Topic: Be careful what you're running! - .Jar instant stealer - page 2. (Read 3695 times)
Make sure to encrypt your wallet with a very long, complex password.
My 2 cents (as an experienced systems administrator and bitcoin newbie):
Nothing will help better than safe browsing practices and an up to date anti-virus solution. The cat and mouse game of the virus creators and the anti-virus companies will always be an issue. That virus creator only has to be right once to get his hands on your important data.
I have a blockchain.info account but I keep my main wallet on a Windows 7 Virtual Machine. The VM has full disk encryption (truecrypt), all Microsoft security patches are installed, and it is turned off when not in use. It only runs armory, bitcoin-qt and anti-virus. Only downside is it usually only takes about 30-60 minutes to sync back up with the blockchain after being turned off for a few days
I also plan on setting up a completely offline wallet using ubuntu on an older netbook that I can stash in a safe.
I don't have too much money in bitcoin right now but I hope to see my mining and monthly deposits reach some serious worth.
I like to think I am very security conscious but maybe I am just paranoid
Nothing will help better than safe browsing practices and an up to date anti-virus solution. The cat and mouse game of the virus creators and the anti-virus companies will always be an issue. That virus creator only has to be right once to get his hands on your important data.
I have a blockchain.info account but I keep my main wallet on a Windows 7 Virtual Machine. The VM has full disk encryption (truecrypt), all Microsoft security patches are installed, and it is turned off when not in use. It only runs armory, bitcoin-qt and anti-virus. Only downside is it usually only takes about 30-60 minutes to sync back up with the blockchain after being turned off for a few days
I also plan on setting up a completely offline wallet using ubuntu on an older netbook that I can stash in a safe.
I don't have too much money in bitcoin right now but I hope to see my mining and monthly deposits reach some serious worth.
I like to think I am very security conscious but maybe I am just paranoid
Hi sir, I take it you're not fully aware of remote administration tools? If you are sorry..
Ok, an up to date anti-virus will be near to nothing when it comes to being effective against a virus. Those who create viruses are also aware of how to change variables and methods of injecting a file so that the anti-virus will not pick up any data, this can vary from simply changing icon to binding a program so that when virus is ran a fake program is ran too.
My point is that you can still be infected if you have up to date antivirus.
On the discussion of a remote administration tool, it gains unathorised access to your whole computer, meaning the hacker can scavage throughout all your files, and search for files which the hacker may deem valuable, in this case wallet.dat or whatever other crypto-currency data files you may have. Your idea of keeping the wallet offline is the only true method of being 100% protected, where the computer doesn't have an internet connection it is more likely to remain safe.
How about just deactivating java in your browser?
That wouldn't be an option, deactivating java in your browser doesn't stop 0day exploits from downloading/executing .jar files onto your system
Are you sure about this? I mean you did say in your OP "it's also FUD" which actually means it is just misinformation trying to scare people!
Just thought that was particularly funny
Exactly what I thought.
This scam is also running with Bitcoin "Wallet hackers". Usually it includes a smtp stealer which sends your wallet to the scammer.
Yup..
This scam is also running with Bitcoin "Wallet hackers". Usually it includes a smtp stealer which sends your wallet to the scammer.
How about just deactivating java in your browser?
That wouldn't be an option, deactivating java in your browser doesn't stop 0day exploits from downloading/executing .jar files onto your system
Are you sure about this? I mean you did say in your OP "it's also FUD" which actually means it is just misinformation trying to scare people!
Just thought that was particularly funny
My 2 cents (as an experienced systems administrator and bitcoin newbie):
Nothing will help better than safe browsing practices and an up to date anti-virus solution. The cat and mouse game of the virus creators and the anti-virus companies will always be an issue. That virus creator only has to be right once to get his hands on your important data.
I have a blockchain.info account but I keep my main wallet on a Windows 7 Virtual Machine. The VM has full disk encryption (truecrypt), all Microsoft security patches are installed, and it is turned off when not in use. It only runs armory, bitcoin-qt and anti-virus. Only downside is it usually only takes about 30-60 minutes to sync back up with the blockchain after being turned off for a few days
I also plan on setting up a completely offline wallet using ubuntu on an older netbook that I can stash in a safe.
I don't have too much money in bitcoin right now but I hope to see my mining and monthly deposits reach some serious worth.
I like to think I am very security conscious but maybe I am just paranoid
Nothing will help better than safe browsing practices and an up to date anti-virus solution. The cat and mouse game of the virus creators and the anti-virus companies will always be an issue. That virus creator only has to be right once to get his hands on your important data.
I have a blockchain.info account but I keep my main wallet on a Windows 7 Virtual Machine. The VM has full disk encryption (truecrypt), all Microsoft security patches are installed, and it is turned off when not in use. It only runs armory, bitcoin-qt and anti-virus. Only downside is it usually only takes about 30-60 minutes to sync back up with the blockchain after being turned off for a few days
I also plan on setting up a completely offline wallet using ubuntu on an older netbook that I can stash in a safe.
