Pages:
Author

Topic: Trojan Wallet stealer be careful - page 11. (Read 180320 times)

Evo
newbie
Activity: 22
Merit: 0
April 20, 2013, 09:57:11 PM
#36
Thanks for this info. Looks like you have got to be pretty careful.
full member
Activity: 164
Merit: 100
Gone for a minute now back again
April 13, 2013, 10:23:40 AM
#35
I'm using Ubuntu in a virtual machine, and I only use it to run bitcoin-qt, manage my encrypted wallet, and deal with mtgox (and I don't do any of those things elsewhere). The hardest thing I had to do is to figure out how to install bitcoin-qt (and increase the disk space afterwards because I somehow missed that the default 8Gb wouldn't be enough). Am I right to think that's the closest thing in safety to a dedicated computer and/or cold storage? How much money would you feel safe with storing in such a setup?
hero member
Activity: 518
Merit: 500
April 13, 2013, 03:15:11 AM
#34
Linux is great for security, no doubts there. Caveat: if you understand it.

Most Linux users only understand a fraction of it correctly. I know that from working with many server people who claim to understand Linux but when you question them about really securing their servers most do not have a clue.

Therefore I don't think advising "normal" people to "download Linux" is really a great solution to securing their bitcoins.

A far quicker method would be to advise them to download wallets that take security seriously.

Encryption of your wallet is a must. The suggestion of simply moving your wallet away from the default location is akin to moving your cash from under your bed to a bed in the spare room. Thieves will look under more than one mattress.

I would also advise against clicking on any link in a forum which says "this will really help you secure your bitcoins". Even the user is "super-trusted" he could have just had his account hacked.
newbie
Activity: 41
Merit: 0
March 24, 2013, 10:21:32 AM
#33


Don't install anything linked to on this forum, unless it's been found by someone with a good reputation to be legit. Assume everything is an attempt to steal your wallet.


You have been warned.

Nefario



impressive contradiction - this whole post

why should anyone trust "a good reputation" if everything IS an attempt to steal wallets
hero member
Activity: 507
Merit: 500
February 06, 2013, 12:37:46 PM
#32
There is a (new?) trojan wallet stealer out in the wild ATM.

Plenty of script kiddies and scammers are going to be trying to get you to download and install it, what's more they'll be putting posts to do so (using lies obviously).

Don't install anything linked to on this forum, unless it's been found by someone with a good reputation to be legit. Assume everything is an attempt to steal your wallet.

You should also encrypt your wallet when not in use.
http://www.freeotfe.org/

Here is a portable apps version http://www.freeotfe.org/downloads/FreeOTFEExplorer_3_51.paf.exe

You have been warned.

Nefario

What da faq do i trust a scammer?
legendary
Activity: 1344
Merit: 1000
January 28, 2013, 02:24:20 AM
#31
fresh hard drive formatting new os and uptodate anti virus software should be sufficient for a few bitcoins
if you are amassing large numbers then extra precautions would be expected




member
Activity: 112
Merit: 10
January 12, 2013, 02:19:56 PM
#30
Use 7-zip is easiest, AES-256 encryption
I already use 7-zip and telling it's great !
legendary
Activity: 1540
Merit: 1000
December 24, 2012, 03:48:27 PM
#29
BTC won't make it very long if this keeps up.

It's nothing to do with Bitcoin itself, it's stupid idiots who fuck up something on their computer and decide to blame what they're using for the problem rather than realising what happened, it's something technology has had to deal with for ages now, human stupidity, if you ever get a lot of Bitcoins the best solution is to clearly store it offline and make sure it is properly backed up. Sorry, you just reminded me of an argument I had with my dad when I was trying to tell him he needed to enter in information for the nameservers on my web host when even a support staff there said we needed to, then when he finally bloody did it, the website was working fine.
full member
Activity: 130
Merit: 100
November 14, 2012, 01:35:07 PM
#28
BTC won't make it very long if this keeps up.
member
Activity: 108
Merit: 10
June 29, 2012, 04:30:53 AM
#27
Thanks you never can be to carefull.
hero member
Activity: 588
Merit: 500
firstbits.com/1kznfw
June 24, 2012, 09:24:59 AM
#26
IF there was a walletstealer-trojan which affects up-to-date ubuntu, example given, that would probably hit the GNU/Linux community like a napalm bomb - while nobody cares if there are trojans for mac or windows - cause everybody is used to them.

The problem isn't with ubuntu, but with other things you might have installed. A buffer overflow attack on apache or something else could get a remote user access to your wallet. There are many rootkits for linux. It's not a virus, but it's still a risk.
full member
Activity: 203
Merit: 121
Gir: I'm gonna sing the Doom Song now..
January 07, 2012, 05:37:29 PM
#25
Everyone concerned in security should read this, it will blow you really away: http://www.thebitcointrader.com/2011/12/bitcoin-06-will-blow-you-away.html
If this will get true, nobody has to be worried about wallet stealers in future.
hero member
Activity: 560
Merit: 500
January 07, 2012, 02:03:28 AM
#24
dude..

http://en.wikipedia.org/wiki/Linux_malware

3 reasons:

1. open source - everyone can search for possible bugs, vulnerabilities and patch them nearly immidiatelly
2. much better user/rights management
3. there are far to much different distributions

IF there was a walletstealer-trojan which affects up-to-date ubuntu, example given, that would probably hit the GNU/Linux community like a napalm bomb - while nobody cares if there are trojans for mac or windows - cause everybody is used to them.

get over it: your chances of getting your wallet.dat stolen are much lower if you use GNU/Linux, especially if you use a widespread distribution like Ubuntu, Mint or Fedora.
1) How many people do you know who can patch their own OS?
2) How many people do you know who uses the permission management system properly?
3) True, which is why Java is a bitch. Wink
sr. member
Activity: 364
Merit: 250
[#][#][#]
January 06, 2012, 11:18:21 PM
#23
dude..

http://en.wikipedia.org/wiki/Linux_malware

3 reasons:

1. open source - everyone can search for possible bugs, vulnerabilities and patch them nearly immidiatelly
2. much better user/rights management
3. there are far to much different distributions

IF there was a walletstealer-trojan which affects up-to-date ubuntu, example given, that would probably hit the GNU/Linux community like a napalm bomb - while nobody cares if there are trojans for mac or windows - cause everybody is used to them.

get over it: your chances of getting your wallet.dat stolen are much lower if you use GNU/Linux, especially if you use a widespread distribution like Ubuntu, Mint or Fedora.
hero member
Activity: 560
Merit: 500
January 06, 2012, 09:29:20 PM
#22
I have a solution! Download and install a much more secure operating system its called linux. Did I mention its free too?  Roll Eyes
Just because it's a different operating system doesn't mean there aren't hackers who don't know how to get the wallet.dat
Always take precaution when downloading / installing / running files.

you are clearly no unix-user..

OBVIOUS



this is my tux. he sits on my wallet.dat try to mess with him and he will make use of his knife.
i promise you will miss the part of your body..
sr. member
Activity: 364
Merit: 250
[#][#][#]
January 06, 2012, 01:03:36 AM
#21
I have a solution! Download and install a much more secure operating system its called linux. Did I mention its free too?  Roll Eyes
Just because it's a different operating system doesn't mean there aren't hackers who don't know how to get the wallet.dat
Always take precaution when downloading / installing / running files.

you are clearly no unix-user..

OBVIOUS



this is my tux. he sits on my wallet.dat try to mess with him and he will make use of his knife.
i promise you will miss the part of your body..
hero member
Activity: 674
Merit: 500
June 23, 2011, 04:08:43 PM
#20
Different OS doesn't matter that much (I can show you numerous documented security holes in popular Linux distros). What matters is how you care about your data being vulnerable. If you leave your wallet full of money in a car on the street, it doesn't really matter that much if it's an expensive Mercedes or a cheap Fiat: it may be stolen just by breaking the car's glass.

However, there are some uses for lowering the probability of getting hacked. For example, as an additional security measure, one could use a standalone laptop with a totally different OS and CPU (say, PowerBook with a PowerPC CP)U, so that email trojans which use Windows's software vulnerabilities won't work, plus no x86 code won't work because it's a PPC CPU.
full member
Activity: 168
Merit: 100
June 22, 2011, 10:15:22 PM
#19
I coded a stealer just to see what a detection rate would be. I never released it of course. It was coded in VB.net it is shit anyway XD and obviously very loud and noticeable. I'll learn a real language some day.
sr. member
Activity: 319
Merit: 250
June 19, 2011, 02:32:26 PM
#18
Bitcoin is getting more and more attention. It is getting tested from so many different angles. I hope it can survive all the attacks.

I agree that there needs to be an integrated, encrypted wallet in the base app. Or are there other apps that replace that functionality?
hero member
Activity: 590
Merit: 500
June 19, 2011, 08:02:16 AM
#17
What i do is have my wallet on a dedicated machine that is never used for anything at all!, Encrypted partitions don't hurt. But I guess no on e can every really be truly secure! Perhaps transfer your money to a wallet that is never used online! stored in a couple of External drives. Maybe in gmail, a nice strong password in 7zip is VITAL! Operating system doesn't matter, Linux isn't more secure because it's better but because its not as profitable! If 50%+ of the world was on Ubuntu there would be just as much crap on there too!
Not entirely true. Linux is absolutely more secure by design, and even *if* more than half of the world was using Linux for their desktop machines, it would be considerably harder to write successful hardware for Linux systems than it would be for Windows systems.
I do agree however that a wallet stealer would be just as successful on Linux, seeing as your wallet is stored in your /home directory, and is thus accessible freely by anything you run. A "wallet stealer" really isn't anything more than something that emails/uploads a file in your user directory.

If anything, the wallet needs to be encrypted by default (through the client, and not by third-party software, so that you never need to have an unencrypted copy accessible as is the case with Truecrypt etc).
I totally agree. Default encryption is really needed. Amazing how such a secure network is so insecure at the client level. Something has to be put in place ASAP.
Pages:
Jump to: