Topic: How to lose your Bitcoins with CTRL-C CTRL-V - page 3. (Read 4419 times)
Use QR addresses. No risk at all and no need to reset your operating system.
If malware has infected, is there any other way to clean it apart from reinstalling the laptop?
There's always a way, but you'll never know for sure. I wouldn't risk it.
If malware has infected, is there any other way to clean it apart from reinstalling the laptop?
Someone asked me about this problem, his laptop was attacked by malware hijacking the clipboard. Every time he copied an ethereum address, it had a different address when pasted.
Someone asked me about this problem, his laptop was attacked by malware hijacking the clipboard. Every time he copied an ethereum address, it had a different address when pasted.
I went to search for this android app " clipper" on playstore. And I see that it's very dangerous to use the app. Android is Risky to use these days. Different kinds of malware.
It's not just android.
It basically is any operating system. Regardless of mobile (android, ios,..) or stationary (windows, linux, macos).
Malware exists for every operating system. It is just that malware for more common systems are more likely to be encountered.
In a targeted attack with malware, it doesn't really matter which OS you are using. You always need to be careful.
. I also found this article : First Android Clipboard Hijacking Crypto Malware Found On Google Play Store.
Android seems vulnerable too and it was found on Google Play Store, it this already found, for sure there are already some android app spreading with this kind of malware.
I went to search for this android app " clipper" on playstore. And I see that it's very dangerous to use the app. Android is Risky to use these days. Different kinds of malware.
Note: Checking just the vanity part of the address is not enough to ensure the address is correct. It's always safest to check all characters.
Checking all characters seems like a lot of work to do and one can get a blurred sight along the line but then, looking from the perspective of what is involved, its better to be safe and go through the process than sorry.It appears the cryptoshpere isn't friendly, lol.
some bitcoin addresses start with a "1 + meaningful characters + ... " as if someone customize his address.
How it is possible ? is there any software to do that ? -i am asking for academic purpose!-
See:How it is possible ? is there any software to do that ? -i am asking for academic purpose!-
Vanitygen: Vanity bitcoin address generator/miner [v0.22]
Pretty Addy Giveaway - part 2
Note: Checking just the vanity part of the address is not enough to ensure the address is correct. It's always safest to check all characters.
Do we have a scam alert or threats sub-board?
kinda. its here:
https://bitcointalk.org/index.php?board=83.0
Even if you check part of the pasted Bitcoin address, chances are the first few characters are the same, and you still won't notice the address was changed.
Hello, in relation to quote above, i am recently noticed that some bitcoin addresses start with a "1 + meaningful characters + ... " as if someone customize his address.
How it is possible ? is there any software to do that ? -i am asking for academic purpose!-
WOW!!! Total newbie here. Thanks for the Win/Droid clipboard heads up!
Do we have a scam alert or threats sub-board?
TIA
Do we have a scam alert or threats sub-board?
TIA
I get amazed over and over again when I read post on bitcointalk of means scammers devise to hack people account. I do copy and paste alot and most times do not take note of the address because after checking the the first 5 numbers/letters and they correspond, I go ahead.
Now that I see that I can be hacked in this manner, I would be extra careful.
Now that I see that I can be hacked in this manner, I would be extra careful.
Personally, I suggest everyone to use two devices: one for everyday use and one for only special purposes.
For special purposes:
Rule N1 - Use Linux!
Rule N2 - Only visit websites that are 100% secure. For example, if you only use binance, youtube and bitcointalk, visit only these websites and don't move on another one. Don't click on any 3rd party link that's posted on these websites, your browsing history should be only these three websites! This way you are sure that you won't get infected unless there is a problem with these three websites.
In reality, you aren't secured once you are online but it's always better to have two or more devices for special purposes.
Also, consider the OP's advice, always be extra cautious.
For special purposes:
Rule N1 - Use Linux!
Rule N2 - Only visit websites that are 100% secure. For example, if you only use binance, youtube and bitcointalk, visit only these websites and don't move on another one. Don't click on any 3rd party link that's posted on these websites, your browsing history should be only these three websites! This way you are sure that you won't get infected unless there is a problem with these three websites.
In reality, you aren't secured once you are online but it's always better to have two or more devices for special purposes.
Also, consider the OP's advice, always be extra cautious.
I wonder how I've not been a victim to this because, I don't. Do non of these things and isn't sure I would be doing that either. Won't it have been more easier to know the specific malwares to watch out for that effects these change of addresses so as to note and clean them up in one anti- whatever swipe...
Again, comparing addresses is more like you trying it manually over again. Like IASENKO said, considering a few characters isn't enough. Although, o_e_l_e_o suggestion would be effective since from indications, the changes is down within the time frame between when the address is copied and being pasted. So, a duplicate screen for typing manually instead of mare comparing alone and typing more accurately could be the best form of skepticism. Though, you'll still need to confirm before sending.
Again, comparing addresses is more like you trying it manually over again. Like IASENKO said, considering a few characters isn't enough. Although, o_e_l_e_o suggestion would be effective since from indications, the changes is down within the time frame between when the address is copied and being pasted. So, a duplicate screen for typing manually instead of mare comparing alone and typing more accurately could be the best form of skepticism. Though, you'll still need to confirm before sending.
My suspicions have been answered, so far when transferring Btc or similar transactions, I have never even been confident with just one click ctrl + c and ctrl + v then I just send it. Before making a transaction I sometimes even check the link many times at least 3 times before I actually send it. It turns out that my intuition is very useful to protect me from cases like this.
Does Windows 8.1 do that too?
I wouldn't bet against it.
In the end, you'll never know what your OS is doing.
If you want to keep sensitive information private, you'd be better off using a different OS.
Yes. Windows 10 has a built in keylogger, and it sends everything you type to Microsoft for "analysis".
Does Windows 8.1 do that too?
These post has made me to remember my past experience when i was a new into bitcoin payment, without double check the wallet address before sending the fund, that lead me to loose. while hopefully my CTRL-C Picked the addressed without changing effect, mean why, i trust my CTRL-V key to pest without me knowing address change speedily as soon as possible that lead me to double payment.
Since then, I learn my lesson for any given transaction to send fund on a hurry.
Since then, I learn my lesson for any given transaction to send fund on a hurry.
Hilarious topic title 
Since I first heard about this virus I get used to always check the first and last 3 characters.
Sometimes there is eye catching part in the middle easy to check as well (double or tripple letters, whole word etc.).
Since I first heard about this virus I get used to always check the first and last 3 characters.
Sometimes there is eye catching part in the middle easy to check as well (double or tripple letters, whole word etc.).
I've noticed that it that first 3 and last 3 never match. The malware or at least the one that I had focuses on matching the first 2 or 3 characters and that's it.
It's unable to match both first and last characters so it tries to math as many first characters as it can hoping the victim will not notice.
Matching the first and last 3 characters gives 38 billion combinations (58^6). Times 3 if you add all different address types (starting with 1.., 3.. and bc1q..). That means a 4 TB database is enough to accomplish this. And for 25% chance to find a match, just 1 TB is enough.It's unable to match both first and last characters so it tries to math as many first characters as it can hoping the victim will not notice.
Existing malware may not do this yet, but I'm pretty sure it will happen eventually. So you can just as well get used to doing a much more thorough check before sending your coins.
Isn't it enough to check just the fist 4-5 and last 4-5 characters?
It's probably enough, but I prefer a higher degree of certainty than just "probably".I had that malware on my laptop once and the first three checked out.
Some sites allow you to only see first part of the address before you copy it. The rest is covered by the "copy" button. Coinbase does it like that as well as many mobile wallets.
I've noticed that it that first 3 and last 3 never match. The malware or at least the one that I had focuses on matching the first 2 or 3 characters and that's it.
It's unable to match both first and last characters so it tries to math as many first characters as it can hoping the victim will not notice.
Jump to: