Topic: Beware of Increasingly Sophisticated Malware Infection Attempts - page 26. (Read 837801 times)

My friend was transferred token / coin where to go without knowing, now be careful as possible to not lose money.
- do not receive coin free when the source is not clear
- do not click on strange links
- no strange software downloads
Please protect your money!

Thanks for the insight - there are alot of devious people out there trying to advantage of people. Good work
"latest wallet"/"custom wallet"/"faster miner"
A newbie asks for the latest wallet, or wallet that doesn't have any tx fees, or the latest/fastest miner, and the attacker posts his in response. This type of attempt Usually gets spotted pretty quickly.

Copied/new ANN
The attacker creates a new ANN topic and posts a malware link as the wallet (or a legit one and changes it to a malware one later).

Replacing links in quotes
The attacker quotes a legitimate post containing a download link written by the real developer (usually the OP or a update post) and changes the link within the quote to a malware link.

Compromised dev account
The developer account (usually responsible for making the OP) is compromised and a "mandatory update" is posted. This usually happens with old/abandoned coins so the real developer isn't there to notice the rogue update.

Packed/FUD executables
In most of the cases above, the malware has little to now detections on virustotal. This is because any script kiddie can pay $30 and have their malware crypted, rendering them fully undetectable.

Modified source with backdoor
This was recently brought to my attention via a user report. A newbie, under the guise of reviving a coin posted a new client along with source. However, the source was modified to include a backdoor in the IRC bootstrapping mechanism.
here is the relevant source code:

I agree. We have to be careful with hackers.

You need to install a nice anti virus and it also depends on the browser you are using. If you will disable those blocks and you will start to install Adblock you might be free from those malware that we can get from suspicious websites that we never noticed coming in to our computers. You can download it and it's for free but if you want to invest for security too, there are paid versions that you can purchase.

is there any good application to block all the malwares from online websites?

I did not encounter similar problems. But thanks will be kept in mind that this is possible. Fortunately, I got on this topic. In general, I am against installing third-party software on my computer.

The recipe is simple - do not go to suspicious links and make sure the address is correct!

I've stopped downloading Images or clicking unknown links from strangers. I think this is the most important part. Plus make sure to do the following as well:

1) Use separate devices for exchange logins

2) Don't use public Wifi

3) Dont share screenshots of your mobile network with people (read how John MAcfee's mobile network being hacked and his twitter account being compromised)

Well.. http and not https simply indicates there is no encryption in the http packets coming on/off that link's server.

If the link points to a page that has HTTP where you have to insert user and passwords or credit cards -> IT IS A SCAM! because that information will be out in cleartext and somebody might be able to snatch it.

if the link points to a HTTP page that has only informations and data to display to you (a static website), then https is not strictly necessary and it does not indicate a scam necessarily.

if the link points to a page that has HTTPS there is encryption, but still don't be 100% sure and always investigate further!!!

will simply a http link and not a https link indicate a possible malware or scam link, if you have any info on this , please give some explanation on this ?

Thanks!

yes of course!!! Be always careful about files that you dowload from the internet AND links that you find on the internet.

Files because of course a malicious file can execute code that creates a backdoor access for attackers or compromises your system.
Links because when you click a link you send a request to a certain server. The server knows your IP address and can start scanning it to find open ports and vulnerabilities, which can ultimately used to run exploits against you and compromise you in many ways.
Also links can simply be phishing attempts, which means you go to a login webpage that looks familiar and put your credentials. These credentials are immediately stolen because the page is crafted by an attacker.

Is there still malware infection attempst? Thank you!!

very useful information for me. so we should be more careful to be aware of the increasingly sophisticated malware infections today

Thanks for the heads up!

I got mine today via Speedcoin but didn't able to get a screenshot deleted it right away.

Paid or free? For paid one I'll stick with ESET, I had it on my laptop but for free one and you are using Windows 10, Windows Defender (a built in anti virus) is enough.
If Bitdefender is doing that to wallet files that's risky if you had your coins out there, try Malwarebytes.

i've same problem. in my task manager i got "winconhost". its that the malware or not?

Whats everyone's view of best virus protection against malware? I switched to Bitdefender several months ago and it had blocked several sites. The only downside i have come across, is the blocking of some of the wallet files. It can be a bit fiddly in adding them to trust.

Hello Crypto Investors.

Whenever convenient, provide me with more info on the following ICO's:

1. LiveEdu
2. RestartEnergy
3. Giftz
4. ATF
5. Cointed
6. RedChain
7. Titanium

Thank you for this post. I'm kind of a security geek but reading about these attemtps to steal crypto stash made me even more aware of the dangers of not researching something and just go ahead and install random stuff.