Pages:
Author

Topic: Trojan Wallet stealer be careful - page 9. (Read 180320 times)

newbie
Activity: 4
Merit: 0
March 01, 2014, 09:53:27 PM
#76
What would be the best way to avoid "accidentally" stumbling across a trojan by regular browsing? Any type of anti virus software that is specific to something like this?  Huh

I ask because I've been seeing increased mention of simply clicking a link and it installs a trojan or some other malware. Sorry if this is a noob question.
newbie
Activity: 36
Merit: 0
March 01, 2014, 05:56:53 PM
#75
Does virus total detect most virus, & trojans?

Not at first if it's a newly developed family or packer. After a time, you'll get some detection from some of the AV engines used by Virus Total. Of course, the malware author can tweak the file until it's no longer detected, and the game starts all over again.
sr. member
Activity: 266
Merit: 250
March 01, 2014, 12:31:52 PM
#74
Does virus total detect most virus, & trojans?
newbie
Activity: 46
Merit: 0
February 22, 2014, 08:07:29 AM
#73
is Mac OS vulnerable as well?

Mac OS and Linux are definitely vulnerable as well - there are cross-platform Java RATs out there, at least one of which has been distributed in this very forum in order to steal people's wallets. You would be crazy to run anything anyone posted here except in a clean virtual machine, really. Even long-time members can have their accounts hijacked and could post a trojan. Antivirus is a crap-shoot, no better than 50% final detection rate of wallet stealers overall, and that number usually starts out in single digits for the first couple of weeks after a new trojan is released.
This is about right. Unless the code's really short and you can look at it yourself within a few minutes (and know what it means), at least let a few people test it out for you before thinking about downloading and running it. Cheesy

Think of the computer as you, and you're out in a big city in a shady part of town, and some guy in a Guy Fawkes mask and furry suit comes out and tries giving people some type of liquid in a glass which he says solves some particular problem. You probably wouldn't drink first, and probably not even within a day or so of Fawkes still standing outside filling Solo cups with mystery fluid from a pitcher, and maybe you'd refuse to drink the mystery fluid until its contents can be certified in a lab. That's sorta-kinda what it's like to download software from this forum. Wait as long to download as you'd wait to drink from Fawkes' pitcher, keeping in mind the furry Fawkes of yesterday may not be the same furry Fawkes as today, and you can't be absolutely sure nobody added anything to his pitcher (or the bottom of the Solo cups).

I appreciate the metaphore! Will definitely adhere to this one
donator
Activity: 1218
Merit: 1015
February 22, 2014, 07:52:06 AM
#72
is Mac OS vulnerable as well?

Mac OS and Linux are definitely vulnerable as well - there are cross-platform Java RATs out there, at least one of which has been distributed in this very forum in order to steal people's wallets. You would be crazy to run anything anyone posted here except in a clean virtual machine, really. Even long-time members can have their accounts hijacked and could post a trojan. Antivirus is a crap-shoot, no better than 50% final detection rate of wallet stealers overall, and that number usually starts out in single digits for the first couple of weeks after a new trojan is released.
This is about right. Unless the code's really short and you can look at it yourself within a few minutes (and know what it means), at least let a few people test it out for you before thinking about downloading and running it. Cheesy

Think of the computer as you, and you're out in a big city in a shady part of town, and some guy in a Guy Fawkes mask and furry suit comes out and tries giving people some type of liquid in a glass which he says solves some particular problem. You probably wouldn't drink first, and probably not even within a day or so of Fawkes still standing outside filling Solo cups with mystery fluid from a pitcher, and maybe you'd refuse to drink the mystery fluid until its contents can be certified in a lab. That's sorta-kinda what it's like to download software from this forum. Wait as long to download as you'd wait to drink from Fawkes' pitcher, keeping in mind the furry Fawkes of yesterday may not be the same furry Fawkes as today, and you can't be absolutely sure nobody added anything to his pitcher (or the bottom of the Solo cups).
newbie
Activity: 36
Merit: 0
February 22, 2014, 07:41:25 AM
#71
is Mac OS vulnerable as well?

Mac OS and Linux are definitely vulnerable as well - there are cross-platform Java RATs out there, at least one of which has been distributed in this very forum in order to steal people's wallets. You would be crazy to run anything anyone posted here except in a clean virtual machine, really. Even long-time members can have their accounts hijacked and could post a trojan. Antivirus is a crap-shoot, no better than 50% final detection rate of wallet stealers overall, and that number usually starts out in single digits for the first couple of weeks after a new trojan is released.
newbie
Activity: 46
Merit: 0
February 21, 2014, 11:04:53 PM
#70
is Mac OS vulnerable as well?

is it common here, that people with trust issues post warnings offering exe files as a remedy?  Huh
newbie
Activity: 14
Merit: 0
February 15, 2014, 08:36:46 PM
#69
Thanks for the tip!
newbie
Activity: 18
Merit: 0
February 13, 2014, 05:15:43 PM
#68
Thanks for tips. This is becoming my biggest problem using a pc , ill partition my drive to test run linux os.

doing the same thing. worth the time.
full member
Activity: 193
Merit: 100
February 12, 2014, 09:24:32 AM
#67
The security problem isn't from the os ... even if most linux distrib help with package repository where apps are builded from source and signed.

The problem is the ChairKeyboard interface !
full member
Activity: 182
Merit: 100
February 07, 2014, 09:43:27 AM
#66
Thanks for the warning. There are many people loosing their btc with so many hacking. It looks like we should save wallet in separate offline computer.
full member
Activity: 210
Merit: 100
January 29, 2014, 02:48:00 AM
#65
Thanks for tips. This is becoming my biggest problem using a pc , ill partition my drive to test run linux os.
legendary
Activity: 1260
Merit: 1168
January 26, 2014, 06:52:58 AM
#64
This message was too old and has been purged
full member
Activity: 192
Merit: 100
January 17, 2014, 07:05:53 PM
#63
Whats wrong with people, why do they feel the need to dredge up dead threads?
sr. member
Activity: 686
Merit: 251
I'm investigating Crypto Projects
January 16, 2014, 11:43:42 AM
#62
What is wrong with people why do they need to scam and steal?
sr. member
Activity: 406
Merit: 250
January 06, 2014, 08:41:56 PM
#61
I have a solution! Download and install a much more secure operating system its called linux. Did I mention its free too?  Roll Eyes

brb, writing a trogan designed for linux that steals wallets and will be spread throughout the forum

Cheesy

(Not really, But you get the picture.)

It's only more secure from obscurity. Otherwise everything's pretty much the same.

(Unless if you have your wallet.dat stored in a folder only root has access to or some non-standard shit like that)
hero member
Activity: 563
Merit: 500
December 22, 2013, 07:08:15 PM
#60
Just use Armory: all digital wallets are encrypted.

If a hacker gets a hold of your digital wallet and it's encrypted with AES256. It will take hackers approximately 1.56 billion years to crack the encrypted password.

I am not even worried.

Why would they bother to try to crack it?  The same malware that steals your wallet will just steal your passphrase next time you use it.  And even if there isn't a passphrase stealer, you're assuming you are anywhere near as good at picking strong passphrases as you think you are (the fact that you say 'password' rather than 'passphrase' is not a good start).

Using Armory is good advice, but if you have a non-trivial balance you should be using cold storage, which is where Armory comes into its own.

roy
sr. member
Activity: 331
Merit: 250
December 21, 2013, 10:54:06 PM
#59
Just use Armory: all digital wallets are encrypted.

If a hacker gets a hold of your digital wallet and it's encrypted with AES256. It will take hackers approximately 1.56 billion years to crack the encrypted password.

I am not even worried.
sr. member
Activity: 266
Merit: 250
December 21, 2013, 02:51:16 PM
#58
You don't need to encrypt your wallet. You can just move your bitcoin data folder usually located in %appdata% to another location, and edit the bitcoin client shortcut's target from:

Code:
"C:\bitcoin-install-directory"

to

Code:
"C:\bitcoin-install-directory" -datadir=C:\bitcoin-data-folder
This is great tip. Some hac.kers  which uses scanner tools first checks appdata directory actually maybe we should develop to insert a tool in bitcoin software to able to change it.. This will very much help to protect wallet.dat
member
Activity: 150
Merit: 10
December 11, 2013, 07:14:00 PM
#57
Damn that is crazy! You think it'll get into an encrypted mac with an encrypted wallet?
Pages:
Jump to: