Topic: How do [btc] noobs catch keyboard logger viruses? Two theories (Read 1184 times)

if you dont want to download Blockchain like me, you can try Electrum, first of all it doesnt need to download Blockchain cause it uses online servers for that and second you can create a wallet on an offline computer and create the transaction on this pc and broadcast it on another pc that is online

It's both 1 & 2, but also they usually end up putting their password into phishing sites or reusing the same passwords on other sites that are either dodgy or compromised.

My theory is that some programs advertised as miners (created or just "compiled" by 3rd party) could actually install keyloggers.


Also I remember there was a Chrome addon, a ticker (!) that was actually stealing bitcoin, which I believe that the usual antivirus software did not catch, so the dangers are quite big. But maybe I'm wrong/too scared.

Did you miss drive C ?

That is for the backups. After the clone is done, you simply re-configure downloaded Wall papers etc..

Small sacrifice for peace of mind. { A normal re-do takes several hours } A offline clone takes +/- 1 hour.

Your fresh installed drive A, can contain preconfigured things like Wall papers / Screensavers etc.. Your decision, what you trust.

Some gaming internet cafes use this setup.  It's pretty good except for one thing:  any personalization of drive "B", say the wallpaper or other such stuff, is lost when you clone from A.  And of course you cannot leave your data like docs, pics, etc on B since it will be wiped clean every week.

Buy 3 harddrives and a docking station, with offline cloning function. {Even newbies can use this}

Have a clean install on hdd - A
Use Harddrive B as your working daily drive.
Do all backups on drive C

Use working drive for say a week, and then clone it with drive A - {Takes about 1 hour} with offline cloning.

Do this every week, and you stop accumalation of nasties on a drive, that never gets freshly re-installed. { I spoke to some friends, and they using pc's, with OS installed for years }

I gave them this advice, and they having much less troubles with virusses and keyloggers and malware etc. 

Not foolproof but it does work for most people.

It's both. Bitcoin's fungible, thus ideal for stealing. Using offline storage is ideal, but it's worth keeping in mind most don't use it. Web browsing good practices are necessary, especially people who keep hot wallets on their PC, but there're still a good many people out there unfamiliar with what that includes.

1) Don't go to websites you're unfamiliar with unless they come from someone you trust. If you have to, you should use VM software to view these sites.
2) Disable Flash and Javascript by default, enable them on websites you trust.
3) In many situations, Adblock is effective AV software (especially for old, computer-illiterate people -- if you're constantly going to your parents' house where they expect you to manually go through Task Scheduler and their registry instead of wiping their OS, install Adblock!). Feel free to disable it on sites you trust, keeping in mind they may still accidentally serve third-party content with malware.
4) VNC server software should NEVER be installed on any computer which is on the same network as your wallet-hosting software. (keep your ASIC masters on a separate network!)
5) Whenever presented a hyperlink, ALWAYS hover over it so the actual URL displays (there are also extensions/plugins which'll do this for you on most browsers). You don't want a situation like this: www.wikipedia.com
6) NEVER run an untrusted executable on the PC running your wallet client (especially "bots" you find on this forum, but also new altcoin clients). You should avoid running untrusted executables on any PC in the same network as a PC hosting your wallet client.
7) Don't be lazy in configuring your PC and network: don't keep ports open on your router, don't enable DMZ, don't have easy passwords for your PC or network, don't disable Windows UAC.
8 ) When in doubt, wipe the entire hard drive and start over.

they either downloads some virus file or get in some suspicious website, offcorse they do not antiviruses, because they are for pussies.

Yes, I'm a newbie just like you, and this is what it seems to me too.  I notice a lot of people do use "dedicated" or separated computers just for Bitcoins.  But you will find out that it takes a long time to download the bitcoin 'blockchain', if you use Armory (the best wallet for this) and, unless you use a "thin wallet" like Multibit (which is not as anonymous as Armory), if you only turn on your "dedicated" computer say once a month, you'll have a wait a long time before the "blockchain" is synchronized.  For my initial download it took 44 hours for Armory to get in synch before I could use it (but subsequent downloads only take 5 to 25 minutes, but then again I turn on Armory every day).  So if you use a dedicated Bitcoin computer make sure you turn it on once in a while. If you use Bitcoin on a Android phone, you are using a "thin wallet" so this is not important, but you are not really anonymous either.  My solution:  keep your bitcoins online with a reputable bitcoin broker (search this forum for several, I use bitstamp and some others), hope they don't go bust, and only take offline those bitcoins you intend to spend, and in small amounts that you can afford to lose.  Good luck.

It's called Keyloggers , & I guess people get infected by downloading Cracked viruses/Botnets & Trojans thinking that they are downloading them clean so they infect other people while they are not .

 I would recommend people to use Key Scrambler , It's simply Encrypt your keys & will send Encrypted keys to the guy who infected you .

It sounds so dangerous in the Bitcoin world.

If it's #1 at least I can protect myself by installing some good anti-virus software. If it's #2 then it's not easy to prevent even for experienced users.

Look like I should start thinking to use a clean and separated computer to handle my Bitcoins.

How do BTC noobs catch keyboard logger viruses?  On occasion you see in the forums a post saying that somebody lost all their money from their online or offline wallet (but connected online) with a keyboard logging virus.  

I have two theories, but I need help from experts:

1) the noobs are just like the rest of the public, in that on occasion they catch viruses, don't have the right anti-virus software, and so forth, and it's just random that they happen to be BTC users, or,

2) sites that BTC users frequent are often compromised with malware, because the bad guys know a significant portion of visitors to bitcoin sites have wallets on their HD that contain bitcoin.  So bitcoin sites (including probably this one) have their DNS servers or what not compromised to redirect users to bad sites with malware and/or are constantly probed by hackers to be compromised, and so on, including perhaps the bad guys installing some sort of packet sniffer maybe at your ISP or somewhere in-between, that finds what ISP user internet address is visiting a bitcoin site, and then the bad guys attempt to breach your firewall and install a keyboard logger, etc.

I think or hope it's #1), not #2), but I get suspicious since a lot of seemingly savvy tech geeks end up with money stolen from their bitcoin wallets, so maybe it's scenario #2)?