping.
jr. member
Activity: 42
Merit: 11
How do you realize that your wallet has been stolen before it is too late?
This, and they can log your passphrase just fine.
hero member
Activity: 607
Merit: 500
How do you realize that your wallet has been stolen before it is too late?
legendary
Activity: 1526
Merit: 1002
Waves | 3PHMaGNeTJfqFfD4xuctgKdoxLX188QM8na
- Use long passphrase wallet.dat encryption (>20 characters).
- Keep at least one copy offline.

Now they can steal your wallet.dat and you still have plenty of time to send the coins to another wallet and change the receiving adresses at pools and exchanges.

legendary
Activity: 2114
Merit: 1040
A Great Time to Start Something!
Bitcoin on Windows?

*shudder*

Bitcoin $150 each way too soon?
*shudder*   
sr. member
Activity: 476
Merit: 250
Bitcoin on Windows?

*shudder*
jr. member
Activity: 42
Merit: 11
http://www.securelist.com/en/blog/208194206/An_avalanche_in_Skype
Quote
There is a new malicious ongoing campaign on Skype. It’s active and kicking yet.
The infection vector is via social engineering abusing infected Skype by sending massive messages to the contacts like these ones:
i don't think i will ever sleep again after seeing this photo http://www.goo.gl/XXXXX?image=IMG0540250-JPG
tell me what you think of this picture i edited http://www.goo.gl/XXXXX?image=IMG0540250-JPG

Finally something interesting is this:

And similar malware spreads bitcoin miner:
http://www.securelist.com/en/blog/208194210/Skypemageddon_by_bitcoining
Quote
So what does malware do? To be honest many things but one of the most interesting is it turns the infected machine to a slave of the bitcoin generator. The usage of CPU grows up significantly. Here is an example:

The mentioned process runs with the command ?bitcoin-miner.exe -a 60 -l no -o http://suppp.cantvenlinea.biz:1942/ -u [email protected] -p XXXXXXXX� (sensitive data was replaced by XXXXXX) It abuses the CPU of infected machine to mine Bitcoins for the criminal.
Jump to: