Pages:
Author

Topic: Beware of Increasingly Sophisticated Malware Infection Attempts - page 44. (Read 860919 times)

newbie
Activity: 2
Merit: 0
I have heard of dead coins.. is this a scam/malware? I would like to know about them before investing in any type of online currency. Thanks!
legendary
Activity: 1894
Merit: 1001
Won't Norton Internet Security detect the malware if present on a certain wallet?

I have been using NIS (legally bought, not patched) for a long time. Hope it can detect them.

Also they are updating binaries every time with "Virus Definition Updates".

Can anyone confirm the facts by testing any malicious wallet on a PC with NIS previously installed?

  malware/virus detectors only foil amateur hackers(period) use sandboxie, and know that some malware can detect being opened in sandboxie... or deep freeze, but the hacker gets your coin anyway ...

 linux is the best bet, go ahead, take the plunge   Cheesy
hero member
Activity: 658
Merit: 500
Well, BTC hardware wallet protection starts to be very complicated, because trojans, worms also are more developed. Only Linux can help, I think  Wink
member
Activity: 70
Merit: 10
Won't Norton Internet Security detect the malware if present on a certain wallet?

I have been using NIS (legally bought, not patched) for a long time. Hope it can detect them.

Also they are updating binaries every time with "Virus Definition Updates".

Can anyone confirm the facts by testing any malicious wallet on a PC with NIS previously installed?
newbie
Activity: 29
Merit: 0
Another pretty save and easy to use program is Deep Freeze.
You can freeze your Windows partition and as soon as you reboot, your pc will go to the state you made when you "freeze" it.
This way no viruses,keyloger,trojans,rats and etc can infect you (as soon as you reboot, the bad staff is gone).
Downside is that you will have to put the block-chain of any coins you use on the second partition of your harddrive (because you will not be able to update the wallet on the windows partition).
copper member
Activity: 2856
Merit: 3071
https://bit.ly/387FXHi lightning theory
I have also noticed, I was unable to download one of the cryptocurrency cores as it was flagged up as being harmful by norton internet security! This is highly likely with all of the cryptocurrency cores as they are open source which means nothing is protecting them from being hacked and placed onto the cryptocurrency's website in order to attack the computers of many users!

  if programs are open source then you can look at the code yourself, to see whether or not it is malicious. try that with windows or any other closed-source executable

I'm not great at reading binary code: as that is what the .exe extension usually means, is there a better way to read programms

(disclaimer: i am no expert here)
  source code is human readable, you don't have to be a programmer to look at it, neither do you have to fully understand all the nuances of an executable to see if it might be malicious.

 check out github
https://github.com/explore

wean yourself from Windows if you haven't already
i like to dual-boot: when i start my pc i can choose win or lin. i always prefer linux but sometimes i'm stuck with 'doz
open source is awesome
it is the life blood of digital liberty imo.  Cheesy

 
 

I do quite like linux, I have a raspberry pi b+ which cannot run a lot of operating systems. Is there a way to change the BiOS so that if I have a certain external hard drive connected then it will run from that. I know it is F2 when started up but I don't want to change the factory settings of my laptop
legendary
Activity: 1894
Merit: 1001
I have also noticed, I was unable to download one of the cryptocurrency cores as it was flagged up as being harmful by norton internet security! This is highly likely with all of the cryptocurrency cores as they are open source which means nothing is protecting them from being hacked and placed onto the cryptocurrency's website in order to attack the computers of many users!

  if programs are open source then you can look at the code yourself, to see whether or not it is malicious. try that with windows or any other closed-source executable

I'm not great at reading binary code: as that is what the .exe extension usually means, is there a better way to read programms

(disclaimer: i am no expert here)
  source code is human readable, you don't have to be a programmer to look at it, neither do you have to fully understand all the nuances of an executable to see if it might be malicious.

 check out github
https://github.com/explore

wean yourself from Windows if you haven't already
i like to dual-boot: when i start my pc i can choose win or lin. i always prefer linux but sometimes i'm stuck with 'doz
open source is awesome
it is the life blood of digital liberty imo.  Cheesy

 
 
legendary
Activity: 1806
Merit: 1164
How to keep your home computer malware free.
 
How could it happen?
Clicking a link or attachment in email.
Visiting a website that has malware installed. Depending on your browser settings and what plug-ins you have installed (Flash, Java, Acrobat Reader) malicious software could be installed on your computer without out you knowledge.
 
What could happen?
You could loose all the data on your computer.
All the data on your computer could be held for ransom.
Your computer could be used to commit crimes.
Your personal information could be stolen.
Someone could access all of your accounts.
Someone could log everything you type.
Someone could access all the files on your computer.
 
Prevention
Update your operating system and third party applications.
http://secunia.com/vulnerability_scanning/personal/
 
Disable auto run for Plug-Ins
In Google Chrome navigate to chrome://settings/content.
Under Plug-ins select Click to play.
You can add exceptions by going to chrome://settings/content, Plug-ins, and clicking "Manage exceptions..."
 
Use a DNS server that blocks known malicious sites
Symantec https://dns.norton.com/
Comodo https://www.comodo.com/secure-dns/
 
Use Windows Defender on Windows 8 or Microsoft Security Essentials on Windows 7
They are free and affective.
 
Buy and install MalwareBytes Premium and Malware Bytes Anti-Exploit Premium ($25 Each)
 
Be suspicious about links and attachments in emails. Don't click them.
 
Backup your data
Use BitTorrent Sync to sync your data with another computer.
Use and application like Acronis TruImage to make a scheduled backup to an external drive. Get two external drives and rotate them regularly. Keep one copy at a different location.
Use a cloud based backup service like Carbonite, Crashplan or Backblaze.
 
Consider replacing your current router with with a UTM (Unified Threat Management) firewall that has security software built in. Note that most of these are relatively expensive and require ongoing subscriptions.
Example http://www.asus.com/support/FAQ/1008719/

Be careful with remote access to your PC
Don't use VNC to remotely access your PC. Passwords are easily brute forced via automated scanning scripts. For best security consider two-factor authentication.

Good advice to take to heart, thanks for taking the time to post.
copper member
Activity: 2856
Merit: 3071
https://bit.ly/387FXHi lightning theory
I have also noticed, I was unable to download one of the cryptocurrency cores as it was flagged up as being harmful by norton internet security! This is highly likely with all of the cryptocurrency cores as they are open source which means nothing is protecting them from being hacked and placed onto the cryptocurrency's website in order to attack the computers of many users!

  if programs are open source then you can look at the code yourself, to see whether or not it is malicious. try that with windows or any other closed-source executable

I'm not great at reading binary code: as that is what the .exe extension usually means, is there a better way to read programms
legendary
Activity: 1894
Merit: 1001
I have also noticed, I was unable to download one of the cryptocurrency cores as it was flagged up as being harmful by norton internet security! This is highly likely with all of the cryptocurrency cores as they are open source which means nothing is protecting them from being hacked and placed onto the cryptocurrency's website in order to attack the computers of many users!

  if programs are open source then you can look at the code yourself, to see whether or not it is malicious. try that with windows or any other closed-source executable
copper member
Activity: 2856
Merit: 3071
https://bit.ly/387FXHi lightning theory
I have also noticed, I was unable to download one of the cryptocurrency cores as it was flagged up as being harmful by norton internet security! This is highly likely with all of the cryptocurrency cores as they are open source which means nothing is protecting them from being hacked and placed onto the cryptocurrency's website in order to attack the computers of many users!
copper member
Activity: 2856
Merit: 3071
https://bit.ly/387FXHi lightning theory
correct me if im wrong but maleware its generecly for executables in windows no? i mean the wallets are but its not kaspersky enough?
if not why do we need to protect from the case of reteiving passorws from the users and other stuff from enven pen drives with wallets (including the common coins ones) like doge ltc btc and a few more.

Malware can still be coded on linux and can be hdden inside programs. Linux needs more permissions but if you allow the rogram to run, then you allow the malware to run and harm you computer whether it is linux or mac!
full member
Activity: 219
Merit: 102
Edit: There is need for a new style of bios security, like anti virus, which, when your bios gets bigger, can load in bios FIRST, before bios is loaded.. it's not as hard as you think, but I'm not THAT good..
Or they could just put a small mechanical switch in like the dip switches they used to put on the motherboard years ago. Problem solved.
newbie
Activity: 9
Merit: 0
man, this is terribly scary!
sr. member
Activity: 305
Merit: 250
Managing Director of Maryjanecoin LLC
newbie
Activity: 56
Merit: 0
All of them use only keylogger
Can we ensure safety to our wallet.
legendary
Activity: 1624
Merit: 1001
All cryptos are FIAT digital currency. Do not use.
WARNING !! This client is making outbound connections to known malware and/or phishing sites.


http://www.urlquery.net/report.php?id=1434020970582

The "Recent reports on same IP/ASN/Domain" section shows other suspicious sites/links.
https://www.virustotal.com/en/url/946ac3207509fb493eaf2e02e107b97cc03513cb373bb007a8a61b9b6b0fe61c/analysis/1434120962/

Now lets see what the debug.log has to say...
Code:
2015-06-12 12:41:10 connection timeout
2015-06-12 12:41:11 trying connection 77.249.89.46:9748 lastseen=1802.3hrs
2015-06-12 12:41:16 connection timeout
2015-06-12 12:41:17 trying connection 104.219.250.234:9748 lastseen=7.2hrs
2015-06-12 12:41:22 connection timeout
2015-06-12 12:41:22 trying connection 82.238.124.41:9748 lastseen=33.6hrs
2015-06-12 12:41:27 connection timeout
2015-06-12 12:41:28 trying connection 77.85.35.151:9748 lastseen=170.7hrs
2015-06-12 12:41:33 connection timeout
2015-06-12 12:41:33 trying connection 137.135.57.119:9748 lastseen=27.6hrs
2015-06-12 12:41:38 connection timeout
2015-06-12 12:41:39 trying connection 96.54.4.190:9748 lastseen=21.7hrs
2015-06-12 12:41:44 connection timeout
2015-06-12 12:41:44 trying connection 87.154.210.76:9748 lastseen=378.8hrs
2015-06-12 12:41:49 connection timeout
2015-06-12 12:41:50 trying connection 103.230.107.12:9748 lastseen=2166.3hrs
2015-06-12 12:41:55 connection timeout
2015-06-12 12:41:55 trying connection 104.219.250.234:9748 lastseen=7.2hrs
2015-06-12 12:42:00 connection timeout
2015-06-12 12:42:01 trying connection 62.157.39.12:9748 lastseen=2675.3hrs
2015-06-12 12:42:06 connection timeout
2015-06-12 12:42:06 trying connection 71.100.135.84:9748 lastseen=16.9hrs
2015-06-12 12:42:11 connection timeout
2015-06-12 12:42:12 trying connection 162.255.117.105:9748 lastseen=52.5hrs
2015-06-12 12:42:17 trying connection 104.219.250.234:9748 lastseen=7.2hrs
2015-06-12 12:42:22 connection timeout
2015-06-12 12:42:23 trying connection 71.100.135.84:9748 lastseen=16.9hrs
2015-06-12 12:42:28 connection timeout
2015-06-12 12:42:28 trying connection 5.139.143.81:9748 lastseen=3461.6hrs
2015-06-12 12:42:33 connection timeout
2015-06-12 12:42:34 trying connection 104.219.250.234:9748 lastseen=7.2hrs
2015-06-12 12:42:39 connection timeout
2015-06-12 12:42:39 trying connection 104.219.250.234:9748 lastseen=7.2hrs
2015-06-12 12:42:44 connection timeout
2015-06-12 12:42:45 trying connection 87.154.214.25:9748 lastseen=2063.7hrs
2015-06-12 12:42:50 connection timeout
************************************************************
2015-06-12 12:42:50 trying connection 104.219.250.234:9748 lastseen=7.2hrs**
************************************************************
2015-06-12 12:42:55 connection timeout
2015-06-12 12:42:56 trying connection 80.57.229.215:9748 lastseen=115.2hrs
2015-06-12 12:43:01 connection timeout
2015-06-12 12:43:01 trying connection 77.232.5.253:9748 lastseen=1191.0hrs

Report for the address, 104.xxx.xxx.234, :
http://www.urlquery.net/report.php?id=1434121818636

And one of it's suspicious links/sites :
https://www.virustotal.com/en/url/3b1a7af045bdc8005e8243f65d203df04ba8d43f9e10fd39af1004aad75da0ed/analysis/1434122387/
sr. member
Activity: 378
Merit: 257
So just to be clear, I can hacked without downloading anything but just by visiting a naughty site?  And I should uninstall acrobat, java and flash altogether?  Wow thanks for this information.

Yes you can get hacked visiting a website because your browser (Internet Explorer/Chrome/Firefox...) execute the scripts by default.
The solution against it is to use NoScript plugin in Firefox : it will block every scripts and make browsing much safer. You'll need to check and authorize scripts one by one. If anything is suspicious, you can get away without damage.

Another question, I have Norton 360, but is malwarebytes that much better? 
And thanks for this thread.  Many of us don't know all that much about these threats so thanks for educating us.

Antiviruses cannot detect new virus or specific crypto malwares.
It only protect from known viruses.

The solution to be safe is to use Linux (Ubuntu for example) for anything related to crypto.
Viruses developed for Windows cannot target Linux.
Linux users can still get targeted through the Internet browser, that's why you should use NoScript too.

Thanks for the explanation!  I am thinking of getting a computer dedicated to just crypto transactions after reading this.  It seems like no matter how careful you are there is always a danger.
sr. member
Activity: 280
Merit: 250
be careful people
legendary
Activity: 2156
Merit: 1131
So just to be clear, I can hacked without downloading anything but just by visiting a naughty site?  And I should uninstall acrobat, java and flash altogether?  Wow thanks for this information.

Yes you can get hacked visiting a website because your browser (Internet Explorer/Chrome/Firefox...) execute the scripts by default.
The solution against it is to use NoScript plugin in Firefox : it will block every scripts and make browsing much safer. You'll need to check and authorize scripts one by one. If anything is suspicious, you can get away without damage.

Another question, I have Norton 360, but is malwarebytes that much better? 
And thanks for this thread.  Many of us don't know all that much about these threats so thanks for educating us.

Antiviruses cannot detect new virus or specific crypto malwares.
It only protect from known viruses.

The solution to be safe is to use Linux (Ubuntu for example) for anything related to crypto.
Viruses developed for Windows cannot target Linux.
Linux users can still get targeted through the Internet browser, that's why you should use NoScript too.
Pages:
Jump to: