Topic: Beware of Increasingly Sophisticated Malware Infection Attempts - page 42. (Read 689547 times)

Could you List the différent scam

 

  use www.virustotal.com to scan small files (like wallets) it uses +/- 50 AV engines to scan, it's prolly faster than using your onboard AV

                            - BUT remember, serious hackers will have no problem hiding their payload

                                                                                      

Speaking of antivirus can the results from AV-TEST be trusted?

Is it impartial? do they do proper testing or just surface easy stuff?

Thank you for this warning, (i said with 30 trojan horse viruses attacking me at the same time)

Case in point.. The NAV dev didn't like this line of questioning ..

Read and/or research much ?

It was an inside job.
https://bitcointalksearch.org/topic/cryptsy-stopping-withdraw-locking-accounts-without-notifying-users-class-action-1173703

That aside, people will someday know them as one of, if not, the main source of crypto related malware.

An infected coin daemon can rob a whole exchange.. It happened to Cryptsy.
https://bitcointalk.org/index.php?topic=1328521.0;all

Or maybe call Verizon and have them change your phone to them.

Wow that sounds simple and yet all feel really possible. Well I have to say it's not just as a "possible" hypothetical thing going on. How you said it, it's actually happening right now as we speak. Guess one thing you can do to be safe is dont go public with sites you are to show a very personal picture of you.

There are several bitcoin viruses...

there are none within the chain, but there are many that sit in the pc and when you copy/paste your address, they choose from a list and copy and paste an address that looks like yours, but is really one from an hierarchal wallet belonging to someone else.  that way when you think you are sending BTC to your wallet, your are really using one of theirs....pretty easy stuff to write, the hardest part would be to search the list without delaying too much,  changing the contents of the clipboard is easy, checking to see if it is a bitcoin address could be tricky to pull off, but not really hard, simply starting with the number of characters and then if that matches checking for the absence of spaces, checking the first two characters against a list and going from there, pretty junior high school stuff

while what you say is more than true, it is done everyday over and over because most people are more lazy than they are smart....and that is something that every thief can count on to change from now until the end of time.    and that applies to each and every person to some degree.  anyone that disagrees would lock their car door each and every time they leave the car.  the most common excuse would be that they are not parking in a bad place or whatever, it is still an excuse and i don't lock the doors on the car that often either, but i won't make excuses, i am too damned lazy to lock/unlock the door each and every time...

but when it comes to financial security, i sure as hell dot the i's and cross the t's

wtf are these noobs? with 0 activity just saying the same sh** over and over? lollll.
Every one should know that never use passwords for emails and other accounts on many other sites. this is just logic.

services are catching up, but that means that the hacks will catch up too, i foresee with apps and security like 2fa and all the mobile wallets that a smartphone will be the only thing a person carries not too long from now, wallets in the phone, passwords in the phone, 2fa, and finally personal identification and voila, everything in the smartphone

THEN, the thieves and hackers only need to steal one thing to own you, YOUR PHONE, lol

 gr8 post dude   quoted you

ya, been using keepass for a while, a unique and complex pswd for every account is a must nowadays


pm an addy if you' like 2b tipp'd some TALK  

the simplest malware is a website

i have never done it, but known people that have and it is so simple and never catches a single eye

you download and install wordpress and set up a good strong blog, set up a free user based subscription and that is it

most computer/internet users have 1-5 email addresses and two of those are used more than the rest

most users have three main passwords and two others

passwords vary by user based on the three security password configs, any number letter combo six keys or more, must have a letter and a number and the last that adds the special character requirement

for example, depending on the website requirements a normal user may have these three main passwords

password
password123
password123$

when they sign up for your blog, they are likely using their secondary/spam catch email and one of those main passwords

when they signed up for a bank account, paypal or another main service, they used their main email and one of those passwords

a word press site that requires a special character, number and text has just about gotten all three passwords by simply working backwards, don't spam the subscribers and ask them for a second recovery email account after thirty days and you will have the primary email, probably, if not, that is a pretty easy find on the internet

no viruses, no Trojans or keyloggers, just human nature and the inability to remember too many damned passwords

i have know developers to take it one step further and modify the sign up process, the signup would keep telling the person that the email was already in use three times and get three email addresses and then the password setup script was modified to be a real pain and say no to the simple password, asking for a capital and number, then after that password, add the special character request and boom, three main passwords and three email addresses, worse case scenario, the person gets frustrated and leaves the site

too much of a pain for me and just sooooooo wrong, but one of our past IT guys did it over and over, the hardest part was actually developing a strong and good blog that made people want to sign up, with traffic at 500 plus per day, that means around 20 new signups each day, he collected them but never did anything, just as a case in point, after two years he had around 18,000 user profiles, he spot checked more than fifty and was in their paypal within three minutes, used that to see their bank accounts and in those accounts in another three minutes with about a 87% sucess rate

remember when you sign up on a new site or app, you are giving that info to whoever made(or even copied) the site and i personally have both spam emails catcher and a full set of spam passwords that i use on new sites, plus my credit cards can all produce a virtual number from their site for use on unknown websites that will disappear after one use or a given amount of money spent, you almost need to be three people, the businessman, the social magnet, and then guy who hands out info to any site that so much as looks interesting, lol

A very useful warning, People should be careful while using macros. I think people usually get attracted over using specific bots or these type of macros and get scammed.

Yes... we should really be very attentive to malware infections. The last infection attempt I found was through an email. This email seemed to come from the Dropbox team, but it wasn't. If any of you received such an email you should delete it immediatelly.

Thanks, well that means I'm gonna use the .org installation then. Thanks 4 the info groggin.

 never had a problem w/litecoin.org, ya gotta watch that - congrats on killing it!

Good day guys, just wanna ask if there are other people in here that facing the same issue that I have encountered. I just downloaded litecoin wallet for windows from litecoin.com, yes, it's litecoin.com not litecoin.org. And after I install it on my pc, suddenly on the folder where I put the litecoin wallet installer adds 2 files, 1 is a batch file, the other is..... well.... I don't know what the heck is the other file.

So, after the installation successful, I tried to delete the installation files, which.... it can't, same ol' being used by the system warning excuse, while the installation process has finished. So I start the task manager, and found that there is one file that doesn't have an explanation of what file that is on the right panel, so.... open file location which leads to a folder named dclogs.... curious.... so I try to open it then wow.... only a few minutes and it has already written down 3 of my browsing activities (I noticed from the creation date of the files inside the dclogs folder). google it..... and I came to know that it was a some kind of a keylogger.... hmmm.... bummer but I'm quite lucky.....

My question is, does it even possible that the installation file from litecoin.com contains this keylogger? And I'm a bit hesitant to download from litecoin.org. Does this issue ever happen to someone in here? Are litecoin.com and litecoin.org are in the same team? I would be appreciate if someone could give me (a newbie) an info on this matter, and thanks  .