I don't have too much money in bitcoin right now but I hope to see my mining and monthly deposits reach some serious worth.
I like to think I am very security conscious but maybe I am just paranoid
No this isn't paranoid - this is smart
You could just use Electrum in your Windows VM to get around the blockchain syncing problem.
Also you could make a paper wallet and send your coins there
That's why i don't use JAVA..
My 2 cents (as an experienced systems administrator and bitcoin newbie):
Nothing will help better than safe browsing practices and an up to date anti-virus solution. The cat and mouse game of the virus creators and the anti-virus companies will always be an issue. That virus creator only has to be right once to get his hands on your important data.
I have a blockchain.info account but I keep my main wallet on a Windows 7 Virtual Machine. The VM has full disk encryption (truecrypt), all Microsoft security patches are installed, and it is turned off when not in use. It only runs armory, bitcoin-qt and anti-virus. Only downside is it usually only takes about 30-60 minutes to sync back up with the blockchain after being turned off for a few days
I also plan on setting up a completely offline wallet using ubuntu on an older netbook that I can stash in a safe.
I don't have too much money in bitcoin right now but I hope to see my mining and monthly deposits reach some serious worth.
I like to think I am very security conscious but maybe I am just paranoid
Nothing will help better than safe browsing practices and an up to date anti-virus solution. The cat and mouse game of the virus creators and the anti-virus companies will always be an issue. That virus creator only has to be right once to get his hands on your important data.
I have a blockchain.info account but I keep my main wallet on a Windows 7 Virtual Machine. The VM has full disk encryption (truecrypt), all Microsoft security patches are installed, and it is turned off when not in use. It only runs armory, bitcoin-qt and anti-virus. Only downside is it usually only takes about 30-60 minutes to sync back up with the blockchain after being turned off for a few days
I also plan on setting up a completely offline wallet using ubuntu on an older netbook that I can stash in a safe.
I don't have too much money in bitcoin right now but I hope to see my mining and monthly deposits reach some serious worth.
I like to think I am very security conscious but maybe I am just paranoid
How about just deactivating java in your browser?
That wouldn't be an option, deactivating java in your browser doesn't stop 0day exploits from downloading/executing .jar files onto your system
Are you sure about this? I mean you did say in your OP "it's also FUD" which actually means it is just misinformation trying to scare people!
Just thought that was particularly funny
I don't see the joke? Well English isn't my first language.. I try
How about just deactivating java in your browser?
That wouldn't be an option, deactivating java in your browser doesn't stop 0day exploits from downloading/executing .jar files onto your system
Are you sure about this? I mean you did say in your OP "it's also FUD" which actually means it is just misinformation trying to scare people!
Just thought that was particularly funny
How about just deactivating java in your browser?
That wouldn't be an option, deactivating java in your browser doesn't stop 0day exploits from downloading/executing .jar files onto your system
How about just deactivating java in your browser?
Just a heads up to all your people who have a wallet.dat saved on your computer.
New virus coded in java will automatically send your funds to an address without you even knowing,
demonstration video:http://www.youtube.com/watch?feature=player_embedded&v=7Qx9x780RE0
Since compiled size of this .jar file is just 4KB you are very susceptible to online web exploits with such a small file,
It's also FUD meaning its fully undetectable by all antiviruses, since it is also coded in java and not your standard executeable (.exe) it is harder for AV's to pickup detections making the file stay undetected for a very long time..
My best advice:
Anti-viruses will not save your ass in such a scenario, I personally know that viruses are able to bypass AV's, the best freeware available is malwarebytes, have a full scan of your syste,
Malwarebytes PRO is even better - there is constant filesystem protection and website scanning as you browse your computer, it works much better in comparison to ALL AV's (believe me I've tested it) and also allows you to do flash scan to analyze memory and autorun objects.
If anyone requires any help with cleaning their system or Q's post here/PM and ill do my best to help
New virus coded in java will automatically send your funds to an address without you even knowing,
demonstration video:http://www.youtube.com/watch?feature=player_embedded&v=7Qx9x780RE0
Since compiled size of this .jar file is just 4KB you are very susceptible to online web exploits with such a small file,
It's also FUD meaning its fully undetectable by all antiviruses, since it is also coded in java and not your standard executeable (.exe) it is harder for AV's to pickup detections making the file stay undetected for a very long time..
My best advice:
Anti-viruses will not save your ass in such a scenario, I personally know that viruses are able to bypass AV's, the best freeware available is malwarebytes, have a full scan of your syste,
Malwarebytes PRO is even better - there is constant filesystem protection and website scanning as you browse your computer, it works much better in comparison to ALL AV's (believe me I've tested it) and also allows you to do flash scan to analyze memory and autorun objects.
If anyone requires any help with cleaning their system or Q's post here/PM and ill do my best to help
Jump to: