Topic: Trojan Wallet stealer be careful - page 23. (Read 50276 times)

Unfortunately I fell for the scam, he stole more than 2 BTC, there is no way back?

How do I remove the Trojan from my pc?

An image:

https://i.imgur.com/opsse.jpg

The developers of the bitcoin software should create an algorithm to encrypt and de-encrypt the wallet on the fly. Should be usefull in this case as the trojan would only get the wallet encrypted.

hmmmm im not clicking it

Oh well what can you do, people are fighting for money.

Don't know why anyone would even try to use any of these things.

Come on, their email is obviously spam..
I just wanted to include it here for people to see (sorry if it has been shared already)



###################################################################################
Hi there, we'd like to invite you to be a beta tester of our awesome new Bitcoin Mining Accelerator program called "Coin Miner".


We have been keeping it under wraps developing it for the past few months and are ready to get people to test it out.
Basically how it works is that it automatically safely software overclocks your GPU to a stable level for optimum mining performance.
This way you don't have to fiddle with BIOS overclocks, MSI Afterburner or any other overclocking software - this does it automatically on the fly.


We are currently achieving around a 23% increase in Mhash/s mining speed. Some users have seen even higher gains.


The program is in Beta right now so we are offering it for free to anyone that wants to try it out.
If you are interested, check out our site: http://www.Bitcoin-Mining-Accelerator.com >>>real link>> http://u50566.sendgrid.org/wf/click?c=**removedlink**

If you quit mining because of the recent difficulty increase, or have never tried it at all, it would make us feel all warm and fuzzy if you helped us test Coin Miner. With its auto-overclock feature - it can help you sqeeze more processing power to make mining worthwhile again.

Good luck with your Bitcoin ventures
- The Coin Miner Team

###################################################################################

I believe that Bitcoin Mining Accelerator just "removed" BTC2.99 from my wallet.

Is that likely? Any chance that 152ptaaao4baryuBwCbHraU989r6XmzLUt will give them back?

Thank you for this heads up!

Would be nice if (as has been previously suggested) all necessary and trusted links were in sticky posts up top.

Thanks again.

It was only a matter of time, there are people who store LOTS of coins in their main wallet...

So...while I am using my encrypted wallet would the trojan be able to scan and find my sensitive files?

Thanks for posting this. I use Windows 7 myself so am substantially more at risk than say, a Linux user.

Time to Encrypt my bitcoin files.

That's one reason why I think Ubuntu is the right distribution for people new to Linux. They made one controversial change: they disabled the root-account. You can activate it by just setting a password, but that's not recommended. Instead you do everything with "sudo". That's a good approach because it prevents users logging in as root. You have to login as a regular user. If this user has administrative rights, he can use sudo but has to enter his password again and only the command prefixed with sudo will run as root. I think that's a good approach.

Microsoft did something similar with Vista and Windows 7 UAC. There you also have to press the Button to do something that needs administrator-rights. Much better than in Windows XP, where most people were logged in as Administrator. The problem with Windows is, that you need to click all the time when you install an application. So people get used to just clicking the button, without thinking about it.

That's assuming most people who use *nix and bitcoin are smart enough not to run as an account with root privileges. I'm fairly sure that if a *nix user is smart enough to use bitcoin they're smart enough to not run as root but who knows.

Correct. Most of the time you get a trojan, it's the users fault ... getting tricked into downloading something. This can also happen, if you are using Ubuntu. Of course there are viruses for MS Windows that exploit security holes, but those holes exist in Linux as well. What Linux does much better though is separating users. One trick that makes linux more secure for bitcoin: Make a separate user for using bitcoin with a good password. This way, if you download some crap with your normal user account the malware doesn't have access to the wallet.dat if the access is restricted for other users. Just do "chmod 600 wallet.dat" and only the special user and root have access to that file.

If the trojan uses some exploit that gets him root-access, you have still lost though. But those holes are usually fixed very quickly.

If the grapevine is right and the percentage of *nix users is as high as many people think, and say, it is, then it's only a matter of time until someone creates a linux and/or unix trojan to steal wallets and odds are it will be spread with innocuous looking links on this and other bitcoin forums.

Linux FTW!

Can't get to the site nor the app.

Thanks for the heads-up.

With the big influx of users coming to mine bitcoins, it would be a good idea if someone well respected in the forums kept an updated sticky post listing official miner builds and download locations. If we want Bitcoins to keep their value we need to be proactive and keep the newbies away from Malicious code.

I'm guessing there isn't a version of this trojan for Linux ... yet.

I don't really have enough bitcoins to be worried about this yet. When I do I will definitely move to a more secure model than just using my installed Linux machine (I'm thinking a couple of USBs and encryption for my 'savings account' walet).

I hope other Linux users aren't being complacent. While it is inherently more secure than Windows, it is still very easy to create a simple trojan. All that's needed is a script to upload ~/.bitcoin/wallet.dat to some remote server and disguise this as some other (probably bitcoin related) software. Stick to the official repositories for your distribution where possible.