Author

Topic: Beware of Cryptoshuffler (Read 187 times)

sr. member
Activity: 728
Merit: 421
August 10, 2023, 07:43:33 AM
#20
A high  rank member made a post of a similar occurrence last week of an account holder facing similar issues and in a tone of $20 million but no virus of such name as you mentioned was noted on the post. I just believe it is a similar occurrence repeating itself that is why one needs to be careful of links you click through telegram platform, emails, social media  etc so as not to download their programmed virus into your device which would give scammers and hackers straight access into your details and using them to steal from you.

Here is the thread to the link of the $20m similar attack.
$20M stolen by "Zero Transfer Scam" phishing trick
hero member
Activity: 1414
Merit: 542
August 10, 2023, 06:44:55 AM
#19
Yes, this is nothing new, this is called Clipboard stealer, and there are a lot of variants of it along the years and it has been called with different names.

@LoyceV even created a dedicated thread for it here: How to lose your Bitcoins with CTRL-C CTRL-V.

So the best thing to do is just to check multiple times the addresses before we send anything to it.
legendary
Activity: 1890
Merit: 1537
August 09, 2023, 05:24:54 PM
#18
This Trojan is not common, although it was discovered by Kaspersky several years ago. I think it is less dangerous than other Trojans, as this CryptoShuffler trojan only affects the clipboard of the victim's computer, especially targeting crypto miners and people who download from torrent sites. This type of Trojan horse does not steal the victim's information or steal his files as a ransom, so what it only does is replace the pasted address while the victim copying and pastes his wallet address and press send; if the victim has enough focus and compares the address that was entered carefully, he will be able to differentiate between the hacker's address and his address and escape from this fraud. Suppose the victim's computer has a powerful antivirus running in the background, constantly scanning the device and the downloaded files. In that case, the antivirus program will be able to determine whether or not his computer has a Trojan horse called Trojan-Banker.Win32.CryptoShuffler.gen, block it and remove it, and the victim will be on the safe side, of course.
hero member
Activity: 2632
Merit: 787
Jack of all trades 💯
August 08, 2023, 09:32:07 AM
#17
I believe this is one of the reasons why LoyceV doesn't usually like anything that will lead to downloading an external app on its mobile device.
Not only on mobile Wink It's quite simple: there may or may not be malware in software, but if you don't install it, you're sure it's not on your system.
this is true because once its already installed, you don't know if it already infected the systems once its already there since in mobile application they always asked you to allow the application to change something, but just want to add that ignoring unknown software which you think will harm the system in the first place, is the best option, is not to even look or click something if you are not sure, this always comes on emails or even a link from a friend which he/she is not aware of the danger, he became the spreader and carrier at the same time.


For this we should not download anything random especially those unknown to us even if we think its useful since we don't know if this is totally safe and there are to many bad guys planted something illegal just to take advantage to those unaware people about such schemes. To many reminders that never click anything unfamiliar since we might spot a malware like this if we are curious on every link we encounter.
sr. member
Activity: 2520
Merit: 280
Hire Bitcointalk Camp. Manager @ r7promotions.com
August 08, 2023, 08:57:17 AM
#16
It doesn't seem any different than clipboard hijacker which appears to be exists for years in PC as well as smartphones.

So if you ever want to avoid losing bitcoins via such attacks then better read this How to lose your Bitcoins with CTRL-C CTRL-V

And FYI, it is possible to get complete control of your smartphone when you click the link send by an attacker which includes access to your camera, microphone, File manager, display and everything.
full member
Activity: 728
Merit: 151
Defend Bitcoin and its PoW: bitcoincleanup.com
August 07, 2023, 07:18:48 PM
#15
I believe this is one of the reasons why LoyceV doesn't usually like anything that will lead to downloading an external app on its mobile device.
Not only on mobile Wink It's quite simple: there may or may not be malware in software, but if you don't install it, you're sure it's not on your system.
this is true because once its already installed, you don't know if it already infected the systems once its already there since in mobile application they always asked you to allow the application to change something, but just want to add that ignoring unknown software which you think will harm the system in the first place, is the best option, is not to even look or click something if you are not sure, this always comes on emails or even a link from a friend which he/she is not aware of the danger, he became the spreader and carrier at the same time.
hero member
Activity: 784
Merit: 672
Top Crypto Casino
August 07, 2023, 02:15:39 PM
#14
The hackers and scammers always find a way to hack the coins of the users that's why I always recommend everyone to keep their coins in a cold wallet instead of hot wallet. In cold wallet someone is sure that the system is secure and is free from any type of malware, and even if someone connects it back to internet in order to transfer the coins into another wallet this type of malware won't harm such users as their system has been offline and they haven't installed any software into it.

Such type of hacks are often very hard for someone to notice because they change the address of the wallet and if someone is trying to send thousands of dollars worth of Bitcoin then that user will face huge losses because of such malware. The only good option to be safe from such software is the cold wallet option and I recommend everyone to go for that if they are holding good amount in Bitcoin.

I believe this is one of the reasons why LoyceV doesn't usually like anything that will lead to downloading an external app on its mobile device.
Not only on mobile Wink It's quite simple: there may or may not be malware in software, but if you don't install it, you're sure it's not on your system.

I agree with you, the only safe option to be free from malware is to avoid installing the software or apps on a system where you store your online wallets. We must have to have some wallets that we use for transactions and for such wallets safety we should avoid installing any software or applications that could penetrate our system.
hero member
Activity: 770
Merit: 538
Leading Crypto Sports Betting & Casino Platform
August 07, 2023, 01:47:44 PM
#13
PC users will be more familiar about this, I think it's also the same thing as the clipboard virus, of which I have read more than two cases. Someone who is familiar with such cases (clipboard Virus) would already be aware of these trending malwares that can be used to steal one's assets without the victim's knowledge. Non the less, anyone who is copying a wallet should also be sure to cross-check the wallet before sending out funds to it because this malware is becoming a problem for crypto users and other internet users. You can also read "Warning when using mobile device wallets (Android, iOS)." There are just a lot of malware attacks from hackers this time around, and everyone just needs to be very careful and make their security a priority.
hero member
Activity: 812
Merit: 560
August 07, 2023, 01:20:02 PM
#12
Now your copied wallet address can be replaced with a scammer's address without your knowledge.

There's a thread that talks more extensively on this https://bitcointalksearch.org/topic/how-to-lose-your-bitcoins-with-ctrl-c-ctrl-v-5190776 how to loose you bitcoin using copy and paste, this call for us to be very careful on how we carelessly allow the introduction of these malware into our device we used through the downloads we made and some unsecured sites we visit, when copying and pasting of any address, we should always very the same address copied is what was pasted for us from the clipboard and not just assum it was, we have to verify and be certain, because while pasting, they might have been replaced since the clipboard is already under attack in some cases, address copied must always tally with the one pasted.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
August 07, 2023, 12:54:48 PM
#11
I believe this is one of the reasons why LoyceV doesn't usually like anything that will lead to downloading an external app on its mobile device.
Not only on mobile Wink It's quite simple: there may or may not be malware in software, but if you don't install it, you're sure it's not on your system.
hero member
Activity: 798
Merit: 702
August 07, 2023, 12:29:53 PM
#10
This kind of virus is the reason why one should be very careful with things that they download online and in app stores, as downloading some unknown apps is a good way for scammers to penetrate the user's device and access whatever they want without the user's knowledge. Especially all these fancy keyboards that offer some kind of special future that makes them appear to be better than others should also be avoided, including some games apps as well. In fact, anything that appears to be unnecessary on one's gadget shouldn't even be downloaded to that device for security reasons, especially on a device used to run financial transactions. I believe this is one of the reasons why LoyceV doesn't usually like anything that will lead to downloading an external app on its mobile device.
hero member
Activity: 1246
Merit: 699
August 07, 2023, 10:30:12 AM
#9
The latest scam is called Cryptoshuffler. This trojan steals coins under your nose by replacing your copied wallet address in your clipboard. Ordinarily, when you copy and paste wallet addresses, you have nothing to fear until cryptoshuffler comes into play.
I also initially used to frequently copy and paste addresses for BTC transactions. but lately, I prefer to scan barcodes. I don't know if allowing our address on exchanges or other platforms can change. but I'm just anticipating if it happens and will get the wrong address when sending.
we all must realize how important it is to double-check addresses, networks, and nominal values every time we make a transaction. however, scammers will always upgrade their ways to harm others.
full member
Activity: 728
Merit: 151
Defend Bitcoin and its PoW: bitcoincleanup.com
August 07, 2023, 09:23:08 AM
#8
This malware is dangerous because you will never realize that you computer is infected, since you computer acts normal, I work in a company, their computers are mostly above minimum specs of computers, but they are complaining about the speed sometimes it slows down, so i have scan their computers and found crypto miner in the system, which been installed together with pirated software's,  
Here is the link also about the crypto shufflerhttps://www.kaspersky.com/blog/cryptoshuffler-bitcoin-stealer/19976/
so this malware is not new its been terrorizing since 2016.
sr. member
Activity: 784
Merit: 306
Hire Bitcointalk Camp. Manager @ r7promotions.com
August 07, 2023, 08:51:19 AM
#7
A user once complained about something similar to what you just said in the forum. When he pastes a copied address into another wallet on his PC, he receives a different address. This is clipboard malware; perhaps cryptoshuffler is just another term for it to confuse people.  You can read the post to learn more about how to deal with such situations when they arise. Click here; I need solution to this malware problem.
legendary
Activity: 2730
Merit: 7065
August 07, 2023, 08:05:39 AM
#6
This is a different type of clipboard malware that essentially works like any other versions. You copy an address and when you paste it, it gets replaced with one that belongs to the scammers. This should be easy to spot if you are careful and pay attention to where you send your coins.

There is always a source where you copied the address from.
If someone send you the address, compare the one you have pasted into your wallet to the one in the source.
If you are sending to yourself, check and compare with your own wallet.
If you are using a hardware wallet, the address will be displayed on the hardware wallet screen.

Careful individuals shouldn't become victims of clipboard malware. The virus can't replace the address in the source, so always compare to that and stay vigilant.
legendary
Activity: 2002
Merit: 2534
The Alliance Of Bitcointalk Translators - ENG>SPA
August 07, 2023, 07:56:14 AM
#5
If you want to get a ban, continue to use your referral link.

If you don't want to be banned, remove the referral link.

4. No referral code (ref link) spam. [1]

I have checked the archive of this post and visited the link as well. I don't think it was a referral link. It was linked to the article on this original topic. He has to provide the source of the content he is sharing in this forum to avoid getting banned for plagiarism. Maybe because his link contained 921977?ref=79183127&utm_campaign=app_share_link, you thought it was a referral link. No, When you read an article using the Binance app and try to share or copy the article link, it adds that part.

Not a referral link, I saw the post and I think it is useful, that's why I posted it
You should edit the topic and add the source link to the original content. You can remove the ref part, and it will still work.
Add this in your OP https://www.binance.com/en/feed/post/921977

If I'm not wrong, removing that part is always a good idea to avoid tracking, but as recently said, it doesn't seem to be anything according to the rules of the forum in this particular case. Anyway, it's always better to prevent when in doubt.

Back on topic, that copy-paste scam you talk about is not new and veterans here always double-check the pasted addresses before sending Bitcoin transactions. Newcomers should also take into account that just checking the first or last letters/numbers is not enough, because advanced tools can generate addresses with beginnings and endings similar to the original ones: it is better to check the digits in the middle of the address, when not every single one like it is advisable for large transactions.
hero member
Activity: 462
Merit: 767
Instant cryptocurrency exchange with own reserves!
August 07, 2023, 06:57:19 AM
#4
If you want to get a ban, continue to use your referral link.

If you don't want to be banned, remove the referral link.

4. No referral code (ref link) spam. [1]

I have checked the archive of this post and visited the link as well. I don't think it was a referral link. It was linked to the article on this original topic. He has to provide the source of the content he is sharing in this forum to avoid getting banned for plagiarism. Maybe because his link contained 921977?ref=79183127&utm_campaign=app_share_link, you thought it was a referral link. No, When you read an article using the Binance app and try to share or copy the article link, it adds that part.

Not a referral link, I saw the post and I think it is useful, that's why I posted it
You should edit the topic and add the source link to the original content. You can remove the ref part, and it will still work.
Add this in your OP https://www.binance.com/en/feed/post/921977
member
Activity: 388
Merit: 30
Reward: 10M Sheen (Approx. 5000 BNB) Bounty
August 07, 2023, 05:53:29 AM
#3
Not a referral link, I saw the post and I think it is useful, that's why I posted it
hero member
Activity: 1442
Merit: 775
August 07, 2023, 04:08:03 AM
#2
If you want to get a ban, continue to use your referral link.

If you don't want to be banned, remove the referral link.

4. No referral code (ref link) spam. [1]
member
Activity: 388
Merit: 30
Reward: 10M Sheen (Approx. 5000 BNB) Bounty
August 07, 2023, 03:46:50 AM
#1
THE LATEST SCAM IN CRYPTO: You Can Lose All Your Coins in Seconds

Scams in the crypto space have evolved and become more sophisticated over time due to various factors, including the increasing popularity of cryptocurrencies, the relative anonymity of transactions, and the lack of regulatory oversight in some jurisdictions.

Scammers can now get access to your phone when you click an unsuspecting link on social media platforms.

The latest scam is called Cryptoshuffler. This trojan steals coins under your nose by replacing your copied wallet address in your clipboard. Ordinarily, when you copy and paste wallet addresses, you have nothing to fear until cryptoshuffler comes into play.

Now your copied wallet address can be replaced with a scammer's address without your knowledge.

Stay safe, guys.

Credit : https://www.binance.com/en/feed/post/921977?
Jump to: