Topic: Possible Compromised Laptop With Seed in Password Manager? - page 2. (Read 675 times)

I am pretty sure my windows defender had firewall protection on.  My windows defender and malwarebyte was on the entire time when I clicked on the link.  Again, the windows scan detected tons of threats when I did a scan right after I clicked on the link.  My concern here is I stored seed in the password manager in the computer.  So if it could read my seeds from my password manager, that is not good.


I have a hardware wallet.  But some of my coins are not compatible with the hardware wallet.  So I have those software wallets on the computer.  There isn't an option for some of the coins I have because you can only use software wallets for it.  But the issue is i wrote the seed down in the password manager.  

---

I had no idea using google is bad.  I been using it for years.  Yes i heard lot of scammer sites appear on google with those ads.  So which search is the best to use then?  You say duckduckgo and startpage.  So are these the best two?  I always used google because it was simple and clean looking site etc.  Yea its very easy to misclick stuff on google.


Well if you look for an answer to a technical question... how would google not post a bad site at the top?  Imagine say you want to find a link to an actual copy of windows from microsoft or a driver and then find it but it was some scammer getting that link to the top of google.  Then aren't you screwed when you search for it and click on it?  Yes the food recipe thing i mentioned... im sayin surely its possible for someone to post something like that?  Imagine looking for food recipe and then it opens up to be an ad for crypto and it might be malware etc.


What do you mean check incognito model on google the link.. you will see.  Can you explain what you mean by this exactly?


You say


uBlock Origin and HTTPS Everywhere are adviseable



So download both of these programs into your browser then?  So what about adblock plus? That is what i use for chrome and thought that is good for it. 


So the ideal setup is which web browser?  And having both of those two things you mentioned?  But that will protect you from almost everything?

Well the reason I use windows is because many programs I use... use windows.  A while back I considered buying a macbook laptop even though its expensive but then I found out lot of programs I would use is not compatible with mac.  Isn't that an even bigger issue with linux?


I had no idea chrome was not recommended.  Years ago I used firefox and then switched to chrome.  I heard of Tor... but never used it because I don't know anything about it.  I never even heard of Ublock origin.  The only thing i heard of is adblock plus which is what I use with chrome.


I normally do not use the same computer i store my coins and web browse.  I have a chromebook for that.  But issue here is I was web browsing... and that link opened up from google on my computer.  That has never happened before when you check an answer to a question.  I did not download any random files ever on my computer.  I only visited the site.


So which is the best browser you recommend then?  I heard of brave and microsoft edge.  But make sure you use ublock origin with it?  Is it better than adblock plus?  The https everywhere and no script... i never heard of this.  So these two programs would prevent any malware on the site you visit?


The thing is this laptop of mine still will be my main laptop whether I clean reinstall or not.  So the best suggestion is just clean reinstall it?  So don't open up any files up?  Is entering my password manager password a very bad thing to do?  But what if I moved all my coins and changed my passwords for the important things?


So do you recommend kaspersky total or bitdefender and it checking for everything and see where I can go from there?  I know the safest thing is just clean reinstall it... but my issue is I didn't make backup of it.  I do have some files transferred to a usb a while back.

This is a big one for me. When I stopped using Google, it delivered better results than the alternatives, but I still switched for privacy reasons. However, recently I sat at another person's PC, which used Google by default and man, those results are hideous. Not only are the first few results ads; but also visually pretty well disguised. And lots of the actual results are totally trash and obviously paid to get those high rankings. While not actually being labelled as ads at all!
I can see how it's easy to misclick on some of those when looking for innocent stuff.

However - and I'm making an assumption here - it also depends what you're searching for. While this should all be common sense, obviously when looking for example for cracked software and other kinds of piracy, the probability is higher that someone is going to try to grab your money another way. I sincerely doubt you will get scammer links when sincerely looking just for recipes or technical questions online. Of course I can only judge this as someone using DuckDuckGo and Startpage; it's possible that Google will show you scam links in top positions when looking for recipes. But on the engines I use, I would almost guarantee the results are clean.

Also, after a while on the net, you should already see from the URL if it's something familiar, normal-looking or if it looks fishy. Like, the actual domain name, for instance. Above all search results (also in Google; just checked via Incognito window), you see it; and you also see the whole link when hovering.

Long story short: this should all be considered standard, basic precautions when surfing the web; but I guess some people don't want to bother. Then it's on them.

I also agree that a few extensions like uBlock Origin and HTTPS Everywhere are adviseable; some scammer sites don't get a certificate (or don't want to - since usually proof of ID is needed) and Origin removes some scammy shit like ads on Google by default, I think. Depends on your lists. Of course also great for privacy due to tracker blocking, but that's another story.

He already said that he invests heavily in shitcoins so shitty that Ledger doesn't even have apps for them in their list of 1300+ coins.
It also seems like he just has a ton of different coins and I just discovered the other day that you can basically just install a handful of coins onto a Ledger Nano S, even if it 'supports' hundreds.

To be honest, if you're dabbling with these kinds of coins; while it's not my topic of interest, from what I know, these are used as very-short-term investments. Meaning, you buy a bunch, if they skyrocket, you insta-sell and then go to the next one. So, while I'm super duper pro-cold storage, hardware wallets, and all that; it may be financially smarter to keep them on an exchange so you can sell quicker. It also seems to me that a (reputable!!!) exchange might even be a safer custodian of those coins than someone keeping the seeds in the password manager.
Just an idea.

I don't understand why you've made it such a big deal. A computer that does not have a firewall protection is more vulnerable to be compromised. Just turn on your anti-virus, it will detect malicious sites and files. It's not recommended to keep bitcoins in such computer that connects to the internet either way.

You said you have a hardware wallet? What stops you from using it?

Don't use Windows. Keep your Linux OS and browser software up to date. Don't use Chrome. Don't use Google since they happily accept money from scammers and criminals to promote their ads. If you aren't using Tor, then use Firefox and install uBlock Origin, HTTPS Everywhere, and NoScript. Don't browse for random things on the same computer you are using to secure your bitcoin. Don't download random files.

Lots of threats? It sounds like your machine has been infected for a while and you were just unaware up until now.

Bob.  So let say you were googling things such as how to clean your computer or download files you need.  Or it could be something as wanting to find a recipe for cooking.  You go on google and look at links for cooking recipes etc.  Then when you click on a link that seems to get you to a recipe on google, then it gets you to a bad link.


How you do protect yourself in these situations?  You say by not clicking dumb things.  Well with my windows laptop, I am extremely careful with it throughout the years.  Only once or twice did I click on a link like that.  Last time it was through a website that is legit so I wasn't that concerned because windows defender didn't find anything.



The people that say don't click random links.  Of course i understand that.  Again im very careful with this normally until this time.  It wasn't even a link, it was an answer to a question on google where i thought it would just open up an answer,,, the link opened up.  Then i did virus scan on windows scan and it found lot of threats.  Then how in the world do you protect yourself when googling things then?  I mean are you suppose to inspect every single site you want to visit?  So imagine you looking for cooking recipes and found a bunch of sites... you have to make sure its a cooking recipe site?  So would kasperky or bitdefender alert you when you click on it that its a dangerous site and then you can go back?  This is getting beyond ridiculous because how can anyone web browse at all if things are like this.  Again im extremely careful when web browsing and downloading things.  This site just opened up when I thought all it does was give an answer to a question.

I remember telling him 2 or 3 years ago.




Do whatever you want to.
Then please also accept any consequences.

I really don't get what your problem is. If you coins got stolen, you kind of asked for it. If they weren't, you were lucky.
If it is the first, stop doing nonsense and listen to the valuable advices. If it's the latter, secure your coins and do whatever you want to.




How? By not clicking dumb shit.
Does this software protect you? No (as mentioned multiple times already).

Then carry a good hardware wallet with you. This is infinitely more secure than carrying around you seed phrase.

Literally every account which lets me use 2FA.

This defeats the entire point of 2FA. If someone compromises your password manager, then they have both your password and your 2FA code, and so your 2FA achieves nothing.

I have a tiny amount of coins stored on hot wallets. Yes, if I was to become infected with malware those coins would be at risk. That is a risk I am willing to take because of the tiny amount of coins and the fact that I have never once been infected with malware because I don't go around clicking on random links.

Aegis or a hardware key. Google Authenticator and Authy are bad choices.

I don't click on random links and I don't use Windows.

Those can all be reset. You forget your password, you reset it and request a new one over your email. If you lose or forget your email, you contact your bank, verify yourself, and have them change whatever details are needed so you an have access to your account again. And like o_e_l_e_o mentioned, you can use 2FA with online banking. Who are you going to contact if you lose your passphrase or get it hacked/stolen? There is no customer service to change it for you and give you a new one. You are the customer service, the bank director, and the bank clerk.

Yeah do that if it's safe and malware-free. Brand-new from the shop or just recently had its OP reinstalled.   

What kind of shitcoins are you into that Ledger doesn't support them? They support over 1.000 different assets. That's not a reason to store your seeds digitally, nothing is. 

 There is this thing called a pen and paper. Some would say that it's obsolete technology, but it still works wonders you know!

How do you accidently click on wrong links all the time? Yes, it can happen sometimes, but it shouldn't. You are not careful about anything Jerry.

You are asking what to do, but you have already made up your mind to keep all your files, so keep them. Some of them may or may not be infected, who knows.

Not necessarily. If I wanted to steal your crypto and your seed phrases, I don't need access to your email. 

That's why you check what you click on before you click on it.

And? What do you want us to do about it? Your AV picked something up. It could be connected to the site you visited or it's from something earlier.

Changing them from time to time is a good idea anyways. Why not do it now when there is a possibility of an infection.

There is something seriously wrong with you.

That's the whole point of having 2FA. No one can access your accounts with just the standard login details unless they also have the 2FA code. Jesus Christ!

JSON files just encrypt your private keys. If you have multiple copies of your seed phrase (written down on paper Jerry, not in password managers) you don't need copies of private keys or JSON files.

Any of them is better than having none. Here, use this source for some more info.   

That's irrelevant. If you stick your dick into a beehive, you are bound to get stung. 

When I mean accessing seed easily, I mean like if you don't have your seed with you because you are in another location.  Yea writing it on paper and carrying it with me is not good.  That is why i stored my seed on the password manager.



Okay so you set up two factor authorization with all your important accounts.  Can you tell me what accounts these are that are not bitcoin wallet?  You mean like email, banking and crypto exchanges?  So basically even if someone has your username/password to the email, banking and crypto exchange passwords, unless they get your two factor authorization code, its useless for them right?  Unless you actually wrote that two factor authorization on the password manager?



I had thought you put your two factor authorization on password manager.  Then I thought that isn't good idea because if someone has that, they can just access your account on their phone.  So you are saying... when writing physically on paper... do the seed phrase and any two factor authorization codes right?  Is there anything else?  What if its like those json files that is access to a certain crypto wallet?  I forgot the name of it but its starts with a J and its like json file or something like that?  So where do you store those then?  If you have a copy on your computer, then isn't it risky if you ever catch malware then?  So that you put it in a usb flash drive an encrypt it?  I'm not sure what is the exact name of these files but I know you can't write or type it down.  Its like a file.  What is the name of this?



What two factor authorization do you use for all your accounts?  I assume google authenticator?  Or something else?  I heard things about authy which is similar to google authenticator and yubikey?



Again the issue here is many people accidentally click on links on their computer or on their phone.  On their phone is much more likely though since the screen is small.  So how do you protect yourself in situations like this?  Make sure you have kaspersky or bitdefender?  Does anyone here use these programs and it always protects them when visiting sites that might be dangerous?

Why would you need to access the seed phrase easily? That's what wallets are for. Even so, if you must access it easily then write it on paper and carry it in your pocket (although that's also an incredibly stupid thing to do).

Yes, I use a password manager. The difference here is I have 2FA set up on all my important accounts, and I receive a notification on my phone whenever someone who isn't me tries to log in to anything important. You don't get that with a bitcoin wallet.

Oh my god no. Write down your 2FA codes on paper! What is the point of having 2FA if you store the back up code for it in the same place as you store the password for all your accounts? It isn't two factors if they are both stored side by side.

The exact same it's been the last dozen times you have asked.

Also im sure people here accidentally clicked on wrong links all the time.  Again im usually very careful with this which is why i haven't had issues.  I only have windows defender and malwarebytes free.  


The issue is if i want to backup the things in my laptop, i dont want to back any infected files to it.  So what is the suggestion now?  I do not want to wipe all my files because there are some files that i did not transfer to either my usb flash drive or the cloud.



The other thing is this.  I do not see anything suspicious about my email addresses.  So would that mean most likely im not compromised?  Again when this happened, I clicked on something and it went to a website that is not a legit site because the name of the site is not suppose to end the way its suppose to.  Also windows defender scanned a lot of threats on it which I rarely ever have etc.  It did seem to remove it but im note sure if its fully removed or not.  But I clicked on the link, my password manager was opened at the time which was my concern.  But I then closed it.  Since the, I have not tried to log in to my password manager on my laptop but has turned on the laptop few times etc.



Someone here suggested kaspersky and just scan it and that is the best option.  Again im overwhelmed by all of this.  So you suggest changing my email passwords on my new computer and phone for any active email im currently using?  



But wouldn't this situation happen to many people who have accounts though like with exchanges?  Thus someone has access to their username/password and then log in?  But if they have google authenticator, they are safe right?  But what if someone put their google authenticator private key or thing like that on program manager.  They are essentially screwed then?  The same with if someone click on wrong link on their iphone?  What about that?

First off, I know you all say don't put your seed phrases on the password manager.  I understand that.  The thing is some seeds i want access to easily so that is why i stored it in password manager.



The thing is what should you put in your password manager then?  I got to assume most of you put your email and banking information passwords there right?  Again my email and banking passwords, i don' even know what it is because its generated by the password manager.  I heard back then you should not use a regular password and make password manager generate it for you.  Don't most of you do that?  Can't imagine you write down your password on paper for each bank and email... especially if the password could be a 50 word character etc.



The reason I couldn't use my other computer is its chromebook.  I actually got another windows computer recently.  So go and try to restore the seeds on the new device is what everyone here suggest right?  Again I didn't have a spare windows computer to just do things.   Yes i do have a nano ledger.  The issue is lot of the coins i have and the seeds, they do not support the coin.  If they did, i would transfer every single coin of mine that has a seed phrase into nano ledger.



The other thing is this.  Do you write down your google authenticator for sites like coinbase and binance etc on password manager?  So that is not safe as well?  I have to assume you all put your username/password on password manager for exchanges right?  No way you guys are writing it on paper and log in each time that way especially if its a very long seed.

And most importantly, don't waste our time or your own time by asking people for help and advice on how to do things as safe and as efficient as possible only to do the exact opposite in the end. What's the purpose of it all? I don't understand the logic of asking and trying to learn about the dangers of storing mnemonics and private data digitally, only to tell us 2 years later that you disregarded everything you possibly could you put your coins in danger.     

So, jerry, to sum up;

• Don't store your seed phrases anywhere electronically. Whether that's a txt file or a password manager. Consider just keeping them on paper.
• Always verify the authenticity of the software you install.
• Don't keep important information (such as money or personal stuff) on a computer that can be easily compromised.
• Don't feel unstressed or secure by installing anti-viruses on an operating system that relies on anti-viruses.

This thread remind of proverb You can lead a horse to water, but you can't make it drink.


You could try https://www.virustotal.com/ and choose "URL" or "Search" option, but obviously this website can't detect all kinds of malware, keylogger, etc.


He has, check https://bitcointalksearch.org/topic/m.58445037.


I doubt he'll bother doing it when he use password manager to store seed.

I don't think it is.
 
I think his seed was already saved in a password manager before he started asking if that is ok to do. He was probably looking for confirmation from someone that it's a good way to protect the seed. But even after multiple people told him it isn't, he felt there was no reason to change anything.

If you give Jerry advice, he asks other people if the advice you gave is good. If he gets confirmation that it is, he will tell you that he has decided not to do it the way you told him to.

Yeah, he has a hardware wallet, but he doesn't always have access to it. Or more precisely to its seed. He has been asking questions about passphrases and how to set one up on Ledger for over 2 years. He never did of course. He can surely send his coins to his Nano S even if he uses a potentially vulnerable computer. But his paranoia levels are extremely high and I don't think he wants to connect it to that potentially infected PC.

---

@Jerry
What is the problem with the other computer you mentioned that you have? You said it doesn't have Windows. Ledger Live is available for Linux and MAC as well. I am not sure about the other software you are trying to save but you should check it out.

He has a Nano S? He should just import the paper seed into a fresh Electrum wallet or even BlueWallet on his mobile if he only has that one infected machine; then send all funds to the Ledger & that's it. Coins secured. That's the simplicity of hardware wallets.. Of course he could also buy a new laptop, rip out connectivity & set it up as an airgapped, dedicated Bitcoin machine, but that will probably need more money and time.

After that, backup files & pictures that are important, however stay careful, as you said, since they could all be infected. So maybe scan them or shit like that before putting them back onto a 'clean' machine.

I truly hope this is a joke.

You are asking these questions for years now.
We have exchanged multiple PM's. And there were way more people in contact with you via PM to help you set up something secure.

Every single person told you to not store your mnemonic code / seed of the hardware wallet on your PC.. and you still did that?

You know.. you are probably lucky.
Simply visiting a phishing site doesn't result in your computer getting compromised. Especially since the people behind phishing sites usually aren't the smartest one. Definitely not smart enough to find an exploit for the browsers sandbox.
However.. how could you possibly store your mnemonic code on your daily computer? Didn't you listen to everyone talking to you?

Forget about the password manager if you have that same seed on your computer. You have a Ledger Nano S. Why are your coins not on the Ledger?

You ask for advice. People give you advice. Then you ask if the given advice is good or if you should do it in a different way. Ultimately, you are probably not going to listen to what people tell you anyway. An anti-virus or anti-malware software is not some magical eraser that undoes your mistakes. It could find and neutralize a malware on your computer, but it is also possible that it doesn't detect it at all. In case of new malware, the software might not have the definitions to classify it as malicious. We don't know what you clicked on and if the site was configured to automatically download and execute some type of malware.

You have played with fire and now you got burned. You have been told multiple times not to store your seed digitally and you keep finding excuses why that's OK for you.

Your computer might be compromised. If you are lucky, it wasn't. Buying a new computer won't solve the problem that the files you have on your old one are potentially infected. If your coins are your priority, reformat your computer, and start from scratch.

If your coins are gone, they are gone. There is very little you can do about it. Buying a new computer just to restore your wallet will only tell you if they are there or not. What are you going to do with the old one and the data you keep on it?