Pages:
Author

Topic: {WARNING} Cybersecurity vulnerabilities/flaws: Ledger exploit (10.08.20). - page 2. (Read 691 times)

legendary
Activity: 3178
Merit: 3295
With the software Sandboxie you can run your browser also in sandboxed mode and if there is some program or other software that would be try to doing something it cant !
You also have an log file there where you can look when something happend .

With the wallets i has got that some years ago , i guess it was the dinar wallet , installed and 3 Minutes all my accounts and things was hacked even some BTC stolen !
And that was changed my mind and looking before i install or use some software !
legendary
Activity: 3038
Merit: 2162
"17-Year-Old Weakness in Firefox Let HTML File Steal Other Files From Device"

Sometimes crypto sites, usually wallets, tell their users to download the html page and run it locally - MyEtherWallet does this, if I remember correctly. With this bug now revealed, users should no longer rely on the fact that browsers are sandboxed and can't harm their machine. Like with any other software, people should verify that they get HTML files from the real developers, and that developers have some established reputation and not just nonames that popped up yesterday.
legendary
Activity: 2240
Merit: 3150
₿uy / $ell ..oeleo ;(
"17-Year-Old Weakness in Firefox Let HTML File Steal Other Files From Device"

Yet another weakness found in the Firefox. Read and beware.

Quote
Except for phishing and scams, downloading an HTML attachment and opening it locally on your browser was never considered as a severe threat until a security researcher today demonstrated a technique that could allow attackers to steal files stored on a victim's computer.

Barak Tawily, an application security researcher, shared his findings with The Hacker News, wherein he successfully developed a new proof-of-concept attack against the latest version of Firefox by leveraging a 17-year-old known issue in the browser.

The attack takes advantage of the way Firefox implements Same Origin Policy (SOP) for the "file://" scheme URI (Uniform Resource Identifiers), which allows any file in a folder on a system to get access to files in the same folder and subfolders.

Here is a video of how it's done > https://www.youtube.com/watch?v=XU223hfXUVY

Source
legendary
Activity: 3178
Merit: 3295
@iasenko

Maybe that is something too for this thread !

Lately a lot of Fake Anns was created with malware downloads on the Wallet download links.
We or some Users know that but as a new Users or Newbies dont know that.

How it works is that they create an Ann for some Coin and it Looks like as a normal download link but in the background is a link hided there are not pointing to github.
It looks like when you see the Link that it is from github but it dosnt take you to there.
It gets you instant an download from a other site and the Wallet is infected with Malware.


I have done an example here how it looks https://bitcointalksearch.org/topic/m.51528662

legendary
Activity: 2240
Merit: 3150
₿uy / $ell ..oeleo ;(
With all the ado going about these vulnerabilities where we are talking mostly about malwares, can someone throw some light on ransomware too which was on everyone's lips as it used to hack the PCs and hackers asking for BTC as extortion money to give back your data? That is one major thing that puts crypto under red light.

Well, you can live even without antivirus if you follow certain rules, you need to keep good digital hygiene, that includes to be careful which sites you are visiting, how you handle your mail and just the typical common sense kind of things. If you don't open a file you are not sure they are OK, and enable the shadow volume copy, you're going to be fine even with the randsomware.
legendary
Activity: 3052
Merit: 1273
With all the ado going about these vulnerabilities where we are talking mostly about malwares, can someone throw some light on ransomware too which was on everyone's lips as it used to hack the PCs and hackers asking for BTC as extortion money to give back your data? That is one major thing that puts crypto under red light.
legendary
Activity: 3178
Merit: 3295
I will be try to get me some list and i will post it here because lately the theme Malware and some kind of things getting bigger .
I saw a few topics and threads about that but i have to look where they are and i will post it here for sure .
legendary
Activity: 2240
Merit: 3150
₿uy / $ell ..oeleo ;(
Maybe you can add this thread to your OP too https://bitcointalksearch.org/topic/clipboard-hijacker-malware-monitors-23-million-bitcoin-addresses-4601535  guess a lot of new users dont know that this can be happen.

And it should be a warning for those that download things and that they should check it a few times before they download and install Software.

Also simple Browser extensions can also have some Malware in it .

Done man, good work. I haven't seen your thread before very useful information Smiley BTW if you see any threads that fall under this warning thread, please post them here Smiley
legendary
Activity: 2254
Merit: 2406
Playgram - The Telegram Casino
- Use 2FA and password and never forget it at any cost.

It's also advisable to back up your 2FA account, if you use Google authenticator, or more preferably use authy which automatically creates a back up which can be assesses using your email and password
legendary
Activity: 3178
Merit: 3295
Maybe you can add this thread to your OP too https://bitcointalksearch.org/topic/clipboard-hijacker-malware-monitors-23-million-bitcoin-addresses-4601535  guess a lot of new users dont know that this can be happen.

And it should be a warning for those that download things and that they should check it a few times before they download and install Software.

Also simple Browser extensions can also have some Malware in it .
legendary
Activity: 3052
Merit: 1273
Is the solution on these flaws by updating it?. Anyway, I don't have any of those mention right now. I used VLC before but seems like they have problems that you'll encounter. Is there any other programs that can affect your cyber security as of now?. Does apple mobile devices can be affected too?.

I believe that any device that is connected to the internet and most importantly, gets filled with a lot of apps every now and then (even if it passes the Security measures of Siri), I believe it is still vulnerable to getting hacked and your data stolen.

For you to save your coins in your phone:

- Don't save your keys in it at all.
- Use 2FA and password and never forget it at any cost.
- If you've got email and phone verification to login, I'd still suggest you 2FA over these as emails can be hacked as well as SMSes can also be watched.
- Guard your wallet with a password different than the one you'll use to get into it (like when you tap on that wallet, it should ask for a pattern/password for extra security).
hero member
Activity: 2268
Merit: 669
Bitcoin Casino Est. 2013
Is the solution on these flaws by updating it?. Anyway, I don't have any of those mention right now. I used VLC before but seems like they have problems that you'll encounter. Is there any other programs that can affect your cyber security as of now?. Does apple mobile devices can be affected too?.
legendary
Activity: 2240
Merit: 3150
₿uy / $ell ..oeleo ;(
There are so many threats out there that are not only in the crypto world, but can be used to steal your coins, so lets put all the warning posts here (and keep the forum tidy).
I'll try to keep the OP updated regularly.



Ledger exploit makes you spend Bitcoin instead of altcoins.new
Added> 10.08.20

Sudo Bug Lets Non-Privileged Linux and macOS Users Run Commands as Root
Added> 04.02.20

New Chrome 0-day Bug Under Active Attacks – Update Your Browser Now!
Added> 01.11.19

iOS 13 Bug Lets 3rd-Party Keyboards Gain 'Full Access' — Even When You Deny
Added> 27.09.19

NetCAT: New Attack Lets Hackers Remotely Steal Data From Intel CPUs
Added> 11.09.19

Over 40 Drivers Could Let Hackers Install Persistent Backdoor On Windows PCs
Added> 12.08.19

New Malware Replaced Legit Android Apps With Fake Ones On 25 Million Devices
Added> 12.07.19

A New Ransomware Is Targeting Network Attached Storage (NAS) Devices
Added> 11.07.19

Zoom has a flaw that lets a website turn on your Mac's camera without permission
Added> 10.07.19

Over 1,300 Android Apps Caught Collecting Data Even If You Deny Permissions
Added> 10.07.19

"17-Year-Old Weakness in Firefox Let HTML File Steal Other Files From Device"
Added> 05.07.19

Already created topics:
Clipboard Hijacker Malware Monitors 2.3 Million Bitcoin Addresses

WARNING to all DELL users. Security Flaw in Pre-Installed Dell Support Software.

WARNING! to all VLC player users! Stop using VLC and update it now!!

WARNING! Cryptomining Malware Launches Linux VMs On Windows and macOS

PSA: Firefox zero-day exploit used to attack Coinbase. Update Firefox

Malware infected wallets in Github, doublecheck before download, examples here.

Added> 26.06.19
"New Mac Malware Exploits GateKeeper Bypass Bug that Apple Left Unpatched"
Quote
macOS Gatekeeper Bypass Vulnerability

GateKeeper is a security feature built into Apple macOS that enforces code signing and verifies downloaded applications before allowing them to run, helping users protect their systems from malware and other malicious software.

That means, if you download an application from the Internet, GateKeeper will only allow it to execute without any warnings if it has been signed with a valid Apple-issued certificate, otherwise will prompt you to allow or deny the execution.
However, Gatekeeper has been designed to treat both external drives (USB or HDD) and network shares as "safe locations" from where users can run any application without involving GateKeeper's checks and prompts.

Quote
Until Apple patches this issue, researcher advised network administrators to block NFS communications with external IP addresses, and for home users, it is always important to not open email attachments from an unknown, suspicious, or untrustworthy source.
Source.


Added> 27.06.19
"Legit Apps Turned into Spyware' Targeting Android Users in Middle East"

Quote
Cybersecurity researchers are warning about an ongoing Android malware campaign that has been active since 2016 and was first publicly reported in August 2018.
Dubbed "ViceLeaker" by researchers at Kaspersky, the campaign has recently been found targeting Israeli citizens and some other middle eastern countries with a powerful surveillance malware designed to steal almost all accessible information, including call recordings, text messages, photos, videos, and location data—all without users' knowledge.
Quote
According to the researchers, the ViceLeaker attack campaign is still ongoing, and attackers could potentially distribute malicious repackaged versions of legitimate apps through third-party app stores, instant messengers, or attacker-controlled online webpages.
Since such apps masquerade as legitimate or popular apps, Android users are highly recommended to always download apps from trusted sources, like Google Play Store, to prevent themselves from becoming a victim to this attack.
However, you should also not trust every app available on the Play Store. So, always stick to only verified developers to avoid installing malicious apps.

Source

Stay safe!
Pages:
Jump to: