Topic: Security warning: trojan stealing coins, swapping C&P addresses (Read 3258 times)
another argument pro aliases
And another reason not to use windows with valuable data...
True. But almost every horse out there is targeting windows users. So, at least by now, being out of it is being safer...
And the diversity and complexity of the free software ecosystem also makes more difficult to make horses which works out of the box on every setup. Some users will choose gnome, some kde, some unity, some fluxbox, and so on... It's not that easy to write exploits which would work with every possible setup...
300 million windows 7 users are not going to switch to linux. The windows bitcoin client should be hardened as much as possible against these kinds of attacks, because windows users are by far the largest demographic. We need them if bitcoin is to succeed.
Of course, and developers are working hard on this. And hopefully, p2sh will be a step in that direction. But people have to know that they have safer choices...
another argument pro aliases
And another reason not to use windows with valuable data...
300 million windows 7 users are not going to switch to linux. The windows bitcoin client should be hardened as much as possible against these kinds of attacks, because windows users are by far the largest demographic. We need them if bitcoin is to succeed.
another argument pro aliases
And another reason not to use windows with valuable data...
another argument pro aliases
And another reason not to use windows with valuable data...
subscribing
another argument pro aliases
another argument pro aliases
Hm. Glad I double-check the entire address before sending out of habit (originally, I didn't know Satoshi Client checks for address validity, and always worried I would accidentally not copy the entire address). [subbed]
Perhaps someone could code vhash into their webpage and into a client.
A 'lock address' function could help. The address locks the moment is it pasted into the field. No unlock (except cancel).
or just a regular confirmation dialog... Are you sure you want to send 1 million bitcoins to 1ffjfitetwrexjf...? YES / NO
Unfortunately it's fairly easy to write software to send a Yes/No the instant the confirmation dialog appears (I built a tool for doing this in order to get around some shareware nags years ago).
Check address.
i know... i'm the one discussing, lol
http://xml.ssdsandbox.net/view/91c66258f4294c95a77a6aaa8ef3ec39
it reads your wallet.dat as well, so if you notice this make sure to make a new wallet for your coins
http://xml.ssdsandbox.net/view/91c66258f4294c95a77a6aaa8ef3ec39
it reads your wallet.dat as well, so if you notice this make sure to make a new wallet for your coins
oops, didn't see far enough back to see you were already there talking about it.
marked
Any info what the optimised miner was? or a link to the thread?
neheminer 2.0 is believed to currently be the miner, discussion now on btc-e chat.
marked
Any info what the optimised miner was? or a link to the thread?
neheminer 2.0 is believed to currently be the miner, discussion now on btc-e chat.
marked
i know... i'm the one discussing, lol
http://xml.ssdsandbox.net/view/91c66258f4294c95a77a6aaa8ef3ec39
it reads your wallet.dat as well, so if you notice this make sure to make a new wallet for your coins
Any info what the optimised miner was? or a link to the thread?
neheminer 2.0 is believed to currently be the miner, discussion now on btc-e chat.
marked
A 'lock address' function could help. The address locks the moment is it pasted into the field. No unlock (except cancel).
or just a regular confirmation dialog... Are you sure you want to send 1 million bitcoins to 1ffjfitetwrexjf...? YES / NO
Quote
any ways what it did is when i copied the btc address from your site in a browser and pasted to my account on btc-e in another browser tab to request withdrawal it would paste a different address i didnt notice it till today it was in a link on bitcointalk.org for an optimized miner so i downloaded the miner and ran it nothing happened so i just ignored it and didnt think anything of it until now
From the user.
It's a new address each time.
I believe that visually verifying the address will protect against this.
The addresses so far:
17PPGjFhmvt75yPAd5yFv9iYyBGQfHevnd
14Yq1jKRqwbb9oExcyZFZ6a92QTk333WEZ
Is it possible for malicious code to detect a
A 'lock address' function could help. The address locks the moment is it pasted into the field. No unlock (except cancel).
No I've not heard back.
Quote
any ways what it did is when i copied the btc address from your site in a browser and pasted to my account on btc-e in another browser tab to request withdrawal it would paste a different address i didnt notice it till today it was in a link on bitcointalk.org for an optimized miner so i downloaded the miner and ran it nothing happened so i just ignored it and didnt think anything of it until now
From the user.
It's a new address each time.
I believe that visually verifying the address will protect against this.
The addresses so far:
17PPGjFhmvt75yPAd5yFv9iYyBGQfHevnd
14Yq1jKRqwbb9oExcyZFZ6a92QTk333WEZ
Any info what the optimised miner was? or a link to the thread?
I mean that sucks but on the other hand I got to say awesome to the malware writer. Get the user to send coins to the wrong address. No need to keylog, hack the client, look for wallet.dat, spoof RPC, etc. Just get the user to send you money.
I've been WONDERING when the first hacker would do this. Its so obvious.
Trojan that replaces the filled data for bank transfers was around at least 4 years ago. Adopting such system for Bitcoin is no brainer.
I was looking for exploit to copy address to clipboard using javascript but it did not work with FireFox without user intervention. I abandoned the idea.
I was looking for exploit to copy address to clipboard using javascript but it did not work with FireFox without user intervention. I abandoned the idea.
Jump to: