Warning! New type of malware - address swap attack

abel1337

legendary

Activity: 2464

Merit: 1145

FOCUS

Quote from: lovesmayfamilis on November 19, 2022, 09:47:09 AM

This malware is downloaded after a user installs an extension in their browser. Therefore, the best solution for your security would be to use the Firefox browser, abandon the Chrome browser, and also not make a Christmas tree out of your browser by installing a lot of extensions. When installing the desired extension, you must consider the number of users who installed it as well as the time the extension was created. If it is very new, then you should be careful, and it is better not to install it.
The installation of Linux systems is the icing on the cake for anyone who wants to better protect their computer from most malware. This advice can be given to anyone who is beginning to be interested in cryptocurrencies for parallel study.

I agree to this. This is a basic cyber security defense, Being careful on what you are installing and downloading. There's a lot of hackers now and putting trojan into something that a user could possibly install is not really new. Hackers are just improving old method they have and improving it on a way that potential victims wouldn't expect it. I remember that I have a friend who where a victim of the classic copy paste virus before the bull market starts, All of his assets where sweeped and believe me or not he is an IT student which obviously know more about computer than the average users. We tried to locate where does the virus came from and I promise you that we couldn't figure it out. Hackers are just being smart day by day.

lovesmayfamilis

legendary

Activity: 2072

Merit: 4265

✿♥‿♥✿

This malware is downloaded after a user installs an extension in their browser. Therefore, the best solution for your security would be to use the Firefox browser, abandon the Chrome browser, and also not make a Christmas tree out of your browser by installing a lot of extensions. When installing the desired extension, you must consider the number of users who installed it as well as the time the extension was created. If it is very new, then you should be careful, and it is better not to install it.
The installation of Linux systems is the icing on the cake for anyone who wants to better protect their computer from most malware. This advice can be given to anyone who is beginning to be interested in cryptocurrencies for parallel study.

goaldigger

sr. member

Activity: 2310

Merit: 355

Quote from: judeafante on November 19, 2022, 09:19:53 AM

Hackers are targetting Cryptocurrency because of the reverse transaction and anonymity, if you're a window user and always download files from unknown sources your pc will likely get infected, education and awareness is always the key, be sure to arm yourself with the best anti-virus and malware protection use Brave it protects you from hackers following your online activities and take note and take time before making a transaction, you need not be in a hurry transact do the 30 seconds or longer checking of the addresses.

Unfamiliar sites or files should not be downloaded in the first place, we all know hackers are doing this since then and if we are going to be more careless then we can expect them to get access on our most confidential files and that might include your personal keys. I'm not familiar about this new Javascript malware though so thank you for sharing this one and I'll run some test now for my PC and make sure that my laptop is free from any harm. Many are paranoid now when it comes to their security, this should always be our top priority above all.

judeafante

sr. member

Activity: 2254

Merit: 258

Hackers are targetting Cryptocurrency because of the reverse transaction and anonymity, if you're a window user and always download files from unknown sources your pc will likely get infected, education and awareness is always the key, be sure to arm yourself with the best anti-virus and malware protection use Brave it protects you from hackers following your online activities and take note and take time before making a transaction, you need not be in a hurry transact do the 30 seconds or longer checking of the addresses.

Ayers

legendary

Activity: 2590

Merit: 1022

Leading Crypto Sports Betting & Casino Platform

Quote from: sunsilk on November 19, 2022, 04:11:27 AM

It's the clipboard(copy paste) malware right? This is actually new and if you're someone who's careful and a responsible internet user, you'll not just going to download anything on the internet without knowing what it is.

That's the first rule to obtain this malware, to download and install it. That means, don't just download some extension that you don't know and you don't need.

If it's clipboard malware it's not new, it's been around for a long time and I've seen a lot of victims of these incidents. For these viruses, it is only necessary to use specialized anti-virus software to remove them. Always check your wallet address before making a transaction, although it takes time, after copying the wallet address, I always check each character of it, I check at least 2 times and then press the send button. Malware is extremely sophisticated these days, so we should be slow but safe.

Mr. Magkaisa

sr. member

Activity: 742

Merit: 282

- Thank you very much for the reminder here on this forum platform, this is a big deal for most people who use the chrome browser and that includes me. Sometimes, this malware finds ways to do things that are not good for users.

I also see a lot of malware on Facebook so I see a lot of Facebook accounts that suddenly get their accounts hacked because of these attacks.

In terms of my experience, I currently do not change anything in my chrome settings every time I open my PC on the desktop.

Hypnosis00

sr. member

Activity: 2338

Merit: 338

We have this new technology and great developments but on the opposite side, it becomes a medium for scammers and hackers to easily get access to our computers or PC. I see a lot of computer users are not really aware of this kind of trick and certainly, these people are prone to malware attacks. Now I see it is everyone's concern and much help others to be aware of the situation. However, this can't be done and rid of them right away, they still have a lot of chances. At this time, even if we use and install reliable device security on our computers, we can't be 100% safe, not at all.

Crypt0Gore

sr. member

Activity: 812

Merit: 260

I won't bother deactivating java script on the PC because if any malware can swap your address to theirs your whole PC could be already compromised.

In this case I will reformat the whole PC and start afresh, there is no way you would no that this is the only successful attack that's already unleashed in your PC.

I'm done with chrome browser because it's not as strong as the official windows 10 browser and also it's cool to always stay updated, always update your PC from time to time to avoid missing out on new patches and security updates.

sunsilk

hero member

Activity: 2884

Merit: 620

It's the clipboard(copy paste) malware right? This is actually new and if you're someone who's careful and a responsible internet user, you'll not just going to download anything on the internet without knowing what it is.

That's the first rule to obtain this malware, to download and install it. That means, don't just download some extension that you don't know and you don't need.

GreatArkansas

legendary

Activity: 2282

Merit: 1344

Buy/Sell crypto at BestChange

I remember some people posting on a cryptocurrency Facebook group about a video clip when they are using their windows computer and every time you paste a text which is a cryptocurrency address, let's say a Bitcoin address or Ethereum address, the pasted text is changed from the original copied text. So this is the malware I believe those people affected.
People must learn the basic securities of using the internet especially don't clicking some random links without thinking.

vv181

legendary

Activity: 1932

Merit: 1273

Well, did you do it though?

CMC article is oversimplifying the solution right here. While they should mainly endorse the main solution given in the article, disabling JS is not approachable for a majority of users who are interacting with JS-intensive websites. I even doubt most exchanges are working without a JS.

This solution on OP is intended specifically for LocalMonero site, where it is fully detailed and based on https://www.reddit.com/r/CryptoCurrency/comments/y90fwg/psa_weve_discovered_malware_that_replaces_the/. So, to give NoJS advice as the whole solution without specifically applying it into specific condition is a too broad generalization for the users.

dwminer1

hero member

Activity: 1848

Merit: 530

The OGz Club

There’s a new type of malware, which iterates on the common address swap attack to form a particularly nasty and difficult-to-detect threat. The malware currently uses JavaScript to carry out its effects — hence disabling JavaScript can neutralize it and reduce your browser’s attack surface. This can be easily achieved in the settings for most Chromium-based browsers.
Here’s the action flow for disabling it in native Chrome:

1. Open settings.
2. Search “Javascript.”
3. Click “Site Settings” under the Private and Security section.
4. Select the “Don’t allow sites to use Javascript” option.

More info: https://coinmarketcap.com/alexandria/article/3-minute-tips-how-to-avoid-this-strange-new-crypto-malware

Topic: Warning! New type of malware - address swap attack (Read 96 times)