ETH amount hacked by Clipboard attack! - page 3.

Slash61

member

Activity: 633

Merit: 14

Quote from: bartolo on August 26, 2018, 10:15:31 AM

Quote from: tusherk800 on August 26, 2018, 07:26:28 AM

Quote from: hase0278 on August 26, 2018, 07:22:26 AM

Thanks for the tips OP but I think that method is only effective at preventing yourself from being a victim of the clipboard attack. Also, that method will not make you 100% safe from that kind of attack because the hacker can try to just brute force the character you have edited since he got a clue on how your private key is structured(since you will only edit 1 character). Instead of editing only 1 character, I think editing 5 characters at least will make it harder for the hacker to access your wallet.

Thanks, mate. I think it will be more hard for the hacker and we will be safer.

In the case of the private key it's best to write it on a sheet of paper, or in two if possible. If not, you will run the risk of forgetting the digits or letters that you have changed and in addition you will still be at risk of being hacked and that the attacker discover your trick, especially if you only change one or more consecutive characters at the start or at the end of the private key.

But I think storing it in memory that is not accessible to the network or can be called offline will be safe because hackers do not have network access to retrieve it, indeed the main mistake is that each of us does not pay attention to the original site and does not pay attention to public connections, it is very risky to use it arbitrarily, so pay attention to its own level of security if after all is lost, everyone doesn't want to know.

bundo

full member

Activity: 308

Merit: 100

Hackers Steal Virtual Currency Ethereum It often happens and always finds loopholes. with a review that you write, hopefully everyone will be more careful in maintaining their assets.

roadwell890

member

Activity: 490

Merit: 11

thanks, very good advice, indeed I also have a sense of suspicion of some applications on my computer, because some applications, have access to what data we are copying and we will paste, so, I always do tricks like the you say,
and until now, my funds are safe

miyaka26

full member

Activity: 476

Merit: 105

It was not just a clipboard attack, it was infested with a virus to infect the copy and pasting of wallet address changing it to hackers wallet address, whenever I paste my own address I always double check it before engaging to any transactions, better to scan your own pc with a decent antivirus, keep your OS updated to patch, don't run any suspicious program.

Raggie

member

Activity: 462

Merit: 10

Quote from: tusherk800 on August 26, 2018, 07:05:02 AM

Hi friends,

Yesterday one of my friend got hacked by pishing. I mean by clipboard attack. He lost his ETH. It is very dangerous hack.
Clipboard attack can change and know any data while you copy and paste.

So, Be careful while you do copy and paste your password or address. Check every time after pasting your translation address.

And you can also use a manual technique which is unique.

Wherever you save your address or private key will remove/change one digit and save it. but you have to remember the digit. because when you will paste anywhere you have to add the digit by checking the address.

This technique is useful.

No one could hack you even though they have your password.

because only you know the correct password.

Thanks.👍✌️

Honestly i dont know about clipboard attack. How can the hacker know what kind of text copied by me ?
Yes, i am always double checking my pasted address when i want to send some of my coins to the other address.

jhenfelipe

hero member

Activity: 1372

Merit: 647

Copy Paste Malware/Virus.

If you don't want to be a victim, just don't rush when payments/transactions are involve. Tbh, it should always be like that, right? ( well, for me it's a MUST). A minute or two would be enough to double/triple check the address/private key that we pasted.

Quote from: VanDeinsberg12 on August 26, 2018, 10:45:58 AM

I have seen so many people have been getting the same case as your friend. Basically your friend's PC has been affected by ransom ware that has copied the scammer's address to the clip board. You should remind your friend to keep update and never try to click on any suspicious link. It seems like your friend being trapped by scammer.

Ransomware is different, the malware encrypts your files and it will not be decrypted unless you pay a ransom to the address given. Friend of mine experienced it, but he didn't pay and decided to just reset the PC (fortunately he has a back up of the files)

jarojak

newbie

Activity: 112

Merit: 0

Password and other account security related is biggest problem nowadays. Too many apps, accounts and passwords makes people can not rely on their memory to remember all of them. Sometimes I already forgot my password as soon as I quit the apps I just sign-up, so I have to write it down on notes. Thanks for the good tips.

talkbitcoin

legendary

Activity: 1372

Merit: 1032

All I know is that I know nothing.

that is why you use cold storage!

for ease of use and if you have a considerable amount you just simply buy a hardware wallet and make yourself safe.
if you don't want that they you create a wallet offline and then use that to always sign transactions and then broadcast them online. you can even use MEW for this. there is an offline use section in it. you just have to download the website's source code and have it offline then move between the two systems.

of course it goes without saying that you should always double check everything and never install things you don't know or visit sites that are shady.

Ps. BIP21 that bitcoin has can prevent this Tongue

you just click a link and it fills the information inside your wallet without using clipboard or needing any copy paste.

VanDeinsberg12

hero member

Activity: 1540

Merit: 507

Quote from: tusherk800 on August 26, 2018, 07:05:02 AM

Hi friends,

Yesterday one of my friend got hacked by pishing. I mean by clipboard attack. He lost his ETH. It is very dangerous hack.
Clipboard attack can change and know any data while you copy and paste.

So, Be careful while you do copy and paste your password or address. Check every time after pasting your translation address.

And you can also use a manual technique which is unique.

Wherever you save your address or private key will remove/change one digit and save it. but you have to remember the digit. because when you will paste anywhere you have to add the digit by checking the address.

This technique is useful.

No one could hack you even though they have your password.

because only you know the correct password.

Thanks.👍✌️

I have seen so many people have been getting the same case as your friend. Basically your friend's PC has been affected by ransom ware that has copied the scammer's address to the clip board. You should remind your friend to keep update and never try to click on any suspicious link. It seems like your friend being trapped by scammer.

butka

full member

Activity: 434

Merit: 246

Quote from: tusherk800 on August 26, 2018, 07:05:02 AM

So, Be careful while you do copy and paste your password or address. Check every time after pasting your translation address.
[...]
And you can also use a manual technique which is unique.

This is one of the oldest tricks in the book, but it doesn't mean it is less effective. If you are in a hurry, you can easily overlook that the pasted address is not your intended address.

I don't think manually entering the address is an efficient ways to prevent such an attack. If you often make a lot of transactions, it can be a tedious job. However, for larger transactions, even that is possible.

A vanity address (I have no idea if Etherum has vanity generators, probably yes) is a nice thing to have to counter this kind of attack. You cannot miss noticing that your address has changed.

dataispower

sr. member

Activity: 1330

Merit: 289

Quote from: tusherk800 on August 26, 2018, 07:05:02 AM

Hi friends,

Yesterday one of my friend got hacked by pishing. I mean by clipboard attack. He lost his ETH. It is very dangerous hack.
Clipboard attack can change and know any data while you copy and paste.

So, Be careful while you do copy and paste your password or address. Check every time after pasting your translation address.

And you can also use a manual technique which is unique.

Wherever you save your address or private key will remove/change one digit and save it. but you have to remember the digit. because when you will paste anywhere you have to add the digit by checking the address.

This technique is useful.

No one could hack you even though they have your password.

because only you know the correct password.

Thanks.👍✌️

A great idea, we will change some characters in the password or private key and we have to save those characters somewhere else. I will do it this way, It's a bit of a hassle every time I log in, but it will help me stay safe if I'm attacked

Mt. Dempo

jr. member

Activity: 294

Merit: 1

very dangerous, I always use the clipboard when I want to enter myetherwallet and it turns out that it is a crack to hack my wallet, this is terrible. thank you for your warning and I will use the technique you provided.

bartolo

hero member

Activity: 1176

Merit: 501

Quote from: tusherk800 on August 26, 2018, 07:26:28 AM

Quote from: hase0278 on August 26, 2018, 07:22:26 AM

Thanks for the tips OP but I think that method is only effective at preventing yourself from being a victim of the clipboard attack. Also, that method will not make you 100% safe from that kind of attack because the hacker can try to just brute force the character you have edited since he got a clue on how your private key is structured(since you will only edit 1 character). Instead of editing only 1 character, I think editing 5 characters at least will make it harder for the hacker to access your wallet.

Thanks, mate. I think it will be more hard for the hacker and we will be safer.

In the case of the private key it's best to write it on a sheet of paper, or in two if possible. If not, you will run the risk of forgetting the digits or letters that you have changed and in addition you will still be at risk of being hacked and that the attacker discover your trick, especially if you only change one or more consecutive characters at the start or at the end of the private key.

tusherk800

member

Activity: 188

Merit: 70

TAU COIN

Quote from: hase0278 on August 26, 2018, 07:22:26 AM

Thanks for the tips OP but I think that method is only effective at preventing yourself from being a victim of the clipboard attack. Also, that method will not make you 100% safe from that kind of attack because the hacker can try to just brute force the character you have edited since he got a clue on how your private key is structured(since you will only edit 1 character). Instead of editing only 1 character, I think editing 5 characters at least will make it harder for the hacker to access your wallet.

Thanks, mate. I think it will be more hard for the hacker and we will be safer.

hase0278

hero member

Activity: 882

Merit: 544

Thanks for the tips OP but I think that method is only effective at preventing yourself from being a victim of the clipboard attack. Also, that method will not make you 100% safe from that kind of attack because the hacker can try to just brute force the character you have edited since he got a clue on how your private key is structured(since you will only edit 1 character). Instead of editing only 1 character, I think editing 5 characters at least will make it harder for the hacker to access your wallet.

tusherk800

member

Activity: 188

Merit: 70

TAU COIN

Hi friends,

Yesterday one of my friend got hacked by pishing. I mean by clipboard attack. He lost his ETH. It is very dangerous hack.
Clipboard attack can change and know any data while you copy and paste.

So, Be careful while you do copy and paste your password or address. Check every time after pasting your translation address.

And you can also use a manual technique which is unique.

Wherever you save your address or private key will remove/change one digit and save it. but you have to remember the digit. because when you will paste anywhere you have to add the digit by checking the address.

This technique is useful.

No one could hack you even though they have your password.

because only you know the correct password.

Thanks.👍✌️

Friends this awareness in not only for Ethereum but also for all crypto asset. I hope this thread will make us aware and will make more educated.

Topic: ETH amount hacked by Clipboard attack! - page 3. (Read 444 times)