Topic: Please be careful when you download anti-virus - page 2. (Read 297 times)
It couldn't been said anything better, thanks to OP. In the pursuit to get cracked softwares or pro softwares for free, people often install malwares into their computers without even knowing. It's not just antivirus softwares but all other softwares that don't come free and cheap so people often look for alternatives in pirated software. In the coming days, I'll have a thread go out on Google Chrome extensions being another attack vector that is seemingly missed by a lot of people. Security needs to be at best level if we want to secure assets we currently have in pursuits for more.
Was just browsing when I saw this news, regarding malicious and fake anti-virus sites. Of course, you will question, why it is related to crypto?, the answer is that because one of the tenant for being a crypto enthusiast so that we will not get phished by malwares that can still our crypto assets is to make sure that our anti-virus is updated.
But what if the attack is on the anti-virus itself like the following?
And as you can see in the images, it's hard to see that this is a malicious sites and not the real one.
1. The site hosting "avast-securedownload . com" is a spyware and a stealer,
2. While the "bitdefender-app. com" has been injected with Lumma.
3. While "malwarebytes. pro" has a payload of StealC.
https://www.trellix.com/blogs/research/a-catalog-of-hazardous-av-sites-a-tale-of-malware-hosting/
So now it begs the question that if we are in crypto space, we should really be alert on everything we click and downloaded, even anti-virus software because we could be trick by going into this kind of websites and we thought that we are safe.
And also that we are about to hit the bull run, the cyber criminals activity are ramping up their activity against us. So be very very careful everyone.
But what if the attack is on the anti-virus itself like the following?
Code:
avast-securedownload.com (Avast.apk)
bitdefender-app.com (setup-win-x86-x64.exe.zip)
malwarebytes.pro (MBSetup.rar)
bitdefender-app.com (setup-win-x86-x64.exe.zip)
malwarebytes.pro (MBSetup.rar)
And as you can see in the images, it's hard to see that this is a malicious sites and not the real one.
1. The site hosting "avast-securedownload . com" is a spyware and a stealer,
2. While the "bitdefender-app. com" has been injected with Lumma.
Quote
Lumma Stealer (aka LummaC2 Stealer) is an information stealer written in C language that has been available through a Malware-as-a-Service (MaaS) model on Russian-speaking forums since at least August 2022. It is believed to have been developed by the threat actor "Shamel", who goes by the alias "Lumma". Lumma Stealer primarily targets cryptocurrency wallets and two-factor authentication (2FA) browser extensions, before ultimately stealing sensitive information from the victim's machine. Once the targeted data is obtained, it is exfiltrated to a C2 server via HTTP POST requests using the user agent "TeslaBrowser/5.5"." The stealer also features a non-resident loader that is capable of delivering additional payloads via EXE, DLL, and PowerShell.
3. While "malwarebytes. pro" has a payload of StealC.
Quote
Stealc is written in C and uses WinAPI functions. It mainly targets date from web browsers, extensions and Desktop application of cryptocurrency wallets, and from other applications (messengers, email clients, etc.). The malware downloads 7 legitimate third-party DLLs to collect sensitive data from web browsers, including sqlite3.dll, nss3.dll, vcruntime140.dll, mozglue.dll, freebl3.dll, softokn3.dll and msvcp140.dll. It then exfiltrates the collected information file by file to its C2 server using HTTP POST requests.
https://www.trellix.com/blogs/research/a-catalog-of-hazardous-av-sites-a-tale-of-malware-hosting/
So now it begs the question that if we are in crypto space, we should really be alert on everything we click and downloaded, even anti-virus software because we could be trick by going into this kind of websites and we thought that we are safe.
And also that we are about to hit the bull run, the cyber criminals activity are ramping up their activity against us. So be very very careful everyone.
Well thanks for your information, actually this information can be very common to the view of most people, maybe they might be having this feeling that what has anti virus gat to do with cryptocurrency, we should always have this at the back of our mind that whatever thing that is been created by scammers is for a reason, there's always a reason behind those things that is been created by them. that is why we need to be extremely careful, any information that comes from this platform need to be take very serous we don't have to joke over it because is for our own safety.
Firstly, anti-virus is not a foolproof security measure when it comes to saving us from malicious attacks on our crypto holdings. Still, it gives extra protection at least for the known malicious attacks.
We will end up in this kind of website when we try to download the software for completely free and that's the mother of all evil when it comes to the Windows platform, it's just better to go without any anti-virus after all instead of downloading a cracked version which does exact opposite of what it is supposed to do.
Its been a while I even heard of the use of antivirus because these days every operating system, be it a phone or laptop serves ones privacy needs so much so that even malicious bugs and malwares along with phishing ads could be easily detected based on settings and even the OS, of which I am making reference to.We will end up in this kind of website when we try to download the software for completely free and that's the mother of all evil when it comes to the Windows platform, it's just better to go without any anti-virus after all instead of downloading a cracked version which does exact opposite of what it is supposed to do.
Still, to be forewarned is to be forearmed and only the wise will heed the advice of our OP and discard every free antivirus softwares on mostly devices that is connected to our wallets or exchange service, because though we may think we are vigilant, but a mistake click on a link or advert could jeopardize every long term or short term plan we have solidly envisioned.
Firstly, anti-virus is not a foolproof security measure when it comes to saving us from malicious attacks on our crypto holdings. Still, it gives extra protection at least for the known malicious attacks.
We will end up in this kind of website when we try to download the software for completely free and that's the mother of all evil when it comes to the Windows platform, it's just better to go without any anti-virus after all instead of downloading a cracked version which does exact opposite of what it is supposed to do.
We will end up in this kind of website when we try to download the software for completely free and that's the mother of all evil when it comes to the Windows platform, it's just better to go without any anti-virus after all instead of downloading a cracked version which does exact opposite of what it is supposed to do.
I use Windows. I had no problems while using it. But I have been suffering from a problem for the last two months. When I downloaded anti-virus, it downloaded a virus, which gave me a lot of trouble when browsing the internet. After much searching, I couldn't solve it, so I deleted the five program files from Hide Apps. There are no more problems now. Windows sets no more problems if you download something carefully while downloading it.
I had a similar problem in 2020. My device was controlled by someone else. 25$ was deducted from my trust wallet; I didn't understand anything, but when I understood, I was careful, and now I don't have any problems. After a few days, check to see if any hidden viruses have been downloaded.
I had a similar problem in 2020. My device was controlled by someone else. 25$ was deducted from my trust wallet; I didn't understand anything, but when I understood, I was careful, and now I don't have any problems. After a few days, check to see if any hidden viruses have been downloaded.
And this is why (now I am being cliche here, so bear with me) I don't like to use Windows. Because on Linux I can just download ClamAV from my package manager - bam. All set up, automatic updates and everything.
It is way too easy to get shot in the foot when you use Windows - even the anti-virus website might be booby-trapped. To say nothing about all the personal data and adware/spyware an antivirus might bundle with your program if you're unlucky.
It is way too easy to get shot in the foot when you use Windows - even the anti-virus website might be booby-trapped. To say nothing about all the personal data and adware/spyware an antivirus might bundle with your program if you're unlucky.
So now it begs the question that if we are in crypto space, we should really be alert on everything we click and downloaded, even anti-virus software because we could be trick by going into this kind of websites and we thought that we are safe.
Sometimes, when you browse blogs and websites, you may be directly redirected to phishing sites that appear as pop-ups in advertisements. You might also find that fake antivirus programs, Cleaner software, or programs containing Trojans have been automatically downloaded. Indeed, people can make a significant mistake by opening and installing these malicious programs on their main computer used for cryptocurrency investments after feeling reassured by reading that the downloaded program is legitimate software from companies like Avast or Bitdefender, etc. It is worth noting that scammers pour poison into honey. They create their malicious programs to impersonate the names of protection/security and maintenance programs and the like so as not to raise any suspicion in the minds of their victims and then easily steal their computers. Anyone must add browser extensions to detect phishing sites and block advertisements, avoid using their main computer online, and purchase dedicated hardware for their long-term investments.
But what if the attack is on the anti-virus itself like the following?
-
Another negative effect that always comes into consideration is that I will not use a free anti-virus on my device. Using a paid anti-virus tends to be safer, although the negative effects that will occur later cannot be avoided.-
I don't know how because I'm not an expert. I realize that I'm not great at things like that, so I'm very careful and I separate each device's function.
Warez, crack softwares and others are really dangerous to crypto investors, specially if we have big amounts in our wallet and we uses our laptop that have our crypto for every day use. Before I used to download a lot from this crack sites, but that is before my crypto journey and it really mess up my laptop and I have to re-format it several times.
But when I involved myself here, the first thing I've learn from this community is how to take care and how to practice safe hygiene so that we won't get this malware and steal our cryptos. And this criminals uses really sophisticated attack and now even anti viruses are not safe from them.
But when I involved myself here, the first thing I've learn from this community is how to take care and how to practice safe hygiene so that we won't get this malware and steal our cryptos. And this criminals uses really sophisticated attack and now even anti viruses are not safe from them.
It's not only about anti-viruses or any other software one can download, these digital stealers are into everything that is available online and we as users need to be careful in everything we do.
When it comes to cryptocurrencies and finances, we need to make sure that we use devices containing our wallets and financial apps with extreme care and should never download things that we think can have a slight chance of compromising our privacy and security.
When it comes to cryptocurrencies and finances, we need to make sure that we use devices containing our wallets and financial apps with extreme care and should never download things that we think can have a slight chance of compromising our privacy and security.
Hackers took control of my laptop once I downloaded Anti-virus. at that time only automatic browser was opening on my laptop and automatically started browsing various websites. At that time my 56 ETH in Metamask got hacked. Which was the first incident of 2019. Since then I don't use any cracked software and I don't use Anti virus either. I am getting enough security through Windows defender. It does not allow any crack software to be installed. Due to which no malware software is installed. I haven't been hacked since that incident
So now it begs the question that if we are in crypto space, we should really be alert on everything we click and downloaded, even anti-virus software because we could be trick by going into this kind of websites and we thought that we are safe.
Yes, and that is why it is advisable not to trust/rely on anti virus softwares to completely protect your assets from malwares/viruses, but you should protect your asset by keeping it offline, in a hardware wallet.And also that we are about to hit the bull run, the cyber criminals activity are ramping up their activity against us. So be very very careful everyone.
Cybercriminals are always around, in any period in the market. Thus it is imperative to adhere to all the necessary safety measures that has been discussed endlessly in this forum, if your keys are online, any small mistake can be costly, but when they are offline, the risk is greatly reduced.
Was just browsing when I saw this news, regarding malicious and fake anti-virus sites. Of course, you will question, why it is related to crypto?, the answer is that because one of the tenant for being a crypto enthusiast so that we will not get phished by malwares that can still our crypto assets is to make sure that our anti-virus is updated.
But what if the attack is on the anti-virus itself like the following?
And as you can see in the images, it's hard to see that this is a malicious sites and not the real one.
1. The site hosting "avast-securedownload . com" is a spyware and a stealer,
2. While the "bitdefender-app. com" has been injected with Lumma.
3. While "malwarebytes. pro" has a payload of StealC.
https://www.trellix.com/blogs/research/a-catalog-of-hazardous-av-sites-a-tale-of-malware-hosting/
So now it begs the question that if we are in crypto space, we should really be alert on everything we click and downloaded, even anti-virus software because we could be trick by going into this kind of websites and we thought that we are safe.
And also that we are about to hit the bull run, the cyber criminals activity are ramping up their activity against us. So be very very careful everyone.
But what if the attack is on the anti-virus itself like the following?
Code:
avast-securedownload.com (Avast.apk)
bitdefender-app.com (setup-win-x86-x64.exe.zip)
malwarebytes.pro (MBSetup.rar)
bitdefender-app.com (setup-win-x86-x64.exe.zip)
malwarebytes.pro (MBSetup.rar)
And as you can see in the images, it's hard to see that this is a malicious sites and not the real one.
1. The site hosting "avast-securedownload . com" is a spyware and a stealer,
2. While the "bitdefender-app. com" has been injected with Lumma.
Quote
Lumma Stealer (aka LummaC2 Stealer) is an information stealer written in C language that has been available through a Malware-as-a-Service (MaaS) model on Russian-speaking forums since at least August 2022. It is believed to have been developed by the threat actor "Shamel", who goes by the alias "Lumma". Lumma Stealer primarily targets cryptocurrency wallets and two-factor authentication (2FA) browser extensions, before ultimately stealing sensitive information from the victim's machine. Once the targeted data is obtained, it is exfiltrated to a C2 server via HTTP POST requests using the user agent "TeslaBrowser/5.5"." The stealer also features a non-resident loader that is capable of delivering additional payloads via EXE, DLL, and PowerShell.
3. While "malwarebytes. pro" has a payload of StealC.
Quote
Stealc is written in C and uses WinAPI functions. It mainly targets date from web browsers, extensions and Desktop application of cryptocurrency wallets, and from other applications (messengers, email clients, etc.). The malware downloads 7 legitimate third-party DLLs to collect sensitive data from web browsers, including sqlite3.dll, nss3.dll, vcruntime140.dll, mozglue.dll, freebl3.dll, softokn3.dll and msvcp140.dll. It then exfiltrates the collected information file by file to its C2 server using HTTP POST requests.
https://www.trellix.com/blogs/research/a-catalog-of-hazardous-av-sites-a-tale-of-malware-hosting/
So now it begs the question that if we are in crypto space, we should really be alert on everything we click and downloaded, even anti-virus software because we could be trick by going into this kind of websites and we thought that we are safe.
And also that we are about to hit the bull run, the cyber criminals activity are ramping up their activity against us. So be very very careful everyone.
Jump to: