Pages:
Author

Topic: Beware of Increasingly Sophisticated Malware Infection Attempts - page 45. (Read 660162 times)

legendary
Activity: 1064
Merit: 1002
Thanks this was very informative. I guess this forum is a big target for malware developers who want to steal easy crypto money.

Or any noob with access to it.

How to detect RAT (remote admin tool) --> https://youtu.be/btn9nWE3X7o


I get about 1-3 emails a month with a RAT as an attachment. The most recent of which seems to be smart enough to detect they are in a vm. Mostly java based meaning they effect Unix/Linux machines as well as Windows

Keep java off any machine you store crypto on. That should be a no brainer

legendary
Activity: 1624
Merit: 1001
All cryptos are FIAT digital currency. Do not use.
Thanks this was very informative. I guess this forum is a big target for malware developers who want to steal easy crypto money.
I'm surprised we haven't seen a more concerted effort, honestly.

What makes you say that ?

Is there a way to detect files that have malware binded to them ?
legendary
Activity: 980
Merit: 1000
Thanks this was very informative. I guess this forum is a big target for malware developers who want to steal easy crypto money.
I'm surprised we haven't seen a more concerted effort, honestly.
legendary
Activity: 1624
Merit: 1001
All cryptos are FIAT digital currency. Do not use.
Thanks this was very informative. I guess this forum is a big target for malware developers who want to steal easy crypto money.

Or any noob with access to it.

How to detect RAT (remote admin tool) --> https://youtu.be/btn9nWE3X7o
hero member
Activity: 508
Merit: 500
Jahaha
Thanks this was very informative. I guess this forum is a big target for malware developers who want to steal easy crypto money.
legendary
Activity: 1624
Merit: 1001
All cryptos are FIAT digital currency. Do not use.
Please check your "program files(x86) and the youruser/appdata/local/TEMP folders ! The ASN client is a remote desktop hack !

https://bitcointalksearch.org/topic/m.10951987



newbie
Activity: 10
Merit: 0
I just received something like this an hour ago.  I was surfing Ebay and laughed when I saw PimpCash.  Having to see if it was real, I went to pimpcash.com. Immediately something like what you showed came up.  However, for me, it pretended to be my service provider and gave me a number to call.  I confess I did try to call but the ring didn't sound right.  Sounded like an old telephone.  I hung up and rebooted my computer.  Things seem to be ok now.  I ran a quick scan and all seems to be okay.  Is there anything else I should do to check to see if my computer is okay?

Any thoughts ?

EDIT
SPR, ORB and at least one or two other coins are using this faucet/ block explorer site.

BE VARY WARY OF THE MULTIFAUCET BLOCK EXPLORER !

I searched an for an address and was left with having to fight virus scan pop ups for a few minutes.
sr. member
Activity: 630
Merit: 250

Lol, this was just the beginning, If I can put a keylogger in my 64mb lappy bios.. I can do it with anyone..

Keep in mind this hack was released solely by them to LOCKDOWN your bios so you cant tamper with overclocking your machine.. the security they released after this demonstration is exactly how they get into your bios as only the NSA would LOVE.

Edit: There is need for a new style of bios security, like anti virus, which, when your bios gets bigger, can load in bios FIRST, before bios is loaded.. it's not as hard as you think, but I'm not THAT good..
full member
Activity: 121
Merit: 100
Thanks for being on top of this and keeping us informed, we do appreciate it!
sr. member
Activity: 630
Merit: 250
Wow.. this is like so pointless (not the thread, the 'hack') nowadays.. why not just place a keylogger in bios, then no matter what os folks use, you have 100% access to whatever machines are connected?

Edit: Hint: Speedracer.
newbie
Activity: 33
Merit: 0
Would running each wallet/miner in a different virtual machine with virtualbox prevent the effects of this kind of malware?

Yes, that would be one solution.
legendary
Activity: 1190
Merit: 1004
Would running each wallet/miner in a different virtual machine with virtualbox prevent the effects of this kind of malware?
newbie
Activity: 47
Merit: 0
That's terrible. Anyone of you encountered the ransom cryptolocker? I heard about it not long ago. What is wrong with people?
legendary
Activity: 1624
Merit: 1001
All cryptos are FIAT digital currency. Do not use.
In my case, IE11 was completely locked up and I had to be fast with the "end process" clicks.

I've never had my browser hijacked like this. That is unless we count AMD's user surveys they keep imposing on us after a driver install. lol
newbie
Activity: 33
Merit: 0
The multifaucet.tk wallet search would redirect you to a third-party ad network. Subsequently, the ad network would redirect you to the destination page -- which, in this case, is the result of the wallet search. I'm in California; the ad network being shown is adf.ly. Depending on your geographic location, you may get a different ad network. These third-party sites generate revenue for multifaucet upon every ad view. This is paid for by the ad publisher. However, multifaucet has no control of what ads are being shown. To maximize their profits, ad publishers may show ads that may lead to malware, which promises higher margins than conventional ads.

In my case, I encountered the following page:

https://i.imgur.com/xzj6fWl.png
legendary
Activity: 1624
Merit: 1001
All cryptos are FIAT digital currency. Do not use.
Any thoughts ?

EDIT
SPR, ORB and at least one or two other coins are using this faucet/ block explorer site.

BE VARY WARY OF THE MULTIFAUCET BLOCK EXPLORER !

I searched an for an address and was left with having to fight virus scan pop ups for a few minutes.






sr. member
Activity: 439
Merit: 288
I'd like to add the bitcoinwisdomapp.com to the blacklist. It's a keylogger behind it.
sr. member
Activity: 264
Merit: 250
Could you please post the coin's name and maybe others that you may have found ?

This is found in the "Lucky7coin" source code, as linked above.
newbie
Activity: 33
Merit: 0
Pages:
Jump to: