Topic: Beware of Increasingly Sophisticated Malware Infection Attempts - page 11. (Read 834904 times)
Everybody please use avast antivirus. It will help remove millions to dangerous applications, and malware on your computer, which can help to avoid digging underground coin.
a year ago, my email was hacked. After that, the coins were withdrawn from the exchange . It cost about 3,5k$. 2 FA has not been installed. Gmail mail return failed. Many contacts are missing
That's why it's good to have more wallets. One for coins that are worthy of you, one for airdrop, ...
There is a new type of malware and account stealing for MEW. Its called MEWkit. It steals money from the victim’s wallet through a front-end program that mimics the MyEtherWallet.
Another one targets airdrops. They basically ask you to fill out a form with all you info and address and then redirect you to another site that is a clone of MEW. You will be requested to sign a message that will in turn steal your keys. This was informed by the official MEW account on twitter.
Another one targets airdrops. They basically ask you to fill out a form with all you info and address and then redirect you to another site that is a clone of MEW. You will be requested to sign a message that will in turn steal your keys. This was informed by the official MEW account on twitter.
This is so true there are kinds of malware infections that can infiltrate our computers, let alone our very own wallets. We just need to be more keen when it comes to securing our beloved coins and making sure that they will not just vanish into thin air, the same with the efforts that we have put into our earnings
These malware attacks keep getting more insidious and scary everyday... one cant be careful enough online
Ialways use sandboxie and shado defender before installing or running any new program now a days.. . And mediam level of hackers fears of virustotal because they send the file for further analysis(as what i've heard) and their FUD malware loose its FUD ability. So my suggestion will be... Use sandboxie or any similar software and still use softwares like shadow defender for any kind of new program
I remember back in 2012 when I first heard about mining BTC, there was a thing with viruses on graphic cards which could not be detected by standard antivirus programs.
So I did not start tan...the biggest mistake of my life so far...
So I did not start tan...the biggest mistake of my life so far...
Yes. now almost every second is subject to attack by hackers, so you need to be very careful, put more and more new programs that will secure your data. Good luck everyone)
Ever since getting into crypto I have had numerous attempts to hack my accounts. Stupidly I used a really old password when signing up for something. Over night they had attempted to use that with numerous websites/accounts, got lucky with ebay (which i hadnt used in years), got my card details that were stored in ebay and went to town buying XXL cashmere womens tights and amarni sweat shirts, and changed my account into russian with the caption "fuck you bitch this is Russia" in my detail section. Becareful, don't reuse passwords.
i'm afraid of the many issues nowadays but the team always help us to fix all the problems. thanks for the info
Knowledge is a power, we have to be safe out there. Cybercriminals are more cunning now and cryptomining malware are increasing in number, type and attacks. Be very careful about clicking links, downloading or installing programs etc related to cryptocurrencies. It's better to ask from someone who is expert in such issues rather than try to make any blunder. If you should have you desktops wallet / private keys and so on, on your mail (internet connected machine) then do make sure to only install software, say mining scripts and so on from the official sources. Of course we, in this very thread, have learnt of exploits even from he get go, dev aware or not.
In the past months, malware infection attempts on this forum has become increasingly sophisticated. Below is a summary of infection techniques that I have encountered. With the most sophisticated attacks, common sense and virus scans is no longer sufficient to ensure safety.
"latest wallet"/"custom wallet"/"faster miner"
A newbie asks for the latest wallet, or wallet that doesn't have any tx fees, or the latest/fastest miner, and the attacker posts his in response. This type of attempt Usually gets spotted pretty quickly.
Copied/new ANN
The attacker creates a new ANN topic and posts a malware link as the wallet (or a legit one and changes it to a malware one later).
Replacing links in quotes
The attacker quotes a legitimate post containing a download link written by the real developer (usually the OP or a update post) and changes the link within the quote to a malware link.
Compromised dev account
The developer account (usually responsible for making the OP) is compromised and a "mandatory update" is posted. This usually happens with old/abandoned coins so the real developer isn't there to notice the rogue update.
Packed/FUD executables
In most of the cases above, the malware has little to now detections on virustotal. This is because any script kiddie can pay $30 and have their malware crypted, rendering them fully undetectable.
Modified source with backdoor
This was recently brought to my attention via a user report. A newbie, under the guise of reviving a coin posted a new client along with source. However, the source was modified to include a backdoor in the IRC bootstrapping mechanism.
"latest wallet"/"custom wallet"/"faster miner"
A newbie asks for the latest wallet, or wallet that doesn't have any tx fees, or the latest/fastest miner, and the attacker posts his in response. This type of attempt Usually gets spotted pretty quickly.
Copied/new ANN
The attacker creates a new ANN topic and posts a malware link as the wallet (or a legit one and changes it to a malware one later).
Replacing links in quotes
The attacker quotes a legitimate post containing a download link written by the real developer (usually the OP or a update post) and changes the link within the quote to a malware link.
Compromised dev account
The developer account (usually responsible for making the OP) is compromised and a "mandatory update" is posted. This usually happens with old/abandoned coins so the real developer isn't there to notice the rogue update.
Packed/FUD executables
In most of the cases above, the malware has little to now detections on virustotal. This is because any script kiddie can pay $30 and have their malware crypted, rendering them fully undetectable.
Modified source with backdoor
This was recently brought to my attention via a user report. A newbie, under the guise of reviving a coin posted a new client along with source. However, the source was modified to include a backdoor in the IRC bootstrapping mechanism.
I always try to browse without the activation of javascript.
I think that prevents many attacks from happening. Unfortunatelly many sites require it, so browsing becoms more difficult.
I think that prevents many attacks from happening. Unfortunatelly many sites require it, so browsing becoms more difficult.
Thank you article provides me the knowledge required to enter into this market
two days ago the friends of mine were robbed through mew, likely compromised, so I started to think how to protect ourselves cos we thought that this won't happen to us...well, guys, is it real to track their further transactions down? But if they'll try to launder money through the darknet, it will no longer be reality(
we really need to be extra careful when trying any alt bitcoin some are not real has they seem....
Is there still malware infection attempst? Thank you!!
I am so unlucky that I fall for this kind of attack today. Some kind of pop-up tab that contains malware. And after a few hour the hacker transfer every cent of ETHER from my wallet. I should to be more careful next time.
Nowadays, malicious software spreads very quickly and unexpectedly. They are hidden in various forms of electronic information, such as harmless software, information links, etc. They can get your personal data if the intrusion is complete, even offline. Personal property stolen by hackers happens regularly. Choose safe and appropriate security measures, at the same time, always beware of uncertainty.
Jump to: