Author

Topic: Beware of Clipboard Virus! (Read 604 times)

sr. member
Activity: 322
Merit: 318
The Alliance Of Bitcointalk Translators - ENG>BAN
December 15, 2023, 06:52:43 AM
#65
...(Superfetch)...
Thank you for the heads up. Though I have had computer knowledge for many years, I never knew something like this even existed. I mean wow. I'll give it a try and see how it works. Wink
legendary
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
December 15, 2023, 06:18:20 AM
#64
@DYING_S0UL, I remembered one "trick" that might help you speed up your computer, because even though you have 8 GB of RAM and you say that it still works slowly, you can try to stop a W10 feature called (SysMain (Superfetch)) which actually preloads those apps that you use it most often, so it can take up a lot of RAM.

All you need is to follow the instructions on the link and first stop that process, and then disable it from starting automatically with the OS. In case you need this feature again, you can simply turn it on.

Quote
Superfetch was introduced with Windows Vista and it's now known as SysMain on the latest versions of Windows 10 and 11. This Windows service runs in the background and analyzes your PC usage.
Based on your usage, the service determines what apps you're most likely to use. Then, it preloads those apps in your PC's RAM so you can open those apps quickly. In other words, this service speeds up the launching of the most used apps on your PC.

Code:
https://www.howtogeek.com/811043/disable-superfetch/
hero member
Activity: 2338
Merit: 517
Catalog Websites
December 10, 2023, 12:51:43 PM
#63
The best anti virus still is our self awareness. Sorry for your loss OP. This is the reason that even we've got self awareness with our browsing activities, it's always best to check receiver's address carefully before doing a transaction.

This why I always advice to use mobile for transaction and stay away from doing any single transaction in the PC where this scam attacks are in the high numbers.
It's opposite for me, it's still best to check transactions through a PC or laptop setup. Or, when you have spare devices, you can be meticulous and just use it specifically for transactions and you won't do any browsing there or any downloads aside from the wallets that you have there.
sr. member
Activity: 322
Merit: 318
The Alliance Of Bitcointalk Translators - ENG>BAN
December 10, 2023, 11:21:39 AM
#62
If a virus has been detected, reinstalling your device is the most appropriate choice to clean everything. As OP experienced, it's possible that the antivirus really didn't detect the virus until we realized when it was connected to a crypto wallet. and the situation is just waiting for us to be careless.
Nope, reformat is the best thing to do if there's a potential that you've downloaded a virus together with an app, that's the only way to remove the virus and be sure that reuse of the computer is clean slate. Virus don't go away just because you've deleted the file that it came with because some of them install themselves somewhere that's different from the destination of the file that they've been with.
By reinstalling he may have only meant installing windows freshly. But yes your are correct. Reformatting the hard disk the only best thing that can ensure you that the virus isn't there anymore. Because you can't detect it when using windows normally. BTW I wouldn't tell this virus is a virus. A virus replaces malicious codes into the original codes, basically making the system unstable or unusable. But in this case, it doesn't do anything or damage anything, it just replaces the address. What a genius piece of virus/malware man, really genius!!! Shocked. The person who made this could have made something good but instead he have chosen evil.
member
Activity: 382
Merit: 12
Axioma Holding - Axioma Pay Crypto Card
December 09, 2023, 07:38:42 AM
#61
And this is the third time I have gotten infected with the clipboard virus. I don't know why I always end up with the particular virus. Though I don't know how to properly define this thing as a virus or malware. I don't use any third-party antivirus, but my Windows Defender is always on. So I have no idea how I got infected. Windows defender seems to not be working regarding this virus. I guess, other antivirus programs won't work either. There is no way to fix this. So unfortunately, I had to reinstall Windows twice the same day to fully get rid of this virus. Such a hassle. Lucky for me, I didn't send out any funds since I remembered my original address. The moment I saw a change of address, I knew something was wrong. Here is the phishing address. The total received amount is almost $28k I wonder how many innocent people fell a victim to it.

It seems that this is not the problematic windows defender, not all software is dangerous or viruses by windows defender. If I look at the case, it looks like this wallet is still connected to the scam site. because if the virus will disappear if you change the OS to linux.
sr. member
Activity: 1666
Merit: 426
December 08, 2023, 11:12:37 PM
#60
~
if it applies to mobile phones it will be very easy when newly installed applications will of course require approval for some access on the smartphone.
applications downloaded from official sites may have very little risk. but on a PC or other device, we often download and install applications provided by other developers.
There are some stuff that can easily bypass through a phone's security and even on the app store that are supposedly safe for you to download on stuff, you can see some apps that can bypass through that are Trojan. You also can never be sure of official sites because there are scammers that imitates the official website and pays top dollar to get on top of the search engine results which buries the official site on 3rd or 4th place in the results. The best thing to do is to double or triple check so you are sure that something isn't fishy.
~
If a virus has been detected, reinstalling your device is the most appropriate choice to clean everything. As OP experienced, it's possible that the antivirus really didn't detect the virus until we realized when it was connected to a crypto wallet. and the situation is just waiting for us to be careless.
Nope, reformat is the best thing to do if there's a potential that you've downloaded a virus together with an app, that's the only way to remove the virus and be sure that reuse of the computer is clean slate. Virus don't go away just because you've deleted the file that it came with because some of them install themselves somewhere that's different from the destination of the file that they've been with.
hero member
Activity: 826
Merit: 583
December 08, 2023, 10:34:14 PM
#59
That could be the answer since, I recently got this device. So a lot of software had to be reinstalled. But that's not what I'm worrying about. I worry about windows defender not detecting it. And it's not that I got infected and the very moment I noticed it. I think I was infected for more then 10 days. There was no way of knowing, until I tried to make a transaction and made this discovery. That's what I don't like about it. This sly virus, not showing up anywhere until someone tried something related to crypto.
Have you checked on any of your recent programs that you've downloaded? There's a possibility that the reason why the Windows Defender didn't detect this is probably because it's a Trojan and an advance one at that as Windows Defender is already a good antivirus program so you can probably check on the previous downloads that you've done. Is this virus only a thing for computers? Or is it on mobile too? It's a scary thing for me because I'm not really checking too much on which address I would send my bitcoin so I'm a likely victim to this, good thing I don't do a lot of transactions.

if it applies to mobile phones it will be very easy when newly installed applications will of course require approval for some access on the smartphone.
applications downloaded from official sites may have very little risk. but on a PC or other device, we often download and install applications provided by other developers.

If a virus has been detected, reinstalling your device is the most appropriate choice to clean everything. As OP experienced, it's possible that the antivirus really didn't detect the virus until we realized when it was connected to a crypto wallet. and the situation is just waiting for us to be careless.
sr. member
Activity: 1666
Merit: 426
December 08, 2023, 09:44:29 PM
#58
That could be the answer since, I recently got this device. So a lot of software had to be reinstalled. But that's not what I'm worrying about. I worry about windows defender not detecting it. And it's not that I got infected and the very moment I noticed it. I think I was infected for more then 10 days. There was no way of knowing, until I tried to make a transaction and made this discovery. That's what I don't like about it. This sly virus, not showing up anywhere until someone tried something related to crypto.
Have you checked on any of your recent programs that you've downloaded? There's a possibility that the reason why the Windows Defender didn't detect this is probably because it's a Trojan and an advance one at that as Windows Defender is already a good antivirus program so you can probably check on the previous downloads that you've done. Is this virus only a thing for computers? Or is it on mobile too? It's a scary thing for me because I'm not really checking too much on which address I would send my bitcoin so I'm a likely victim to this, good thing I don't do a lot of transactions.
hero member
Activity: 2520
Merit: 952
December 08, 2023, 09:37:42 PM
#57
~
I don't really have an ides in what clipboard virus actually means and how one can contract it. I think I just have to be very careful on how I download files online and send it to my system. It might be very difficult for one to know how this virus actually get into system but time will te for us to have idea on what this actually means. There is no way this virus can be eradicated then it might be that even formatting the system does not actually take away the virus entirely from the system.

Basically, it changes crypto address, suppose you are transferring funds to your other account having address 'abc..' and you copied this address into your clipboard then this virus would change it to hacker's address, 'adc' — if you are not careful enough you will confirm it under the illusion that it's the address you are sending to (I hope you recognized 'c' in hacker's address  Tongue).
legendary
Activity: 966
Merit: 1042
#SWGT CERTIK Audited
December 08, 2023, 12:18:27 PM
#56
Hmm, interesting also thanks Op for mentioning this, currently I'm using the third-party clipboard to save time while working with data, I'll make sure to uninstall it because I've some of the active hot wallets working on my same PC. Seems like there's something OP hasn't tracked out because even after reading the full post i cant figure out how OP's system got infected. Here in my case, there's no incident yet but as I'm using third-party clipboard software there are some vulnerabilities.

These days I've encountered 2 stories back to back covering the hacking using the rubber ducky, so what I want to mention is dont be careless and make sure of a healthy environment while working with finance-related data and applications. Prefer a hardware wallet more suitable if you can afford it.

sr. member
Activity: 1008
Merit: 262
20BET - Premium Casino & Sportsbook
December 08, 2023, 11:59:44 AM
#55
Since I come to realize that there is thing called clipboard virus which can change the address halfway I have started checking address in middle as well.

My revolution:

copy-paste address blindly >> check first letters >> check first and last letters >> current stage: check first-middle-end letters

I hope it doesn't come to stage where you have check whole address letter by letter  Tongue


I don't really have an ides in what clipboard virus actually means and how one can contract it. I think I just have to be very careful on how I download files online and send it to my system. It might be very difficult for one to know how this virus actually get into system but time will te for us to have idea on what this actually means. There is no way this virus can be eradicated then it might be that even formatting the system does not actually take away the virus entirely from the system.
sr. member
Activity: 322
Merit: 318
The Alliance Of Bitcointalk Translators - ENG>BAN
December 08, 2023, 11:54:16 AM
#54
They can actually clone almost a full address with just maybe a two or three characters missing from it.
The only way to do that, is by creating a burn address. There's no profit for a scammer who burns the money he steals.

Quote
This is possible with vanity address generators.
Try it. Address 1FeexV6bAHb8ybZjqQMjJrcCrHGW9sb6uF holds 79,957.26462896BTC. I'll make it easy on you: instead of 3 missing characters, try to create an address with 15 missing characters. You'll realize that what you suggested is not possible.

He may be referring to address poisoning. Where the last part may be similar to the original address. I can't remember where but I may have came across such a topic.

Found it: https://support.metamask.io/hc/en-us/articles/11967455819035-Address-poisoning-scams

I knew about token burning but never knew address burning was possible. New days, new things to learn. You have any thread regarding address burning? Would appreciate very much.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
December 08, 2023, 04:34:42 AM
#53
They can actually clone almost a full address with just maybe a two or three characters missing from it.
The only way to do that, is by creating a burn address. There's no profit for a scammer who burns the money he steals.

Quote
This is possible with vanity address generators.
Try it. Address 1FeexV6bAHb8ybZjqQMjJrcCrHGW9sb6uF holds 79,957.26462896BTC. I'll make it easy on you: instead of 3 missing characters, try to create an address with 15 missing characters. You'll realize that what you suggested is not possible.
sr. member
Activity: 728
Merit: 421
December 08, 2023, 03:45:01 AM
#52
It is very much important that one needs to cross check their details before any possible actions of initiating a transfer because the virus is very tricky. I have had such experience before where I almost approved a transaction but I was curious to check again for myself when I noticed a change in the wallet address I had to cross check with my previous transaction to see for myself and that was when I realised my gadget got infiltrated by the clipboard virus. I had to format my gadget. Then start afresh reinstallation.

It is advisable to do well confirm and reconfirm your details before you approve of any transaction when it comes to huge funds involved. This measures would save you the stress of losing funds to scammers and to also take note of any changes in your gadgets when it comes to initiate transaction.
sr. member
Activity: 630
Merit: 298
December 07, 2023, 05:23:57 PM
#51
Good realization mate. BTW, I don't think this malware has come to that point to clone an entire/slightly different or half of an address. It hasn't become that capable yet. One thing I'm unsure of is what triggers this virus. Certainly copy pasting casual text won't make it active, while I was infected I only realized after copying a btc address. Another thing is this virus only targets specific address? This is my concern. If it only targeted BTC then other altcoin address won't active it. And sending altcoins to an bitcoin address doesn't make sense, it it? My guess it only targets the big ones such as bitcoin or etheream etc. So if a user is infected and only uses altcoins, there is a big chance he won't detect that he is infected.

Only solution is to always memorize your address (the last part).

They can actually clone almost a full address with just maybe a two or three characters missing from it. This is possible with vanity address generators. Since with this type of address you can choose your own few characters rather than all of them been randomly generated. That is why the attack is on specific address maybe those that look similar. The best thing is to use an offline wallet and if you get infected with this malware just reformat the HD

As for addresses memorization it is bad because it means you will only use those few addresses which are not good for privacy. Also you shouldn’t rely on memory as you could make a mistake and send to a wrong address still even if it is not that of the scammer
hero member
Activity: 2632
Merit: 833
December 07, 2023, 04:41:18 PM
#50
This is not a new thing definitely, if you said that this is not your first time then maybe re-installing into a fresh operating system could prevent this from happened again, and also complete scan your whole disk with the latest update of anti-virus database. Now to prevent you from accidentally sending to a virus address, you could use app that has contact book feature so you don't need to copy and paste everytime you send your fund to your usual address.

Yes, this has been going for many years now, clipboard virus has evolved so much. And there are a lot of warnings from the community regarding this kind of attack. So I guess with the price going up again, there could be a lot of scammers and malwares and other ways to get infected by this kind of clipboard virus. And on our part, we should check everything before we send our bitcoin to someone. It might not be their addresses, and if we found out that way, then our machine are infected. So the best course of action is to reinstall everything from scratch and then install the latest AV and test if the virus is still in your computer.
hero member
Activity: 826
Merit: 583
December 06, 2023, 11:08:11 AM
#49
Now to prevent you from accidentally sending to a virus address, you could use app that has contact book feature so you don't need to copy and paste everytime you send your fund to your usual address.

yes, if it's a routine transaction like sending to our exchange address, it might be possible to do it. but if you have just made a transaction with someone else or have just had several transactions, we can copy and paste the address or scan the QR code.
Copy and paste activities are often done. and if it gets a virus, of course, it becomes a serious problem. Always double-check the destination address carefully before approving a transaction. Sometimes we are too hasty and too sure of what we usually do. and that is the loophole for scammers in this way.
sr. member
Activity: 1400
Merit: 268
Fully Regulated Crypto Casino
December 06, 2023, 10:39:37 AM
#48
This is not a new thing definitely, if you said that this is not your first time then maybe re-installing into a fresh operating system could prevent this from happened again, and also complete scan your whole disk with the latest update of anti-virus database. Now to prevent you from accidentally sending to a virus address, you could use app that has contact book feature so you don't need to copy and paste everytime you send your fund to your usual address.
legendary
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
December 06, 2023, 06:21:15 AM
#47
Only solution is to always memorize your address (the last part).
The only solution is the check the entire address. Address reuse is bad for privacy anyway, so memorizing the address doesn't make sense.

Exactly, because some clipboard malwares have gone a little further than simple address replacement - they already try to replace the original address by searching in their database for the one that most closely resembles the owner's address. I know I once read about it here on the forum, and I think hackers will become even more inventive, especially now that they are using AI.

When it comes to checking addresses, those who know the risks leave nothing to chance, right?

Ledger omitting one character from a Doge address
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
December 06, 2023, 03:29:00 AM
#46
Only solution is to always memorize your address (the last part).
The only solution is the check the entire address. Address reuse is bad for privacy anyway, so memorizing the address doesn't make sense.
sr. member
Activity: 490
Merit: 346
Let love lead
December 05, 2023, 10:53:52 PM
#45
And this is the third time I have gotten infected with the clipboard virus. I don't know why I always end up with the particular virus. Though I don't know how to properly define this thing as a virus or malware. I don't use any third-party antivirus, but my Windows Defender is always on.
No bro, you should use one, window defender is good, but its virus definition sometimes is limited, its defending windows from crashing or being affected with virus and in my own experience, its protecting against boot sector virus only. Other types of virus might pass unnoticed by it as far as it doesn't affect the OS.
There are other types of virus, to mention but a few namely:
  • web  scripting virus
  • polymorphic virus
  • Resident Virus
  • multipartite virus
and a  host of others. As far as you're going online, you need antivirus to combat the viruses flying all over the net which might be more powerful than just your windows defender. There's such things as specialization, and in the area of protecting the computer properly against most virus, paid plan Antivirus is the best.

Quote
So I have no idea how I got infected. Windows defender seems to not be working regarding this virus. I guess, other antivirus programs won't work either. There is no way to fix this. So unfortunately, I had to reinstall Windows twice the same day to fully get rid of this virus.
Now I'll still ask you a question. Do you update your computer after formatting?, or do you just format and start using it without proper updates?. This has an important role to play in the overall security of your computer. There's a program called malicious files and virus removal tool in the windows OS. if you don't update your computer properly(not just using drivers pack), it will not be energized to help you defend the computer from certain viruses. Leaving your computer vulnerable and your windows defender powerless.
sr. member
Activity: 322
Merit: 318
The Alliance Of Bitcointalk Translators - ENG>BAN
December 05, 2023, 09:58:40 PM
#44
Since I come to realize that there is thing called clipboard virus which can change the address halfway I have started checking address in middle as well.

My revolution:
copy-paste address blindly >> check first letters >> check first and last letters >> current stage: check first-middle-end letters
I hope it doesn't come to stage where you have check whole address letter by letter  Tongue
Good realization mate. BTW, I don't think this malware has come to that point to clone an entire/slightly different or half of an address. It hasn't become that capable yet. One thing I'm unsure of is what triggers this virus. Certainly copy pasting casual text won't make it active, while I was infected I only realized after copying a btc address. Another thing is this virus only targets specific address? This is my concern. If it only targeted BTC then other altcoin address won't active it. And sending altcoins to an bitcoin address doesn't make sense, it it? My guess it only targets the big ones such as bitcoin or etheream etc. So if a user is infected and only uses altcoins, there is a big chance he won't detect that he is infected.

Only solution is to always memorize your address (the last part).



Ilost more than 1k$. Unfortunately some of my old address become victim permanent which I used for farming airdrop.
Sorry for your loss. Isn't airdrop a thing of a past now? Currently most of them seemed fake to me.

Quote
The reason of this could be installing windows from Third party/Installation of free apps(crack).
Correct answer.

Quote
You should have to install the new window/Linux as soon as you can because your phrase or any other information could be compromised.
I did but later I reverted back to windows. I have been using windows my entire life. Felt uncomfortable, not user friendly. Anyway, what distro you use? Any suggestion?
hero member
Activity: 812
Merit: 619
December 05, 2023, 09:33:20 PM
#43
And this is the third time I have gotten infected with the clipboard virus. I don't know why I always end up with the particular virus. Though I don't know how to properly define this thing as a virus or malware. I don't use any third-party antivirus, but my Windows Defender is always on. So I have no idea how I got infected. Windows defender seems to not be working regarding this virus. I guess, other antivirus programs won't work either. There is no way to fix this. So unfortunately, I had to reinstall Windows twice the same day to fully get rid of this virus. Such a hassle. Lucky for me, I didn't send out any funds since I remembered my original address. The moment I saw a change of address, I knew something was wrong. Here is the phishing address. The total received amount is almost $28k I wonder how many innocent people fell a victim to it.

This why I always advice to use mobile for transaction and stay away from doing any single transaction in the PC where this scam attacks are in the high numbers. Actually I have so much experience in this matter because I lost more than 1k$. Unfortunately some of my old address become victim permanent which I used for farming airdrop.

The reason of this could be installing windows from Third party/Installation of free apps(crack).

You should have to install the new window/Linux as soon as you can because your phrase or any other information could be compromised. Never use free version software which often lead to keyboard hack. I will recommend Mobile for transaction purpose which is much safer than PC but if you like to do in PC then just follow above safety step
hero member
Activity: 2520
Merit: 952
December 05, 2023, 09:19:29 PM
#42
Since I come to realize that there is thing called clipboard virus which can change the address halfway I have started checking address in middle as well.

My revolution:

copy-paste address blindly >> check first letters >> check first and last letters >> current stage: check first-middle-end letters

I hope it doesn't come to stage where you have check whole address letter by letter  Tongue

hero member
Activity: 2268
Merit: 588
You own the pen
December 05, 2023, 09:31:03 AM
#41
This was an old virus and the person behind it is a genius because they know that most people are not paying attention when it comes to sending their BTC and double check the addresses especially if the amount is just low but this could be very dangerous for some person who is sending a huge amount of BTC because he couldn't see where he went wrong until the transactions have been successful and he double check the address by that time and finally understand it all why he haven't received his BTC. That's why exchanges have some warning options to let you know that you should be double-checking the BTC address in order to prevent yourself from sending it to scammers such as this one.
legendary
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
December 05, 2023, 06:37:39 AM
#40
I also have only 8 GB of RAM
But why? RAM is cheap! If only my laptop could handle more, I'd add more Smiley

For the reason that I don't feel the need for more than that, everything works flawlessly and in fact I always have a surplus of free memory. In addition, I didn't even check how much max RAM I can add, but I assume that it is more than 8 GB because the laptop is not older than 5 years.



It's a 5 year old laptop which originally belonged to one of my relatives. But yes it's quite old. And trying to fix this might make it worse. So I rather use it how it is, until, I can effort to buy a new laptop or pc. I don't store anything important on this device, so there is nothing to worry about.

Maybe it's a low-quality device or your relatives didn't take good care of it, because I have a laptop that's almost 15 years old and it's still almost as functional as when I bought it (but I paid quite a lot for it) with the note that I installed an SSD and generally cleaned it, but I couldn't find the right RAM, so it stayed at 4 GB.

What I want to say is that there is still a significant difference (or at least there used to be) between premium devices and those of lower quality. Fortunately, I can afford to buy such devices, which, combined with careful handling, can last a very long time.
sr. member
Activity: 322
Merit: 318
The Alliance Of Bitcointalk Translators - ENG>BAN
December 04, 2023, 12:38:18 PM
#39
It's a 5 year old laptop which originally belonged to one of my relatives.
To ask the obvious: did you clean it from dust? Dust in the fan can make it get very loud when under load.
My laptop is older than that, and currently on it's third fan.
Nope, he was using it before giving it to me. I haven't looked inside but I'm pretty sure what you assumed is correct. Dust is the main problem, as far as I understood. First the HDD, then the sound system and now the fans. So yes, it's a kind of falling machine. So I don't wanna experiment with it any further. Let it be. Not worth the hassle.  Roll Eyes
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
December 04, 2023, 12:31:34 PM
#38
It's a 5 year old laptop which originally belonged to one of my relatives.
To ask the obvious: did you clean it from dust? Dust in the fan can make it get very loud when under load.
My laptop is older than that, and currently on it's third fan.
sr. member
Activity: 322
Merit: 318
The Alliance Of Bitcointalk Translators - ENG>BAN
December 04, 2023, 12:18:17 PM
#37
Then it's something else, the power supply or the motherboard (I assume it's a desktop computer) and maybe a professional should do diagnostics and determine what the problem is. I also have only 8 GB of RAM, but even when I open two browsers with a dozen tabs and everything else running in the background, I have no problems with slow work or freezing.
It's a 5 year old laptop which originally belonged to one of my relatives. But yes it's quite old. And trying to fix this might make it worse. So I rather use it how it is, until, I can effort to buy a new laptop or pc. I don't store anything important on this device, so there is nothing to worry about.

That was my intention, and you are the first to notice it in a positive sense. It seems to me that some others think that it is not right to minimize their words, but everyone has their own opinion.
I think it's totally acceptable. Since you mentioned me and resized my text, I already knew what I wrote previously. It's not that you are quoting a very old post of mine. So if it's a recent post, then yes, why not?

One place where it should be avoided, (in my opinion), is on hot topics. Because ohers might want to read all the comments there. So, making texts small might make their eyes sore. But if it is a topic like mine, where fewer comments are being made, then resizing is understable.

Another place is where a user is giving technical help or a suggestion. Apart from that, if it's a casual comment, I might resize it to my preference.

I'm one of those who don't want used things, no matter how well-maintained and in good condition they are. I like to buy new devices that have a guarantee and service provided in case there is a need for the same. I assume that there are such laptops in my environment as well, but I have never paid attention to such things.
Unfortunately, not all can effort to buy brand new devices.




It's best to triple-check when you are transacting because you can never know what you are infected with or something. It's still better to have a hardware wallet so you can check the address being sent to on the physical hardware.

Having to reformat so many times is really tiresome and still unassured that you have actually deleted that virus. Be careful.
Where I live, crypto is banned. That's why buying a hardware wallet and shipping it (clearing customs) to my place, can be quite risky. I could face legal issues. Not worth the risk.

It is. It totally wasted half of my days,  downloading 6GB windows ISO (Slow Internet speed), making a bootable pendrive, reformatting, reinstalling, updating drivers and so on. Such a headache.
hero member
Activity: 1022
Merit: 744
December 04, 2023, 11:40:46 AM
#36
And this is the third time I have gotten infected with the clipboard virus. I don't know why I always end up with the particular virus. Though I don't know how to properly define this thing as a virus or malware. I don't use any third-party antivirus, but my Windows Defender is always on. So I have no idea how I got infected. Windows defender seems to not be working regarding this virus. I guess, other antivirus programs won't work either. There is no way to fix this. So unfortunately, I had to reinstall Windows twice the same day to fully get rid of this virus. Such a hassle. Lucky for me, I didn't send out any funds since I remembered my original address. The moment I saw a change of address, I knew something was wrong. Here is the phishing address. The total received amount is almost $28k I wonder how many innocent people fell a victim to it.
It is called a clipboard malware not virus maybe that’s why windows defenders cannot protect keyboard malware attack because it has also affected me in the past.

I have to format my system and change my windows completely, and I was advices here to have two user interface so that I will have private sections for my online transactions and general user interface for my works.
Moreover, I was also advices to use Linux OS instead of windows that it’s better than windows.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
December 04, 2023, 11:29:13 AM
#35
I'm one of those who don't want used things, no matter how well-maintained and in good condition they are. I like to buy new devices that have a guarantee and service provided in case there is a need for the same.
My experience taught me warranty isn't everything. Laptop with broken case because of hinges that are too tight: blame the user. New phone that stops working: blame water damage. Don't get me wrong, I buy new stuff too, but the price quality ratio is much better for older ones. If it breaks (which doesn't happen often), I'll get another one. Disposable laptops Tongue

Quote
I also have only 8 GB of RAM
But why? RAM is cheap! If only my laptop could handle more, I'd add more Smiley
copper member
Activity: 2940
Merit: 1280
https://linktr.ee/crwthopia
December 04, 2023, 10:29:55 AM
#34
It's best to triple-check when you are transacting because you can never know what you are infected with or something. It's still better to have a hardware wallet so you can check the address being sent to on the physical hardware.

Having to reformat so many times is really tiresome and still unassured that you have actually deleted that virus. Be careful.
legendary
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
December 04, 2023, 10:25:12 AM
#33
I do have these but still it's not enough. You can say it's a decent device and it works without any problems. The only problem is it cannot handle excessive load/multi tasking. I believe if an electric device starts to show symptoms of problems, no matter how much we try to fix it, one problem after another would come. I already had to replace the HDD to SSD. After that, the colling fan started to make noises and now having problems with the sound system. It is still running but might shut down any second.

Yes, I really need to buy a new computer/laptop now
.

Then it's something else, the power supply or the motherboard (I assume it's a desktop computer) and maybe a professional should do diagnostics and determine what the problem is. I also have only 8 GB of RAM, but even when I open two browsers with a dozen tabs and everything else running in the background, I have no problems with slow work or freezing.

BTW I really liked what you did with the quotes. The resizing thingy. Looks very cool. Saves up a lot of space and highlights the reply.  Smiley

That was my intention, and you are the first to notice it in a positive sense. It seems to me that some others think that it is not right to minimize their words, but everyone has their own opinion.



by that I mean a really new one from the store, not a used one.
I think I share my love for old laptops with philipma1957 by now. And with "old", I mean at least 8 GB RAM and SSD. Wipe the laptop and install your own software.
I guess it depends on where you live though: here, corporate laptops are replaced every few years, which makes them cheap and abundant on the second hand market. You can find a decent laptop for less money than a new hardware wallet.


I'm one of those who don't want used things, no matter how well-maintained and in good condition they are. I like to buy new devices that have a guarantee and service provided in case there is a need for the same. I assume that there are such laptops in my environment as well, but I have never paid attention to such things.
hero member
Activity: 1190
Merit: 901
Livecasino.io
December 03, 2023, 05:41:45 PM
#32
This kind of virus is very dangerous. I know the kind of stress the OP went through  because of this. These clipboard hijackers are there and if you are not keen on confirming your cryptocurrency and addresses, you will end up sending money to the wrong guys and you know very well the wrong guys don't give your money back. You don't want to be in this position. I recommend that you download Clipboard Fusion software to detect and prevent manipulation of the Windows clipboard.
member
Activity: 1191
Merit: 78
December 03, 2023, 02:31:58 PM
#31
My opinion about how you get this is I think you may have downloaded a software that isn't downloaded from the original website and may be infected with that malware.

That could be the answer since, I recently got this device. So a lot of software had to be reinstalled.
Reinstallation of software shouldn't bother you more than your safety and the first mistake you made is not formatting the entire hard drive since the OS was bought from someone. In the crypto space, the only person you can trust is yourself.

But that's not what I'm worrying about. I worry about windows defender not detecting it.
Most detect viruses but do not always detect Clipboard malware. After having anti-virus and anti-malware on your computer you shouldn't rely on them to detect every attack because they only work the way they are programmed.
legendary
Activity: 1890
Merit: 1537
December 03, 2023, 02:29:17 PM
#30
For this reason, I don't store anything related to crypto on my device. I noticed this virus when I was trying to use an exchange. I copied the deposit address and that's when it happened. There was no funds, seedphrase, secret keys or important documents laying around on my desktop.

I made this post, so that other people may see it. Especially the newbies. Since many of us don't know there is a virus called clipboard virus that hijacks clipboards. The topic was created purely as a reminder (again).  Smiley
Thank you for sharing your story and this important warning for beginners. Indeed, clipboard hijacking is very common, and scammers have managed to steal a lot from people unaware of its malicious activities. The clipboard virus if not stealing sensitive and important data and personal information; can focus on replacing the copied address of a wallet/exchange in the clipboard with the scammer's wallet address. Many people may fall victim to this type of scam. Even most antivirus programs on Windows may not detect and remove it, and it can be challenging to determine if the device is infected or not. As everyone mentioned, the solution is to create a Linux operating system or use a non-main device if you prefer a Windows operating system that is not intended for conducting financial transactions and does not contain wallets or anything related to cryptocurrencies. It is best to avoid cracked programs, torrent files, or any programs downloaded from unknown sources.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
December 03, 2023, 02:18:58 PM
#29
Like edgy, or sharp.
Then set a different one Smiley

Quote
Found it. Not quite sure if it's the same as TailsOS. But it does offers similar features as TailsOS. Such as, an isolated one time windows environment. And when the session is closed, everything is erased.
That's (at best) like running an OS inside a VM. If your host OS is compromised, the client gets compromised too. And, unlike Tails OS, it doesn't run all connections through Tor.
sr. member
Activity: 322
Merit: 318
The Alliance Of Bitcointalk Translators - ENG>BAN
December 03, 2023, 01:43:19 PM
#28
The great thing about Linux is the many options you get: if you don't like one interface, try another. I'm not sure what you mean with "breaking font" though.
How do I explain it!!!  Smiley You know, like the opposite of smooth. Like edgy, or sharp.

Quote
Cracked drivers? The things Windows users do Shocked
No worries. This time, I didn't used any single crack. Lesson learned.

Quote
Why would you test all that on the same device? Get one system for serious tasks, and another one to mess around with.
Two actually. Mostly I mess with my Android device. Like flashing custom OS or Magisk (Root access) etc.

Quote
AFAIK, Windoes does have a similar feature as TailsOS.
Quote
No, it does not.
Found it. Not quite sure if it's the same as TailsOS. But it does offers similar features as TailsOS. Such as, an isolated one time windows environment. And when the session is closed, everything is erased.

https://learn.microsoft.com/en-us/windows/security/application-security/application-isolation/windows-sandbox/windows-sandbox-overview

Quote
I guess it depends on where you live though: here, corporate laptops are replaced every few years, which makes them cheap and abundant on the second hand market.
Where I live it's a different story.

-DYING_S0UL
hero member
Activity: 1428
Merit: 513
Payment Gateway Allows Recurring Payments
December 03, 2023, 01:42:59 PM
#27
There is no way to fix this. So unfortunately, I had to reinstall Windows twice the same day to fully get rid of this virus. Such a hassle. Lucky for me, I didn't send out any funds since I remembered my original address. The moment I saw a change of address, I knew something was wrong. Here is the phishing address. The total received amount is almost $28k I wonder how many innocent people fell a victim to it.
Its really scary and I can't imagine what I will do if I lose funds to these MFs (sorry for the lingu) but why they don't use there skills for something good. I know this world is full of good and bad, if there is not bad then what will differentiate good ones (it indicates the importance of bad) but they need bridle. I hope they would met the consequences of scamming people soon.

And I am happy that you detected this issue and did not become a victim. Depending on you post and reputation, I will not say this story is imaginative even if you have a address of the hacker's wallet. And I think this might be due to the windows you are using like most of the people use unlocked windows downloaded from pirated sites, are you using a pirated activated window?, If yes then delete it and install a free version of windows from there official website.

And I think funds are more safer on phones rather than on windows.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
December 03, 2023, 01:13:21 PM
#26
You can use Linux and TailOS
Tails OS isn't really convenient to use as a daily wallet, especially if OP needs to reboot to use it.

I did installed Linux Mint METE Mate. But didn't found it comfortable at first. So I had revert back to Windows. Especially the UI, how it looked, appeared. The interface, font looked like breaking, not smooth, pixels.
FTFY Smiley
The great thing about Linux is the many options you get: if you don't like one interface, try another. I'm not sure what you mean with "breaking font" though.

I don't know if USB sticks are capable enough to run this OS for a longer period of time.
Some are, some aren't. I've had USB sticks die after a few writes, and I've had sticks that last forever. To run your OS though, you'll need a fast and reliable one. Rule of thumb: don't go for the cheap sticks.

There will always some things that you'll miss when using Linux.
Nope. Once you're used to it, there's no reason to go back. But it takes a while to get used to, just like it took you a while to get used to what you're currently used to.

by that I mean a really new one from the store, not a used one.
I think I share my love for old laptops with philipma1957 by now. And with "old", I mean at least 8 GB RAM and SSD. Wipe the laptop and install your own software.
I guess it depends on where you live though: here, corporate laptops are replaced every few years, which makes them cheap and abundant on the second hand market. You can find a decent laptop for less money than a new hardware wallet.
hero member
Activity: 714
Merit: 1010
Crypto Swap Exchange
December 03, 2023, 11:41:59 AM
#25
You should consider to separate your daily computer usage from your crypto stuff. Proper usage of a hardware wallet and always checking transaction details thoroughly before you sign a transaction also helps a lot against potentially infected computers.

I'm pretty sure a Linux box solely for crypto is worth a little hassle and you get used to it. It's very likely a safer environment than your daily Windows driver with all the software shit you use (no real judgement herewith).

Pay attention to browser extensions and only use the bare minimum if any on your crypto stuff box. Not everything that's comfortable is good for safety.


If this is the third time you run into such malware, you clearly have a safety problem and you definitely should reconsider what OS and what kind of software from what sources you use. It's not nice to acknowledge but the problem sits in front of your screen.
sr. member
Activity: 322
Merit: 318
The Alliance Of Bitcointalk Translators - ENG>BAN
December 03, 2023, 10:57:32 AM
#24
Then you have a problem that is clearly detected and the solution of which you have to work on, and that is buying a new computer - by that I mean a really new one from the store, not a used one. Be sure to take into account that the computer has at least 8 GB of working memory, which is a minimum for pleasant work, and also that it has a solid processor and graphics card.

Until then, follow the advice from my previous post and don't use pirated software - and if you need a cheap license for a program, you can try to find it in Digital goods. Of course, be careful who you trade with.

I do have these but still it's not enough. You can say it's a decent device and it works without any problems. The only problem is it cannot handle excessive load/multi tasking. I believe if an electric device starts to show symptoms of problems, no matter how much we try to fix it, one problem after another would come. I already had to replace the HDD to SSD. After that, the colling fan started to make noises and now having problems with the sound system. It is still running but might shut down any second.

Yes, I really need to buy a new computer/laptop now.

BTW I really liked what you did with the quotes. The resizing thingy. Looks very cool. Saves up a lot of space and highlights the reply.  Smiley




Probably the malware is injected to the apps that you download online or from the website that usually have tons of popping ads that force you to download something once accidentally clicked. Porn sites is the number site that being use to spread this kind of malware since some user doesn’t pay much attention on the popping ads when they are watching videos in there.

WD sometimes doesn’t filter all the viruses that’s why I always have 3rd party AV for malware protection.

Yes, it came from an injected software. Most of the cracks comes in ZIP format. As long as it's inside the ZIP it cannot run. And I remember correctly I didn't extracted any Zip files. So yes your assumption maybe correct.

What AV you use? I don't like AV, VPN, System Healthcare etc third party software because most of them comes with bundle apps.
hero member
Activity: 2954
Merit: 796
December 03, 2023, 10:25:27 AM
#23
And this is the third time I have gotten infected with the clipboard virus. I don't know why I always end up with the particular virus. Though I don't know how to properly define this thing as a virus or malware. I don't use any third-party antivirus, but my Windows Defender is always on. So I have no idea how I got infected.

Probably the malware is injected to the apps that you download online or from the website that usually have tons of popping ads that force you to download something once accidentally clicked. Porn sites is the number site that being use to spread this kind of malware since some user doesn’t pay much attention on the popping ads when they are watching videos in there.

WD sometimes doesn’t filter all the viruses that’s why I always have 3rd party AV for malware protection.
legendary
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
December 03, 2023, 10:21:05 AM
#22
I know that Windows defender sucks. At times, I would even use scripts to disable windows defender and auto update. But with time, I realized that, we need at least windows defender, even if it sucks at it's job. You know? Like a basic defense. It's better then having nothing. Someone might say, why not just use other third party antivirus? My device is old, I try to install as minimal as possible to keep the load minimal. For me, it felt, heavy when using an antivirus. Background running services makes it more worse. That's why.

Then you have a problem that is clearly detected and the solution of which you have to work on, and that is buying a new computer - by that I mean a really new one from the store, not a used one. Be sure to take into account that the computer has at least 8 GB of working memory, which is a minimum for pleasant work, and also that it has a solid processor and graphics card.

Until then, follow the advice from my previous post and don't use pirated software - and if you need a cheap license for a program, you can try to find it in Digital goods. Of course, be careful who you trade with.
sr. member
Activity: 322
Merit: 318
The Alliance Of Bitcointalk Translators - ENG>BAN
December 03, 2023, 08:29:40 AM
#21
WD is something you get with Windows OS and should not be considered premium protection, so even though some will tell you that all AVs are equal (useless), that is simply not true. I don't want to advertise any such product, so I leave it to anyone who wants to know more and knows how to use search engines.

If you want to change something about the problem you are constantly running into, you have to change the way you use your computer and the internet, otherwise no antivirus or operating system will protect you.
I know that Windows defender sucks. At times, I would even use scripts to disable windows defender and auto update. But with time, I realized that, we need at least windows defender, even if it sucks at it's job. You know? Like a basic defense. It's better then having nothing. Someone might say, why not just use other third party antivirus? My device is old, I try to install as minimal as possible to keep the load minimal. For me, it felt, heavy when using an antivirus. Background running services makes it more worse. That's why.

I would say the easiest out of those open source operating systems is going to be a Linux based distro that would have a good user interface and themes which will help windows users to easily get used to it. Linux distro like Linix Mint is going to be my choice if someone wants to have a safe operating system that looks similar to Windows.
I tried to shift to Linux (Mint METE latest). But eventually reverted back to Windows as I found some difficulties. There will always some things that you'll miss when using Linux. Most of us are used to Windows. Anyway, I'll try to install Linux again. to make myself more comfortable.

Quote
Another free and open-source operating system that I used in past which's very similar to Windows XP is ReactOS.
Thank you for the suggestion. I'll check if it's still running or discontinued and then decide.
hero member
Activity: 784
Merit: 672
Top Crypto Casino
December 03, 2023, 07:17:21 AM
#20
If you are facing that problem on Windows operating system then your only possible and safe choice is to go with an open-source operating system that's managed by developers from all around the world and it's source is freely shared with the ones who use it.

I would say the easiest out of those open source operating systems is going to be a Linux based distro that would have a good user interface and themes which will help windows users to easily get used to it. Linux distro like Linix Mint is going to be my choice if someone wants to have a safe operating system that looks similar to Windows.

Another free and open-source operating system that I used in past which's very similar to Windows XP is ReactOS. I don't know if that one will work or not as I have used it when it was in its early versions but I can say that the programs worked fine on that operating system. You can give that one a try as well.

Windows operating system is used by most people and is managed by Microsoft team of developers only whom Microsoft can trust but the Linux and other open-source operating systems are managed by the community of developers who want to help others by providing them free software. You can safely trust the open-source operating systems and surely you won't face such clipboard virus or any other issues with those operating systems.
legendary
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
December 03, 2023, 06:51:56 AM
#19
And this is the third time I have gotten infected with the clipboard virus. I don't know why I always end up with the particular virus.

I made my first transaction about 10 years ago and I never had any problems with any viruses/malware, and the whole philosophy is to stop using pirated software and visiting websites that are known for distributing viruses/malware. In addition, do not accidentally click on links from unknown senders that you receive in your e-mail or via social networks.

Though I don't know how to properly define this thing as a virus or malware. I don't use any third-party antivirus, but my Windows Defender is always on. So I have no idea how I got infected. Windows defender seems to not be working regarding this virus. I guess, other antivirus programs won't work either. There is no way to fix this.
~snip~


WD is something you get with Windows OS and should not be considered premium protection, so even though some will tell you that all AVs are equal (useless), that is simply not true. I don't want to advertise any such product, so I leave it to anyone who wants to know more and knows how to use search engines.

If you want to change something about the problem you are constantly running into, you have to change the way you use your computer and the internet, otherwise no antivirus or operating system will protect you.
full member
Activity: 728
Merit: 151
Defend Bitcoin and its PoW: bitcoincleanup.com
December 03, 2023, 06:28:20 AM
#18
The reinstallation of the OS is not enough, you need to total the format the entire hard drive this will delete everything and then you install a new OS this time around use Linux distro as it is better than the windows OS or antivirus on it.

Then the exiting wallet on that device should be assumed to been already compromised you will need to create a new wallet and send your coins to the new one.

Check this link by LoyceV on which explains problems associated with CTRL-C and CTRL-V
I agree that its better to use Linux distros like Ubuntu and other flavors, It is also better if you are using a Windows PC to invest in antivirus, what is a few dollars if you are holding a large amount of money, scan your backups, sometimes you are doing backup without knowing that the malware is hidden there, some people I encounter they have fresh reinstall of windows but the virus still there, when they found out the virus is on their backup.
Always update your antivirus, and operating system, and scan all drives.
full member
Activity: 420
Merit: 120
December 03, 2023, 06:27:13 AM
#17
Please report that address of scammers to this https://www.bitcoinwhoswho.com

I checked the address and there is not scam report, scam tag against the address so we can contribute to flag it.
https://www.bitcoinwhoswho.com/address/36VMz3kzFSnFHkfgTXr7Wdx9bx5HCF8tSs

These scammers started to use that address since April 2022
https://bitinfocharts.com/bitcoin/address/36VMz3kzFSnFHkfgTXr7Wdx9bx5HCF8tSs

From that address transaction history, I found that scammers did not use automatic tool to broadcast transactions immediately after received coins from victims. Usually, after receiving, it takes like 15 minutes or 1 hour for scammers to manually broadcast transactions with very high transaction fee rate.
https://www.blockchain.com/explorer/addresses/btc/36VMz3kzFSnFHkfgTXr7Wdx9bx5HCF8tSs
legendary
Activity: 1596
Merit: 1288
December 03, 2023, 06:22:46 AM
#16

I am well aware of the risks. Thank you for the suggestion. For this reason, I don't store anything related to crypto on my device. I noticed this virus when I was trying to use an exchange. I copied the deposit address and that's when it happened. There was no funds, seedphrase, secret keys or important documents laying around on my desktop.
If viruses are in your files, reinstalling the operating system will not activate them unless you click on them. Therefore, if you do not open any file and notice that these viruses are present, then the problem is in the operating system. Either it is from an unknown source, or the crack runs before the operating system and leads to viruses running then even antivirus won't be able to notice it.

You can burn Ubuntu to Flash USB and boot from it. Here you can easily download Electrum and use Firefox to access exchanges without fear that there are viruses, and return to using Windows for other tasks.
sr. member
Activity: 812
Merit: 315
DGbet.fun - Crypto Sportsbook
December 03, 2023, 05:38:14 AM
#15
Even if you are so careful with running windows OS you can still make some mistakes that will affect your PC with malware or trojans, the best thing you can do is get a hardware wallet, the risk with PC is too high, even a smartphone with Electrum wallet is safer than running a crypto wallet on PC.

The idea of running a Linux OS is also better than windows OS if you know how to, but I am better off using a hardware wallet or a bitcoin wallet on my smartphone, there are many things I can handle pretty well but a windows OS isn't one of them.

Before I gave up on PC for storing crypto assets I always end up with a malware one way or the other, even with antivirus installed on the PC, the only thing that makes sense if you have no option that to use a windows OS is to never use the PC to surf the net or download anything online, just use the PC for crypto wallet only, nothing else.
hero member
Activity: 2464
Merit: 594
December 03, 2023, 05:17:41 AM
#14
It's frustrating and alarming to deal with such a virus, where you're not sure if you've completely eradicated it after taking the necessary steps to get rid of it. It's possible that the virus employed sophisticated methods to avoid detection, or it could be a new strain, which is why the Windows Defender antivirus program may not have caught up with it yet.
sr. member
Activity: 322
Merit: 318
The Alliance Of Bitcointalk Translators - ENG>BAN
December 03, 2023, 05:08:32 AM
#13
Reinstalling Windows with a crack You don't have to continue any further. Any crack will contain something bad. Or do you think that all hacked Windows products are created by good people who save you money?

I am well aware of the risks. Thank you for the suggestion. For this reason, I don't store anything related to crypto on my device. I noticed this virus when I was trying to use an exchange. I copied the deposit address and that's when it happened. There was no funds, seedphrase, secret keys or important documents laying around on my desktop.

I made this post, so that other people may see it. Especially the newbies. Since many of us don't know there is a virus called clipboard virus that hijacks clipboards. The topic was created purely as a reminder (again).  Smiley




I see another wrong practice here. Immediately after you got a new device, you installed, imported your wallet on it. I can not know why you do it and what is status of your previous device. Assume you have your wallet on both previous and new devices, you are too hurry to take risk with your new device that I believe not is completely new when you got it.
Check the above response I gave to lovesmayfamilis...,

You can use Linux and TailOS
I know about TailsOS. Thank you. Also used this before. But the problem is it's na one time OS. I don't know about security it gives but it was created as a privacy enhancement OS. Also, I don't know if USB sticks are capable enough to run this OS for a longer period of time. Not saying it's bad, it's just not reliable. I wouldn't just prefer this. Another thing, AFAIK, Windoes does have a similar feature as TailsOS. I can't just remember how to enable/use it at this moment. I guess, many of you didn't knew this (I guess again).

legendary
Activity: 2072
Merit: 4265
✿♥‿♥✿
December 03, 2023, 04:45:38 AM
#12

Yes, most probably I got infected using a crack version Driver updater. Since I had to fresh install everything.


Reinstalling Windows with a crack You don't have to continue any further. Any crack will contain something bad. Or do you think that all hacked Windows products are created by good people who save you money?
Besides, if hacked games are so important to you, you shouldn’t have created this topic at all and asked questions about what’s wrong with you. I think the answer is obvious to everyone.
I know many gamers who turn a blind eye to viruses because there is nothing they think is important on their devices. But if the computer has more power, the same viruses (RAT) can easily be turned into a server, which provides the ability to control it from the outside. And very often, hacked games contain it. And what will be done by another person from your IP will already depend on him, but you will be responsible.


(I made a lot of quotes to multiple users. Is it ok though to quote this much? Just a curious question  Smiley)



You did everything right.
sr. member
Activity: 322
Merit: 318
The Alliance Of Bitcointalk Translators - ENG>BAN
December 03, 2023, 04:24:23 AM
#11
install a new OS this time around use Linux distro
I did installed Linux Mint METE. But didn't found it comfortable at first. So I had revert back to Windows. Especially the UI, how it looked, appeared. The interface, font looked like breaking, not smooth, pixels.

How to prevent this
1. Don't use Windows, but we both know you're not going to change that.
Yes as you said. It is true for most of the new users. I was thinking about duel booting but unfortunately I don't have enough space to run both OS. Only 240GB SSD.

Where did you get this software? Official sources and official paid licenses, or some warez site or "friends"?
That's another reason to use Linux: no need to install hacked software.
Yes, most probably I got infected using a crack version Driver updater. Since I had to fresh install everything.

Microsoft has been selling unsecure software for decades. Why would you expect anything else now?
It's not that bad either. Most of the time it would detect malwares. Maybe not best at defending but at least it gave a notification some malicious software is in your system somewhere. So hurry up and remove it since I (defender) can't.

You know what they say: "Insanity is doing the same thing over and over again and expecting different results." (the source of this quote seems to be unknown). If you did the same thing again, you'll get the same malware for the fourth time.
I have a bad habit of changing distros. Not just Windows or Linux, also Android. Since I am a custom ROM user. I frequently change my OS, to test out new features and bugs etc.

My guess: the malware is included in some of the software you install. Or you just download it again after a few days. Either way, stop doing that. If you have confirmed malware on your system, you can't be sure it hasn't collected more data. So change all your passwords and if you use a hot wallet, create a new seed phrase on a clean system and move your funds.
No worries, LoyceV. I had nothing of crypto on my system. No keys, no doc files, no nothing. Also all the funds have been moved already. Lesson learned.





You are in vain hoping for Windows Defender, or rather, you are in vain hoping for Windows. To keep Windows crystal clean, you need to disconnect it from the network. If you start wondering how many holes users regularly open due to using this system, you will be very disappointed. Start learning Linux systems, and divide your Internet surfing into entertainment, Photoshop hobbies, and finances.
As for the addresses to which they wanted to redirect you, I see a slightly different amount in this wallet. But yes, there are complaints that the clipper was redirected to this address.
I do game sometimes. But can't buy all the games as I don't have enough money. And you know better that Linux isn't gaming friendly. Although they have Steam but that doesn't support crack games. So I had no other choise.




Thats why everyone must be reminded about copying and paste. We dont know if we are infected with such virus and a little bit of changes from the address means it got compromised. You dont click the send button right away and must have triple check or more first the address if its correct. I think it got happened to my friend on ronin wallet add. He didnt received the tokens inspite checking it was correct, however he noticed that theres a different letter and figure on last four lines. So it is a virus indeed.
I first time I got infected, I had no idea of a clipboard virus. I thought my copy paste function was broken. So I tried everything to fix it. Like editing, cleaning registry editor, using different health software or updating system etc. But couldn't fix. As a last resort, I had to format the SSD and reinstall Windows.


(I made a lot of quotes to multiple users. Is it ok though to quote this much? Just a curious question  Smiley)

legendary
Activity: 2310
Merit: 4085
Farewell o_e_l_e_o
December 03, 2023, 04:22:27 AM
#10
That could be the answer since, I recently got this device. So a lot of software had to be reinstalled. But that's not what I'm worrying about. I worry about windows defender not detecting it.
Prevention is better than cure and you must know all AntiVirus Softwares can not protect your from all online threats. If you completely rely on those AVs, and think you will be safely with their shields, you are wrong and your risk will become bigger.

Quote
And it's not that I got infected and the very moment I noticed it. I think I was infected for more then 10 days. There was no way of knowing, until I tried to make a transaction and made this discovery. That's what I don't like about it. This sly virus, not showing up anywhere until someone tried something related to crypto.
I see another wrong practice here. Immediately after you got a new device, you installed, imported your wallet on it. I can not know why you do it and what is status of your previous device. Assume you have your wallet on both previous and new devices, you are too hurry to take risk with your new device that I believe not is completely new when you got it.

You can use Linux and TailOS
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
December 03, 2023, 03:14:51 AM
#9
install a new OS this time around use Linux distro
That would be better, but:
How to prevent this
1. Don't use Windows, but we both know you're not going to change that.

I recently got this device. So a lot of software had to be reinstalled.
Where did you get this software? Official sources and official paid licenses, or some warez site or "friends"?
That's another reason to use Linux: no need to install hacked software.

And this is the third time I have gotten infected with the clipboard virus.
You know what they say: "Insanity is doing the same thing over and over again and expecting different results." (the source of this quote seems to be unknown). If you did the same thing again, you'll get the same malware for the fourth time.

Quote
I don't know why I always end up with the particular virus. Though I don't know how to properly define this thing as a virus or malware. I don't use any third-party antivirus, but my Windows Defender is always on. So I have no idea how I got infected. Windows defender seems to not be working regarding this virus.
My guess: the malware is included in some of the software you install. Or you just download it again after a few days. Either way, stop doing that. If you have confirmed malware on your system, you can't be sure it hasn't collected more data. So change all your passwords and if you use a hot wallet, create a new seed phrase on a clean system and move your funds.
legendary
Activity: 2268
Merit: 1379
Fully Regulated Crypto Casino
December 03, 2023, 03:13:57 AM
#8
Thats why everyone must be reminded about copying and paste. We dont know if we are infected with such virus and a little bit of changes from the address means it got compromised. You dont click the send button right away and must have triple check or more first the address if its correct. I think it got happened to my friend on ronin wallet add. He didnt received the tokens inspite checking it was correct, however he noticed that theres a different letter and figure on last four lines. So it is a virus indeed.
sr. member
Activity: 1274
Merit: 457
December 03, 2023, 03:09:45 AM
#7
What if you use norton or kaspersky total?
Third party antiviruses help identify malwares, but sometimes people fall into such traps through irresponsible browsing and downloading files, those traps or malwares can bypass the protection system of this type of antivirus. Therefore, I think that to avoid phishing attack, the user cannot be made to do your responsible browsing, especially on the device that does his official work. However, I would also not disencourage the use of third party antivirus.
full member
Activity: 1792
Merit: 186
December 03, 2023, 01:33:03 AM
#6
What if you use norton or kaspersky total?
legendary
Activity: 2072
Merit: 4265
✿♥‿♥✿
December 03, 2023, 12:33:54 AM
#5
You are in vain hoping for Windows Defender, or rather, you are in vain hoping for Windows. To keep Windows crystal clean, you need to disconnect it from the network. If you start wondering how many holes users regularly open due to using this system, you will be very disappointed. Start learning Linux systems, and divide your Internet surfing into entertainment, Photoshop hobbies, and finances.
As for the addresses to which they wanted to redirect you, I see a slightly different amount in this wallet. But yes, there are complaints that the clipper was redirected to this address.

https://checkbitcoinaddress.com/bitcoin/36VMz3kzFSnFHkfgTXr7Wdx9bx5HCF8tSs
sr. member
Activity: 322
Merit: 318
The Alliance Of Bitcointalk Translators - ENG>BAN
December 02, 2023, 12:32:34 PM
#4
My opinion about how you get this is I think you may have downloaded a software that isn't downloaded from the original website and may be infected with that malware.

That could be the answer since, I recently got this device. So a lot of software had to be reinstalled. But that's not what I'm worrying about. I worry about windows defender not detecting it. And it's not that I got infected and the very moment I noticed it. I think I was infected for more then 10 days. There was no way of knowing, until I tried to make a transaction and made this discovery. That's what I don't like about it. This sly virus, not showing up anywhere until someone tried something related to crypto.
hero member
Activity: 868
Merit: 952
December 02, 2023, 12:13:58 PM
#3
The reinstallation of the OS is not enough, you need to total the format the entire hard drive this will delete everything and then you install a new OS this time around use Linux distro as it is better than the windows OS or antivirus on it.

Then the exiting wallet on that device should be assumed to been already compromised you will need to create a new wallet and send your coins to the new one.

Check this link by LoyceV on which explains problems associated with CTRL-C and CTRL-V
hero member
Activity: 2268
Merit: 669
Bitcoin Casino Est. 2013
December 02, 2023, 11:41:41 AM
#2
As discussed before, it is always better to triple check when you are going to send any crypto if there's any changes to the address or not. If I say something then I would say that it is better to be safe than sorry. Well, it doesn't feel good when you lost something that you have work hard to get it or earn it and just vanish just like that. It's good that you share this to remind others who have already know this and to let others know about it that doesn't know about this yet. My opinion about how you get this is I think you may have downloaded a software that isn't downloaded from the original website and may be infected with that malware.
sr. member
Activity: 322
Merit: 318
The Alliance Of Bitcointalk Translators - ENG>BAN
December 02, 2023, 11:18:06 AM
#1
And this is the third time I have gotten infected with the clipboard virus. I don't know why I always end up with the particular virus. Though I don't know how to properly define this thing as a virus or malware. I don't use any third-party antivirus, but my Windows Defender is always on. So I have no idea how I got infected. Windows defender seems to not be working regarding this virus. I guess, other antivirus programs won't work either. There is no way to fix this. So unfortunately, I had to reinstall Windows twice the same day to fully get rid of this virus. Such a hassle. Lucky for me, I didn't send out any funds since I remembered my original address. The moment I saw a change of address, I knew something was wrong. Here is the phishing address. The total received amount is almost $28k I wonder how many innocent people fell a victim to it.

Jump to: