Pages:
Author

Topic: Concerning Malwares (Read 434 times)

hero member
Activity: 714
Merit: 1010
Crypto Swap Exchange
February 04, 2024, 05:48:47 AM
#24
Try not to use your "daily internet shit" computer for your crypto wallet stuff. Try to use a dedicated Linux machine for interaction with your crypto wallet. As mentioned earlier a hot software wallet should probably only contain as much coins as you'd normaly carry with you in your pocket or briefcase.

If you can afford a decent hardware wallet (not speaking of Ledger crap here), I'd always prefer it over solely software wallets. Always thoroughly check all transaction details before you sign a transaction. A hardware wallet needs a dedicated display for this which is only under control of the hardware wallet itself. The purpose of such a display is to allow verification if the hardware wallet received proper transaction details from the computer where your software wallet component resides.

Never store or enter your mnemonic recovery words on an online device or website. Period!
hero member
Activity: 994
Merit: 1089
January 30, 2024, 12:52:16 PM
#23
hmm this nice I. Know that hot wallet are easy to be target for hackers, keeping little asset there would actually be a smart move. So when it's comes to offline wallet which can you recommend for Me that would be more user-friendly. And easy to access.
If you store a small amount of your coins in a hot wallet, then that is surely not a problem, a hot wallet should be for storing coins that you probably want to spend on the go, maybe anything < or = $100.

For offline wallets, you can buy a hardware wallet, it is user-friendly for newbies and they can be able to use it in a safe enviroment. Passport and Trezor are examples of recommended hardware wallets. You could also set up an Electrum wallet on a completely airgapped device that will never be connected to the internet, however this is more difficult for newbies to create and use in a safe enviroment.
jr. member
Activity: 30
Merit: 1
January 30, 2024, 12:28:49 PM
#22
•What damages can a malware cause to your wallet?
•What are the signs that your wallet being attacked by malwares?
•How can it be prevented?
I think you're going at this all wrong. When it comes to malware, you should always assume the worst. Assume it's going to steal everything, and destroy all data on your computer. Once you've accepted that there is no safe online wallet, you can decide how to store your Bitcoins. So keep only small amounts on hot wallets for daily spending, and keep the majority of your coins safely offline.

"clipboard malwares"
See: How to lose your Bitcoins with CTRL-C CTRL-V.
hmm this nice I. Know that hot wallet are easy to be target for hackers, keeping little asset there would actually be a smart move. So when it's comes to offline wallet which can you recommend for Me that would be more user-friendly. And easy to access.
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
January 18, 2024, 05:30:46 AM
#21
And always update your software to the latest version as well as using a hardware wallet to store large amounts of funds.
Software updates can also cause various complications, and I wouldn't recommend it as a "must". I have often seen that a new patch update came out immediately after the last update because a bug crept in. Plus, insisting on a new update can lead to phishing mistakes.

Depends on what the software is and how it is updated.

A few dinosaur and legacy software or very complicated programs use a very involved updating process internally, that is very brittle and breaks easily (like Windows). Then you have package managers like brew, apt, dnf, pip, npm, helm and so on that are actually well-designed and should not break your configuration most of the time. YMMV.
legendary
Activity: 2870
Merit: 7490
Crypto Swap Exchange
January 18, 2024, 05:12:24 AM
#20
It's valid concern, although it's also reason people suggest to bookmark where you download the software and optimally verify GPG signature.
The first thing that comes to my mind is, for example, Update the Trezor suite or Trezor firmware. At some point, a pop-up appears with a link to download a new update. If I remember correctly, it happened that the new update brought some bugs (which were otherwise quickly corrected), so for this reason, I usually refused and waited with installing the new version. I believe that the vast majority of users immediately install the new update, without checking if everything is ok.

I get your concern. Although if the software only connect to reference or official server, it's unlikely you'll download malware (which is topic of this thread). As for new bug introduced by the update, we only can hope the software creator perform more through test.
legendary
Activity: 3542
Merit: 1965
Leading Crypto Sports Betting & Casino Platform
January 18, 2024, 01:04:09 AM
#19
Well, there are some attacks like the "Clipboard" hijacking, that can be used to replace the hackers address with the one that you wanted to paste in the sender address of the wallet, when you want to send tokens.

The address is so long and case sensitive, so people do not type it. Hackers know people just Copy&Paste Crypto addresses, so they target the clipboard.

One way to test this, is to copy and paste an address and then to paste it to a text file... if it shows another address, then you know your clipboard are compromised.
legendary
Activity: 3472
Merit: 3507
Crypto Swap Exchange
January 17, 2024, 07:46:03 AM
#18
It's valid concern, although it's also reason people suggest to bookmark where you download the software and optimally verify GPG signature.

The first thing that comes to my mind is, for example, Update the Trezor suite or Trezor firmware. At some point, a pop-up appears with a link to download a new update. If I remember correctly, it happened that the new update brought some bugs (which were otherwise quickly corrected), so for this reason, I usually refused and waited with installing the new version. I believe that the vast majority of users immediately install the new update, without checking if everything is ok.

note: just realized that you are ETFbitcoin with a new name  Wink
legendary
Activity: 2870
Merit: 7490
Crypto Swap Exchange
January 17, 2024, 06:37:47 AM
#17
And always update your software to the latest version as well as using a hardware wallet to store large amounts of funds.
Software updates can also cause various complications, and I wouldn't recommend it as a "must". I have often seen that a new patch update came out immediately after the last update because a bug crept in. Plus, insisting on a new update can lead to phishing mistakes.

It's valid concern, although it's also reason people suggest to bookmark where you download the software and optimally verify GPG signature.

Running Linux will solve most issues. Most malware runs on windows due source code being closed, so this is perfect to embed malicious code into programs Get Ubuntu and disable all possible tracking for ads Amazon and so on assuming they still do that and you are good.

That was about a decade ago though, these days there shouldn't be Amazon ads or tracking Ubuntu.
sr. member
Activity: 317
Merit: 448
January 16, 2024, 11:26:47 PM
#16
Running Linux will solve most issues. Most malware runs on windows due source code being closed, so this is perfect to embed malicious code into programs Get Ubuntu and disable all possible tracking for ads Amazon and so on assuming they still do that and you are good. An alternative would be Linux Mint. Then just don't visit any dumb websites and that's all you need to be honest. But of course you should have a separate laptop that hosts your private keys that never connects to the internet and then have a separate laptop to broadcast transactions, look up airgap bitcoin node wallet on google and get that setup for max protection.
legendary
Activity: 3038
Merit: 4418
Crypto Swap Exchange
January 11, 2024, 07:50:05 AM
#15
Some might even ask the question which is worse - if the computer is infected with clipboard malware, with ransomware or with a remote access trojan?
Generally, all of those are components of a single RAT. RATs usually has the ability to replace or copy content on the clipboard if enabled, and in certain cases are able to function as a ransomware as well. If you're infected with any of them, you would probably be infected with all of them.

Difficult question, as it is very difficult to detect a malware infection as they usually just download the wallet file to their own servers and do the cracking there.
Unless the malware is well obfuscated, most of the antivirus does behavioral analysis as well. In essence, if it does something that is out of the ordinary, it gets flagged. You can of course, evade this with a very good crypter but I don't think any of them lasts very long even with it.

Software updates can also cause various complications, and I wouldn't recommend it as a "must". I have often seen that a new patch update came out immediately after the last update because a bug crept in. Plus, insisting on a new update can lead to phishing mistakes.
It depends on the kind of updates. We've had quite a few updates for important software that didn't disclose about the fixed vulnerabilities to give their users time to perform the necessary update. Remember WannaCry? Reluctance to update was the main reason for its severity.
legendary
Activity: 3472
Merit: 3507
Crypto Swap Exchange
January 11, 2024, 07:38:03 AM
#14
And always update your software to the latest version as well as using a hardware wallet to store large amounts of funds.

Software updates can also cause various complications, and I wouldn't recommend it as a "must". I have often seen that a new patch update came out immediately after the last update because a bug crept in. Plus, insisting on a new update can lead to phishing mistakes.

Clipboard malware is a problem, but if someone is careful, they have a chance to recognize it. But I think that keyloggers cause more damage because at some point they enable full access to the wallet, PK, seed phrases, passwords, etc... Plus, it's much harder to detect it with the usual use of devices. So I would recommend the OP to pay attention to this type of malware as well.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
January 11, 2024, 05:41:38 AM
#13
don't click on shady links such as "GET FREE BITCOINS HERE"
This is one of the things that got me into Bitcoin back in the days Tongue
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
January 11, 2024, 03:51:53 AM
#12
•What damages can a malware cause to your wallet?

Well it will drain it, of course.

Quote
•What are the signs that your wallet being attacked by malwares?

Difficult question, as it is very difficult to detect a malware infection as they usually just download the wallet file to their own servers and do the cracking there.

Quote
•How can it be prevented?

Use an antivirus and don't click on shady links such as "GET FREE BITCOINS HERE" or "AIRDROP" and be careful with pirated software. And always update your software to the latest version as well as using a hardware wallet to store large amounts of funds.
jr. member
Activity: 30
Merit: 1
January 10, 2024, 01:57:55 PM
#11
•What damages can a malware cause to your wallet?
Silly question.
•What are the signs that your wallet being attacked by malwares?
How about your coin balance goes to zero in your wallet Tongue
•How can it be prevented?
Switch to Linux OS asap is the best prevention and protection..
99% of all malware is made for windows os, and you don't need to worry about this things anymore.
However, you still have to use your head to avoid common phishing attacks.

Quote
How about your coin balance goes to zero in your wallet
That would be really heart breaking and there's nothing you can do to.make it reappear 🥲

Quote
Switch to Linux OS asap is the best prevention and protection..
99% of all malware is made for windows os, and you don't need to worry about this things anymore.
However, you still have to use your head to avoid common phishing attacks.
oh alright thanks for the tips just gathering knowledge about it Incase anyone I know off having issues concerning such thing, so that I can dive in like an hero😁
legendary
Activity: 2212
Merit: 7064
January 10, 2024, 01:30:05 PM
#10
•What damages can a malware cause to your wallet?
Silly question.
•What are the signs that your wallet being attacked by malwares?
How about your coin balance goes to zero in your wallet Tongue
•How can it be prevented?
Switch to Linux OS asap is the best prevention and protection..
99% of all malware is made for windows os, and you don't need to worry about this things anymore.
However, you still have to use your head to avoid common phishing attacks.
jr. member
Activity: 30
Merit: 1
January 09, 2024, 11:14:29 AM
#9
Now I understand how it's works
A friend of mine once said thank you all for your supports
legendary
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
January 08, 2024, 10:54:11 AM
#8
Some might even ask the question which is worse - if the computer is infected with clipboard malware, with ransomware or with a remote access trojan?

For someone who has cryptocurrencies in their desktop or online wallet (CEX), clipboard malware is definitely a big risk if they don't pay attention to the details, otherwise such malware cannot cause damage. On the other hand, a computer infected with ransomware is practically useless because all files are locked, but if there is a backup, we can bypass the protection, or if there is no backup, we can wait for the authorities to catch the perpetrator and publish the decryption keys online.

I think that RAT is something that can cause the greatest damage because the hacker takes complete control over the computer, and if he does it carefully the victim does not have to notice anything for a long time. In that case, the hacker can spy on the victim and wait for the right moment to hack the wallet, because why hack someone who has $100 of value, if you have information that he plans to buy 5 or 10 times as much?

That's why the theory about checking the security of the wallet by sending a smaller amount and waiting to see if it will disappear is not completely safe.
legendary
Activity: 3038
Merit: 4418
Crypto Swap Exchange
January 08, 2024, 08:46:01 AM
#7
So base on your valuable point got me thinking you specifying "clipboard malwares" because clipboard hijacking Malwares normally copy data intercept data being copied and pasted and replace it with malicious code. That why they can replace addresses by changing it to the hacker address. So was force to make some research and found out that they different Malwares with different uses to hackers right
There is practically no difference between "clipboard" malwares or any other kinds of malware for that matter. Once your computer gets compromised, the possibility that the attacker can do is limitless. They can access your computers, change whatever is on your clipboards, dump your memory, etc.

You probably won't get infected if you're sure that you do not run any unverified or otherwise suspicious files or go to any malicious websites (most of these actually rely on vulnerabilities to escape the browser sandbox). AntiViruses ARE NOT foolproof, they compare the files against the behavior by known malwares or by looking at the signature to classify the malware. Hence, it cannot detect everything. When in doubt, use a hardware wallet.
legendary
Activity: 2870
Merit: 7490
Crypto Swap Exchange
January 08, 2024, 05:28:13 AM
#6
My questions are:
•What damages can a malware cause to your wallet?
•What are the signs that your wallet being attacked by malwares?

It depends on each malware capability. Malware which created with intention of earning money illegal usually doesn't damage your wallet software/file, but rather copy your wallet file along with it's content (private key, transaction/address note, etc.). They also may put keylogger on your system in order to obtain password when you access your wallet file.

•How can it be prevented?

It's just like how you secure your device in general. But as mentioned by other member, using hardware wallet or using your device only for Bitcoin (and optionally doesn't connect to internet) is generally better option.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
January 08, 2024, 04:22:08 AM
#5
•What damages can a malware cause to your wallet?
•What are the signs that your wallet being attacked by malwares?
•How can it be prevented?
I think you're going at this all wrong. When it comes to malware, you should always assume the worst. Assume it's going to steal everything, and destroy all data on your computer. Once you've accepted that there is no safe online wallet, you can decide how to store your Bitcoins. So keep only small amounts on hot wallets for daily spending, and keep the majority of your coins safely offline.

"clipboard malwares"
See: How to lose your Bitcoins with CTRL-C CTRL-V.
Pages:
Jump to: