Author

Topic: How to protect against the compromised wallets? (Read 234 times)

jr. member
Activity: 224
Merit: 4
September 21, 2018, 03:26:31 AM
#16
Since the infected windows binaries of Ducat wallet appeared around 1 or 2 weeks ago, I’m a bit hesitant to use any new altcoin wallet.
 
Apparently, the ducat wallet had a modified code that scanned and stole all of the other wallet.dat files it found on a %AppData% and this exploit wouldn’t show on a virus scan either. So, I’m thinking what are the ways to protect against this.

I'm not asking about protecing the coins that are supported by hardware wallets, I'm asking about those less known altcoins. First step is of course to encrypt the wallets with a good password, but what else can we do?

At the moment I’m using Sandboxie that hosts the altcoin wallets, but the free version only supports to have one sandbox, so that’s not good.

I’m thinking one solution would be to get a paid version and then I would be able to run each wallet on their own sandbox. That way, if the wallet is infected the same way, it will only find its own wallet.dat file and nothing else.

What do you think? Would that work? What are other ways to protect against these and similar exploits that the virus scanners won’t detect?

Use all new wallets for sh*tcoins on the VM (VirtualBox for example)...
In this case hacker can stole only those sh*tcoins from VM... But I don't think he will waste his time on it...
thamk you very much i will check your information and will think about those wallets so we can rely on them
jr. member
Activity: 224
Merit: 4
Since the infected windows binaries of Ducat wallet appeared around 1 or 2 weeks ago, I’m a bit hesitant to use any new altcoin wallet.
 
Apparently, the ducat wallet had a modified code that scanned and stole all of the other wallet.dat files it found on a %AppData% and this exploit wouldn’t show on a virus scan either. So, I’m thinking what are the ways to protect against this.

I'm not asking about protecing the coins that are supported by hardware wallets, I'm asking about those less known altcoins. First step is of course to encrypt the wallets with a good password, but what else can we do?

At the moment I’m using Sandboxie that hosts the altcoin wallets, but the free version only supports to have one sandbox, so that’s not good.

I’m thinking one solution would be to get a paid version and then I would be able to run each wallet on their own sandbox. That way, if the wallet is infected the same way, it will only find its own wallet.dat file and nothing else.

What do you think? Would that work? What are other ways to protect against these and similar exploits that the virus scanners won’t detect?



of i were you i would jot trust any wallet but i would ask my friends or peolle in the community which wallets they are using
full member
Activity: 1274
Merit: 105
Since the infected windows binaries of Ducat wallet appeared around 1 or 2 weeks ago, I’m a bit hesitant to use any new altcoin wallet.
 
Apparently, the ducat wallet had a modified code that scanned and stole all of the other wallet.dat files it found on a %AppData% and this exploit wouldn’t show on a virus scan either. So, I’m thinking what are the ways to protect against this.

I'm not asking about protecing the coins that are supported by hardware wallets, I'm asking about those less known altcoins. First step is of course to encrypt the wallets with a good password, but what else can we do?

At the moment I’m using Sandboxie that hosts the altcoin wallets, but the free version only supports to have one sandbox, so that’s not good.

I’m thinking one solution would be to get a paid version and then I would be able to run each wallet on their own sandbox. That way, if the wallet is infected the same way, it will only find its own wallet.dat file and nothing else.

What do you think? Would that work? What are other ways to protect against these and similar exploits that the virus scanners won’t detect?

Use all new wallets for sh*tcoins on the VM (VirtualBox for example)...
In this case hacker can stole only those sh*tcoins from VM... But I don't think he will waste his time on it...
sr. member
Activity: 644
Merit: 272
I decided to solve my problem by renting a very cheap 1 EUR per month VPS and just install Linux wallets there. Then, after some time has passed, if there are no complaint's from the community, I can install windows version as well.
newbie
Activity: 219
Merit: 0
It will be better not to get invested in the new coins. A lot of them are nothing but fake and will do no good apart from scamming you. So make sure that you do a full research on any new coin before investing in it.
legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
Thanks @Red-Apple for the additions and especially for the much more exact information about VMs.

when you mine, you receive newly generated coins in coinbase transaction. most altcoins are like bitcoin which means these new coins need to mature to be spendable. this means the exchanges can not automatically move these new coins so their system will break. so they all give you warning NOT TO mine directly in their wallets or risk not getting the coins credited to your account ever.

Here I thought in the terms of "what would I do". And I would do pool mining. I'd prefer the pools (like suprnova) that keep your coins until you want to withdraw (and I'd withdraw to exchange). Else I'd fire up the wallet (in sandbox or VM), get the address, mine to that address of mine and from time to time fire up the wallet only to transfer my coins to exchange.
Indeed, mining directly to exchange is not OK (although some cryptonote pools and exchanges do accept it), the way I wrote it down was unfortunate/misleading.
sr. member
Activity: 574
Merit: 251
I think using the 2FA if available on their wallets would be good idea to use. Off course there is no challenge to the security that is added by the 2FA. It like the most advance way of securing your wallets. It takes hardly few minutes to activate this service and can be accessed only if you have got your phone with you though the authenticator application. The million combinations will surely protect the account each time you will be logging into your wallet which lets say present over the web version. Other way would be using their wallet application for android and iOS if available. They are secure because they are stored over the phone and as long as your phone is locked up you get additional security with it too.
hero member
Activity: 1176
Merit: 501
Another solution can be to save all wallet.dat files of all the coins you have on a pendrive. Every time you want to use one, you open the sandbox and run it. When you finish, you delete the contents of the sandbox and close it. Doing so, you should not have problems.
newbie
Activity: 264
Merit: 0
If you have a good idea about coding then see if the wallet has an open source or not. At the same time, it will be better to go for hardware wallets such as Trezor which provides good security.
hero member
Activity: 1470
Merit: 655
a very good answer by NeuroticFish. i just wanted to add that password protecting your other wallets may not help against this kind of attack though. you are basically downloading and installing a malware when you install that new wallet for the new shady coin. it can easily take your passwords when you type it in like a keylogger and then steal your coins.

* if you acquire (mine?) the coin only to sell it
Then why don't you just use the wallet of an exchange, or the wallet of the mining pool?
when you mine, you receive newly generated coins in coinbase transaction. most altcoins are like bitcoin which means these new coins need to mature to be spendable. this means the exchanges can not automatically move these new coins so their system will break. so they all give you warning NOT TO mine directly in their wallets or risk not getting the coins credited to your account ever.

Quote
I don't know if/how many VM you can run in the same time
VM solution is the best thing. and you usually don't want to keep it running. you just open the VM and then the wallet, use it and shut down.
the number of VMs will depend on your hardware and the OS you are running. for example running windows 10 takes a lot more than running win XP or Linux and the smallest one would be light weight linux.

so with 8 GB ram you may be able to run at least 10 instances of a light linux like PUPPY, or 3-4 of a less light like Lubuntu and 2 of Ubuntu and possibly only 1 win 10 Cheesy
sr. member
Activity: 644
Merit: 272
The best thing to do is to check if that wallet has an open source code, then if you are a skilled programmers you can check the code by yourself and see if it is safe to use, if you're not a skilled programmer you've to wait that someone of trusted will review the code and tell the people if it is safe to use, if the code isn't open source maybe you haven't to trust them and so you haven't to download and use it, there are also some tools available online that scan this type of file, like an antivirus, but I don't remember their name and don't know if they are good

Yeah that makes sense, but with the ducat wallet, the source code itself was safe, but the team then hired a 3rd party developer to build windows binaries and this is where the bad code was introduced.

I'm prettry sure, this practice of hiring other people to build a win wallet is common place among altcoin projects.

I guess one solution to that is to learn how to build the win binaries ourselves.  Cheesy
jr. member
Activity: 504
Merit: 3
I suppose the best way to truly protect your assets from theft and being compromised is to use hardware wallets like Trezor or Ledger. But if you prefer paper wallets (cold storage), then make sure you store them in some kind of vault.
full member
Activity: 392
Merit: 101
That's really a wrong decision you should make a backup wallet of your coins, I even don't trust new altcoins coz there's a breach to hack your wallet. I guess you should move it on your hardwallet so it is way more better.
sr. member
Activity: 644
Merit: 262
The best thing to do is to check if that wallet has an open source code, then if you are a skilled programmers you can check the code by yourself and see if it is safe to use, if you're not a skilled programmer you've to wait that someone of trusted will review the code and tell the people if it is safe to use, if the code isn't open source maybe you haven't to trust them and so you haven't to download and use it, there are also some tools available online that scan this type of file, like an antivirus, but I don't remember their name and don't know if they are good
legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
What are other ways to protect against these and similar exploits that the virus scanners won’t detect?

First of all, think more on what you want to achieve. I mean, in many cases you don't need a certain altcoin's wallet:

* if the coin is too new
Then you better wait until a bigger number of people have installed the wallet and you'll also see if the coin goes on the right direction

* if you acquire (mine?) the coin only to sell it
Then why don't you just use the wallet of an exchange, or the wallet of the mining pool?

* if you acquire the coin to hold it for long time
Then you can make yourself a paper wallet; or you install temporarily the wallet, grab the address and the private key (or the wallet.dat file) and you have it.


If you plan to just run such wallets for short period(s) of time, using a virtual machine is another solution (Virtual Box is free, you can get a Win 10 or Linux for free and you are done). But this solution may not be significantly better than yours, since you already run wallets one at a time and I don't know if/how many VM you can run in the same time (you can research though). And we are back to the discussion "why you want to run unsafe wallets for long time?"


PS. I've seen now that Ducat is a PoS coin. Well, I didn't see yet any PoS coin worth the effort. And as you can see, there are risks too...
sr. member
Activity: 644
Merit: 272
Since the infected windows binaries of Ducat wallet appeared around 1 or 2 weeks ago, I’m a bit hesitant to use any new altcoin wallet.
 
Apparently, the ducat wallet had a modified code that scanned and stole all of the other wallet.dat files it found on a %AppData% and this exploit wouldn’t show on a virus scan either. So, I’m thinking what are the ways to protect against this.

I'm not asking about protecing the coins that are supported by hardware wallets, I'm asking about those less known altcoins. First step is of course to encrypt the wallets with a good password, but what else can we do?

At the moment I’m using Sandboxie that hosts the altcoin wallets, but the free version only supports to have one sandbox, so that’s not good.

I’m thinking one solution would be to get a paid version and then I would be able to run each wallet on their own sandbox. That way, if the wallet is infected the same way, it will only find its own wallet.dat file and nothing else.

What do you think? Would that work? What are other ways to protect against these and similar exploits that the virus scanners won’t detect?


Jump to: