Pages:
Author

Topic: How to lose your Bitcoins with CTRL-C CTRL-V - page 6. (Read 4419 times)

full member
Activity: 350
Merit: 144
Thanks for this wonderful topic @LoyceV! It will be useful for beginners. I have many friends who are victims of this.
I translated this topic into Turkish.

Dikkat: CTRL-C CTRL-V ile Coinlerinizi Nasıl Kaybedersiniz? 

This is actually a good idea.
If this is allowed and of course, @LoyceV is OK with it, I can translate it too for the Romanian sub-forum.
full member
Activity: 266
Merit: 214
Analist - Trader - Yazar
Thanks for this wonderful topic @LoyceV! It will be useful for beginners. I have many friends who are victims of this.
I translated this topic into Turkish.

Dikkat: CTRL-C CTRL-V ile Coinlerinizi Nasıl Kaybedersiniz? 
full member
Activity: 350
Merit: 144
I wonder if there is a possibility to exist even a malware that change the address "pasted" right before sending the TX (0.1 sec before you click "SEND" button).
In addition to NeuroticFish's good suggestion above regarding Electrum, this would also be prevented by using a hardware wallet (and not just for bitcoin, but for all coins). Even if the malware changed your "send to" address just as you clicked "send", you would still have the opportunity to check the address on the hardware wallet's screen, and cancel the transaction if the address was different.

Thanks for the tip, actually I am using Ledger Nano S (with a low amount of BTC), but since I like old school things I am using Bitcoin core wallet just because I trust it more than 3rd party apps, like Ledger's app, Electrum, etc.

Maybe I am just a bit paranoid with this things, sorry Cheesy
legendary
Activity: 2268
Merit: 18748
I wonder if there is a possibility to exist even a malware that change the address "pasted" right before sending the TX (0.1 sec before you click "SEND" button).
In addition to NeuroticFish's good suggestion above regarding Electrum, this would also be prevented by using a hardware wallet (and not just for bitcoin, but for all coins). Even if the malware changed your "send to" address just as you clicked "send", you would still have the opportunity to check the address on the hardware wallet's screen, and cancel the transaction if the address was different.
legendary
Activity: 1624
Merit: 2481
How to prevent this
1. Don't use Windows, but we both know you're not going to change that.

Changing the OS doesn't necessarily eliminate this risk.
Such malware already has been seen in the wild for MacOS. And they can also easily exist for unix based operating systems.



I still believe checking the first and last 4-5 characters is enough.

Without doing the actual math, i am also pretty sure that this is enough to prevent such clipping board malware.

1) It is not possible for the malware to create that much addresses / store that much addresses on the victims computer without being blatantly obvious (if possible at all; i didn't do the actual math but this shouldn't be possible in a relatively short amount of time)
2) I have not seen any non plain-dumb clipping board malware yet (which doesn't mean that it doesn't exist tho).


legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
Now since this kind of malware is out there (that can change the address copied to clipboard) I wonder if there is a possibility to exist even a malware that change the address "pasted" right before sending the TX (0.1 sec before you click "SEND" button). This would make checking the address worthless and your coins would vanish, so let's hope not.

Although your use case is highly improbable, there's counter measure for that too.
For example if you use Electrum, instead of pressing Send, you can press Preview and check there. Then Sign and Broadcast. If you go on this path there's no place they can change anything, no matter what.
full member
Activity: 350
Merit: 144
Thanks for the tips, the part with using "copy" "paste" for a part of the address and typing the rest is pretty useful, I think this can be used for passwords too for extra security.

Now since this kind of malware is out there (that can change the address copied to clipboard) I wonder if there is a possibility to exist even a malware that change the address "pasted" right before sending the TX (0.1 sec before you click "SEND" button). This would make checking the address worthless and your coins would vanish, so let's hope not.
legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
I've read an article on this just last year and a lot of discussions have been created about this malware, and still going on right now because there are new investors coming in and newbies do not know the existence of this malware.
The only way to combat this is awareness and education if you are going to invite people to invest, it's part of recruiting that you educate them and inform then about the existence of these kinds of malware, and precautions to take when sending and trading.

That's correct. And in the way I was "convinced" to do a real check on the recipient address, the wallets should do the same. It's not hard to make a window pop up and ask for double check start, middle and end. And the more advanced users can deactivate it.
hero member
Activity: 3024
Merit: 614
Leading Crypto Sports Betting & Casino Platform
I've read an article on this just last year and a lot of discussions have been created about this malware, and still going on right now because there are new investors coming in and newbies do not know the existence of this malware.
The only way to combat this is awareness and education if you are going to invite people to invest, it's part of recruiting that you educate them and inform then about the existence of these kinds of malware, and precautions to take when sending and trading.
legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
2. Check the entire address after copy/pasting, and not just the first few (or last few) characters. Check some in the middle too. That's a lot of work, so chances are you won't do that either.

It's not a lot of work. This is what I do for long time now.
I've got used to it long ago, when the payments for this campaign were sent to Bitsler account. They had at the withdrawal this rule somewhat enforced. It helped me get used to do it.
Now I check the first 3-4 characters, last 3-4 characters and some 3-4 characters from a random position in the middle (I "scan" to find something easy to remember).


Unfortunately I don't have a choice for getting rid of Windows, although maybe a VM with a Linux for crypto handling could not be such a bad idea.
Just I fear that since I don't know much of Linux I may make even bigger mistake...
legendary
Activity: 2352
Merit: 6089
bitcoindata.science
Even if you check part of the pasted Bitcoin address, chances are the first few characters are the same, and you still won't notice the address was changed.

Hey LoyceV,

Personally I think it is very unlikely that few characters are the same. Maybe 2-3, but if you check also the last 2-3, or about 5, that's almost impossible to happen. The attacker would have to ninja-mine vanity addresses for that.

The victims of this attack mostly don't even check the address. I think that even the address type may be different in most cases (legacy/segwit/nested segwit)

How to prevent this
1. Don't use Windows, but we both know you're not going to change that.

I won't change this lol
Never had any problem with windows... and I use computer at lot at work, where I can change my OS =D

I think people bash windows too much, if you have safe online habits and take basic precautions, you are fine...
Certainly I need to learn more about Linux
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
encourage the use of BIP21 URI scheme instead of raw bitcoin addresses bitcoin:xxxxxxxxxxxxxxxxxxxxxxxxx
I've seen those, but I had a hard time making a payment. I don't like how difficult they make it to just find the address to pay to.
legendary
Activity: 2604
Merit: 2353
Sry that i have seen the thread so late and only now !

I have written and Thread over an year ago about this here for copy and paste https://bitcointalksearch.org/topic/m.41533052

Sadly to see that it happens already to somebody .

The copy+c and copy+v about btc adresses is i guess normal for the most but you should think about and always watching what you are install .
Thank you for this thread but a good way to fight clipboard hijackers is to encourage the use of BIP21 URI scheme instead of raw bitcoin addresses bitcoin:xxxxxxxxxxxxxxxxxxxxxxxxx
legendary
Activity: 3178
Merit: 3295
Sry that i have seen the thread so late and only now !

I have written and Thread over an year ago about this here for copy and paste https://bitcointalksearch.org/topic/m.41533052

Sadly to see that it happens already to somebody .

The copy+c and copy+v about btc adresses is i guess normal for the most but you should think about and always watching what you are install .
legendary
Activity: 2912
Merit: 6403
Blackjack.fun
~

..aaaaand not only that! Personally, even though I'm already certain that the bitcoin address came from the legitimate person, I always ask the person to verify the pasted address! Like so:

Tradee: my address is bc1jf5jxxxxxxxxxxxx
Me: bc1jf5jxxxxxxxxxxxx
Me: ?
Tradee: bc1jf5jxxxxxxxxxxxx

I don't understand you're doing trades by phone? The vendors spell their adresses letter by letter?

Chat logs, he asks the person to confirm the address so he can make it a bit safer.
If the other party just copy-paste the adress he will probably not notice the change.

Now, if you ask him again, he will have more chances to see that what he copied isn't what he pasted.
Plus, due to the dialogue he can protect himself better in case of a dispute. Not bulletproof of course as the other user could simply not pay attention both times but it's better than nothing.

And no, I don't know a single person that dictates addresses by phone Tongue

legendary
Activity: 2604
Merit: 2353
Just comes to show how careless people are in general. It only takes like what? less than 5 seconds to double check the address you're sending the funds to?
There's more to it than that: when I receive a PM with a payment address, I first have to make absolutely sure it came from the real account. With email, most people don't use encryption. That makes it even more difficult to be absolutely sure the sender is who he says he is.

..aaaaand not only that! Personally, even though I'm already certain that the bitcoin address came from the legitimate person, I always ask the person to verify the pasted address! Like so:

Tradee: my address is bc1jf5jxxxxxxxxxxxx
Me: bc1jf5jxxxxxxxxxxxx
Me: ?
Tradee: bc1jf5jxxxxxxxxxxxx

And I even do that even with transactions as low as $20. You can never be so sure.
I don't understand you're doing trades by phone? The vendors spell their adresses letter by letter?
If I'm right. Why not using emails instead? If your sender use URIs you just need to click on the link, you don't even need to do a copy/paste manipulation, like bitcoin:bc1jf5jxxxxxxxxxxxxxxxxxx
mk4
legendary
Activity: 2870
Merit: 3873
📟 t3rminal.xyz
Just comes to show how careless people are in general. It only takes like what? less than 5 seconds to double check the address you're sending the funds to?
There's more to it than that: when I receive a PM with a payment address, I first have to make absolutely sure it came from the real account. With email, most people don't use encryption. That makes it even more difficult to be absolutely sure the sender is who he says he is.

..aaaaand not only that! Personally, even though I'm already certain that the bitcoin address came from the legitimate person, I always ask the person to verify the pasted address! Like so:

Tradee: my address is bc1jf5jxxxxxxxxxxxx
Me: bc1jf5jxxxxxxxxxxxx
Me: ?
Tradee: bc1jf5jxxxxxxxxxxxx

And I even do that even with transactions as low as $20. You can never be so sure.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
Just comes to show how careless people are in general. It only takes like what? less than 5 seconds to double check the address you're sending the funds to?
There's more to it than that: when I receive a PM with a payment address, I first have to make absolutely sure it came from the real account. With email, most people don't use encryption. That makes it even more difficult to be absolutely sure the sender is who he says he is.

It is a pity that something cannot be done to shorten the address like with URL shorteners
There used to be a site for this, but it was discontinued (and I forgot the name). But the most unique thing about Bitcoin is being able to make payments without having to rely on third parties, and I wouldn't want to trust them for giving me the correct address.
Google's first result on a search shows a site which Google says may be hacked:
Image loading...

So you configure that on your own and link it to your address and when you type it, it converts the wallet description to your Bitcoin address.
I see many problems with this, but not a single way to do it absolutely safe.

And even if you would make a safe implementation, you'll lose error correction. Currently, there's a 1 in 4 billion chance of making a typo in a Bitcoin address, that still leads to a valid address. If you shorten the error correction, mistakes become much more likely.

Quote
Obviously people will still have to double check the end result.  Wink
That defeats the purpose Wink
legendary
Activity: 3542
Merit: 1965
Leading Crypto Sports Betting & Casino Platform
I think the length of these addresses and also the case sensitive requirement for Bitcoin addresses are forcing people to use "Copy & Paste" to use their wallets. It is a pity that something cannot be done to shorten the address like with URL shorteners to just post a shorter description for your wallet when you have to use it.

So you configure that on your own and link it to your address and when you type it, it converts the wallet description to your Bitcoin address.

So no need for developers to add this to the Bitcoin code Obviously people will still have to double check the end result.  Wink 
mk4
legendary
Activity: 2870
Merit: 3873
📟 t3rminal.xyz
Just comes to show how careless people are in general. It only takes like what? less than 5 seconds to double check the address you're sending the funds to? But yet people don't do it. It's so mind boggling how lazy and careless people are knowing that you can never do chargebacks with bitcoin.

Isn't it enough to check just the fist 4-5 and last 4-5 characters? This is what I do every time, if the first and last match I don't think I'm in danger.  If they manage to generate address similar to the address you are paying to with the first few characters, checking the last ones should make it super save, am I wrong?
It should suffice. This is what I do too. It's enough unless for some ultimately very unlucky reason the address you're sending the funds to and the hacker's receiving address has the same first and last 5 characters.
Pages:
Jump to: