Hello,
As you know there are software systems which trades instead of you 24/7 all the time using some predefined or custom strategies.
Some of them are not open source, some of them are just web sites which require membership and sharing of your API keys for the given exchanges.
The ones which are not working on your local (computer), there are some problems and possibilities your money can be stolen.
When you sign up to a bot web site, you are entering an e-mail address, a password, your name and your API keys.
Some of the bot web sites are fake, even if they work, they have some other stuff on mind.
I saw that they try to login to your exchange using your e-mail and the password in case they are the same with the exchange.
In some of the web sites, there are malicious file injections over javascript (mostly for chrome users), simply the web site uploads a virus to your computer and puts it to Startup folder to make sure it will run after next restart (it wont run immediately because your antivirus or even windows firewall will detect it).
After the file injection, you are open for several types of attacks.
Simply they put some keyloggers and steal your e-mail and exchange passwords using pishing.
So you sign up a web site with expecting more money, but you lose your existing money instead.
How to understand that I'm infected?
Be careful if your browser crashes suddenly, they close the browser and expect you to enter your passwords again, then they will get them.
Stay alerted, check some unusual behavior on your computer, for example more CPU usage, suddenly showing up and hiding console windows.
Check the following files, delete them if you have one on your computer:
c:\users\
\AppData\Roaming\Adobe\SWF Frame Renderer\swfrenderer.exe
c:\ProgramData\NTuser.pol
c:\users\\AppData\Roaming\2.exe
c:\program files\Common Files\Microsoft Shared\OFFICE16\LICLUA.EXE
c:\program files\Common Files\Microsoft Shared\Office16\Office Setup Controller\pkeyconfig.companion.dll
c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
c:\program files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe
Delete suspicious files and links in this folder:
c:\Users\\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Useful software for virus removal:
It is recommended that you run and scan in this order.
And yes it is not enough to scan with just a few.
RKill - https://www.bleepingcomputer.com/download/rkill/
TDSKiller - https://usa.kaspersky.com/downloads/tdsskiller
AVG Removal Tool - https://www.avg.com/en-GB/Utilities
AdwCleaner - https://toolslib.net/downloads/finish/1/
FRST - https://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/
JRT - https://www.bleepingcomputer.com/download/junkware-removal-tool/
ComboFix - https://www.bleepingcomputer.com/download/combofix/
RogueKiller - https://www.bleepingcomputer.com/download/roguekiller/
Download Chrome Cleanup Tool - https://www.bleepingcomputer.com/download/chrome-cleanup-tool/
Malwarebytes Anti-Ransomware - https://www.bleepingcomputer.com/download/malwarebytes-anti-ransomware/
Malwarebytes Anti-Rootkit - https://www.bleepingcomputer.com/download/malwarebytes-anti-rootkit/
Malwarebytes Anti-Malware - https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/
CCleaner - https://www.bleepingcomputer.com/download/ccleaner/
Microsoft Security Essentials - https://www.microsoft.com/en-us/download/details.aspx?id=5201
Use antivirus:
Recommended BitDefender Internet Security
You can set up a 30 day trial and clean your computer.
Actually there are tons of antiviruses, if you use all of them as demo for 30 days one by one, you can have antivirus protection for a year or more.
Install antivirus on your smartphone:
You can also install BitDefender and scan it again.
How to create the most secure environment for crypto work?
- Activate 2FA, SMS and all other features in all accounts
- Get withdraw compliant measures
- Do not login to the stock exchange a dozen times a day
- Turn off your computers when you are not using them
- Store your money in more than one stock exchange
- Use a separate email address for each stock exchange
- Use a completely different password for each account
- Turn off password saving
- Use a separate browser for crypto work
- Do not have any plugins in the browser
- Use the browser with a theme, customize it, play with the color, then notice it when you see something different.
- Do a virus scan on the computer before entering the stock market or e-mail
- Do not enter sites with free stuff
- Do not tell anyone that you have Bitcoin
- Use an encrypted virtual machine (VM) for your crypto operations: Linux is recommended
- Be careful 2x more on your Windows computer
- Pay attention to the software you installed on your computer
- Choose the software you use for crypto operations from open source ones
- Change your passwords periodically (for example, add a few characters at the end)
- You can use paper to store passwords, do not leave passwords in txt on your computer
- If you want to keep passwords in txt, please keep these files encrypted with WinZip/WinRaR. It is recommended that you also keep the file in a USB flash
- Pay attention to the addresses of the sites you have entered and the security certificates (key icon in the address bar)
- Do not make your phone jailbreak or root. Use cleanly with the original operating system
- Run virus cleanup software periodically or in any doubt and scan
- Remember that not only crypto money, but also your money in the bank can be stolen the same way
A known bot with malicious team is Cryptohopper.com
You can add here other bots with bad manner.