Bitcoin Forum

Hello Everyone,

Welcome to my thread. Today I am going to share some important information which actually relates with hacking incidents. I hope this thread will help to keep you far from account or wallet hacking incidents. As a regular activity everyday we visit various websites. It is to notify all of you that On several website users being forced to click on unexpected popups yes or confirm button. In this situation many times you are not able to get back from that web page without clicking a single button there. Its a hacking trap where on these popup hacker use hide phishing link and malware to get access on your device.

In many cases if you see carefully that you click on play button to see a video or download an image but it redirects you to another pages where you click again but your video isn't playing and same for the image. Its another common way to open loop to get access on visitors account or device. These are called hide advertisement which are extremely risky for the existing visitor of the website. Specially these are really common in porn sites where worlds most of the porn sites have no SSL and hackers target those sites visitor for a successful hacking attempt. Sometimes those popup shows like;

1. CLICK HERE TO UPDATE YOUR MOBILE.
2. DO YOU WANT TO KILL ALL YOUR MOBILE VIRUSES.
3. CLICK ON CONFIRM BUTTON TO KEEP YOUR MOBILE VIRUS FREE.

Finally I want to suggest all of you guys to be careful about this kind of things. Its better to think twice before click on a popup or link which looks unusual to you. If you somehow click on these kind of link or button please shut down your mobile or computer as soon as possible to reduce the chances of hacking.

Correct, most a times popup windows are attempt from hackers to gain control or to exploit our system as to see valuable information for extract. One must be careful while surfing the internet, becasue these are tricks use by these heartless individuals to steal information|data. Long ago, in my place of work, upto 5 computer systems where hacked becasue of negligence on the part of my colleague, who unintentionally and un-cautiously click  a popup window without reading the message from the window pop.

Have learned to read popup windows messages or evaluate links before click to stay safe on the internet. Although according to Black Hat, no system is SAFE!, but at least with this guide our system are safe 90%.

Such shady advertisements are usually used on websites which have illegal content and can't use good ad networks like Google Adsense to monetize their website. Such ads can be found on sports streaming websites, porn and torrent websites, crypto faucets. What you can do to avoid it? Just don't visit websites with such shady ads. Or use adblock, it helps to bypass these type of ads.

simply just activate pop-up blocker!
if you don't expect any pop up as a response to your action on that site, immediately close that pop up 
best bet that pop up is just useless ads, and some are tricking you to install malware :o

A simple adblock extension like Adblock Plus should be able to block most popups and hidden ads that might come up when you're browsing on a desktop computer that supports Chrome. If you're using an adblocker and a site's telling you to turn off the adblock, Anti-Adblock Killer (click for link (https://reek.github.io/anti-adblock-killer/)) should be able to disable whatever's telling you to turn your adblock off.

Unfortunately, there's really no good solution to blocking ads on Chrome mobile or mobile browsers in general AFAIK. Chrome has a setting on mobile to block popups but some still do get past.

Using adblock or noscript might help us, but the first and most important protection is your own awareness. Make sure that you don't browse carelessly by clicking any pop-up windows that look shady. Most of the times it shows up on download site, porn site or something similar. You can also use Linux as most virus/malware/etc are targetting Windows users (though of course, this doesn't mean you'll be free from anything).

I am lucky that I have this kind of browser extension for that hidden advertisements. Adblock is highly recommended for all of us. Even if we don't have adblockers we should be more careful when clicking ads or reading ads.

Ad blockers are a good way to get rid of most of these ads but more importantly you need common sense to get rid of that ignorant voice inside your head that says "click on it, just try it, see what it is!".
Don't fall for things online that you wouldn't do in real life. Nobody is going to give you any money and make you rich and help you with your viruses either or help you enlarge your penis. 

We also have uBlock Origin. I use it and it's an awesome adblocker and open source too
It's available for almost all browser Chrome,Opera Firefox, Mircrosoft edge, Safari
Chrome - https://chrome.google.com/webstore/detail/ublock-origin/cjpalhdlnbpafiamejdnhcphjbkeiagm
Firefox - https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/
Opera - https://addons.opera.com/extensions/details/ublock/
Microsoft Edge - https://www.microsoft.com/store/p/app/9nblggh444l4
Safari browser - https://safari-extensions.apple.com/details/?id=com.el1t.uBlock-3NU33NW2M3
Official Github - https://github.com/gorhill/uBlock

Yeah which websites you mentioned those are full with so many hidden advertisement and hackers set their trap on this kinda place because its easier to get lot more traffic there. Using adblock could be a proper solution to get rid off these shady ads. If you don't have adblock then honestly its hard to deny those fake popups during website surfing.

sometimes its really hard to close popups or get back on previous page. In many cases there's no way but shut down the device.

I can't remember the last time I ever saw one of these kind of attacks. 10+ years ago now? There are so many good browser add-ons that everyone should be using, that will completely eliminate the chance of such an attack on your device.

First of all, don't use Chrome. It's a privacy nightmare. Choose Tor, Firefox, or Brave instead. Add-ons that you absolutely want include uBlock Origin, HTTPS Everywhere, and NoScript. Also strongly consider anti-tracking privacy add-ons like Decentraleyes and Privacy Badger.

On some sites user is not allowed to see the content if adblock is turned on, or if pop ads are blocked in browser. In such cases users disable some of the protection and then it can get infected. As mentioned above such threat are usually occur on some faucets and porn sites, and it would be wise to not visit such sites from same device we use for cryptocurrency, especially if we use a desktop wallets.


This will not help in most cases, damage has already been made and what any user should do is to try to remove any virus / malware from device. In some cases formating disk is only 100% safe solution, same as hard reset of mobile device.

There is usually various ways you can bypass this kind of blocking. The most common is a simple overlay which simply obscures the site behind it, for example. You can just press Ctrl+Shift+C to open the Inspector and delete the overlay. Some advanced ad blockers will automatically bypass them for you. If I ever find one I can't bypass, then as you say, I simply don't visit that site. Whatever I was looking for I can and will find elsewhere. I'm not going to compromise my own privacy or security for the sake of a website.

i commonly used to found these kind of ads on a website that provided a free pirated files download such as movies, softwares, anime, and etc.
So people who still new with these things, actually need just simple 'close' the pop-up ads. Even thought it looks promising, but the real virus/malware it's actually inside the files you downloaded as well. (it happened on my friends phone)

So beware and stay safe tho

This is a climbing hill battle for many in this forum who are already addicted to Chrome, but there is a solution to your die hard habits:

Ungoogled-chromium (https://github.com/Eloston/ungoogled-chromium). First do understand Chrome in fact IS just Chromium with a few extras: (fonts, flash player, pdf reader, drm "widevine", etc).

Also understand that several browsers out there simply use Chromium and then modify it a little bit, such as Opera or Brave. Yes, they all share the same add ons. On most cases you can just type the url chrome://about to find out what Chromium version you are running.

Ungoogled chromium removes all google tie ins, including integration with the "play" store. You can still manually download the extensions and install them, so don't worry about that. Did you notice how Google banned all extensions that allowed downloading content from Youtube? thats just a tip of the iceberg reason of why you wouldn't want Google controlling your browser.

If you go the layman way of simply using Opera or Brave (or any Derivatives (https://en.wikipedia.org/wiki/Chromium_(web_browser)#Browsers_based_on_Chromium)), beware that you are shifting your trust from Google, to yet another third party (which might also be colluding with Google anyway).

Now I'm not going to say Firefox is completely clean of annoyances, it isn't. This is why there are also privacy focused mods out there (thanks to being open source). Such example of would be Waterfox (https://www.waterfoxproject.org/) vs Firefox, try it and see the difference. Its always good to have a backup browser that uses an entirely different rendering engine, you never know when a page will break with one that works with the other, they still exist.

---

Ok, back to the topic: Those tips are valid, but are not 100% safe. Many people don't bother blocking scripts, this is a big mistake. While i used to use NoScript in the past, i switched to uMatrix (https://github.com/gorhill/uMatrix), which is made by the same author of uBlock origin (and both can be safely used together). This is a must, because you don't want random scripts executing when you browse the web. Only white-list trusted sites, and within those, only white-list the actual useful content (ie. not the trackers). This is because, not all exploits "require" for the user to actually click anything and many can be executed without user intervention. Sometimes exploiting browser vulnerabilities, sometimes OS vulnerabilities. So don't feel the least "safe" because you never see a pop up (but block them anyway, most browsers are doing that by default anyway).

Do not underestimate your OS. Microsoft IS jealous of Google, they openly switched to data mining with the release of windows 10. While Chrome can be considered a privacy nightmare, the same is true for windows 10 (in addition to a security nightmare). On a PC (doesn't matter if its an Apple) you should be running Linux (https://mxlinux.org/) or a BSD instead of windows or osx. With smartphones the situation is more grim, and would require their own thread, but you should quickly start dumping any Microsoft and Apple dependencies from your life as soon as possible.

Ask this question: Can you continue your life normally if suddenly company x disappears tomorrow? If you can't, you are in trouble. Break those chains before the chains break you first. It certainly doesn't help them switching to a subscription model. What good is a software that stops working the moment you stop paying or lose internet access? You are supposed to reduce your dependency, not increase it.

A paranoid person wouldn't even bother installing the OS, but keep a privacy oriented live linux iso (https://tails.boum.org/) around that can be used occasionally (such as for creating and managing cold wallets). Especially useful if you are using somebody else's computer.


Does this sound like too much of a bother? That is exactly what the wrongly called "hackers" truly exploit in the end: People's laziness.

I would add to that, always think twice if something is too good to be true because it usually is. General advice but can save someone's trouble.
I hope guides like this actually help someone, always want to think like that.

Sometimes users fall on this kind of trap due to lack of enough knowledge. Most of the time users can't figure out the exact reason of his/her account hacking. Basically many websites force their visitors to click on this kind of shady popups and they set this in every single page. Showing same or different popups again & again is the trick to bound visitors.

Yeah there's been a couple of good browsers who are really careful about their users privacy and safety. Its better to use them as default which can save our device and accounts from unexpected hacking incidents.

My only issue with Waterfox is that it can lag behind Firefox in terms of updates, sometimes quite significantly (a month or more), which makes it a security risk. Similarly, many add-ons will require the most up-to-date version of Firefox, meaning that you are stuck using older version of add-ons as well, which again is a security risk. Most of the features of Waterfox can be achieved in Firefox with a little time and effort anyway.


I've always used NoScript, and never had any issues with it. What benefits did you see by switching to uMatrix? Thanks for the suggestion anyway, I'll look in to it.


This this this. Google, Microsoft, Apple, Facebook, etc. They are tracking everything they can, including your location in real time and recording from your microphones and cameras. Cut them out of your life as much as possible.

Hackers usually took the chance of careless users mistake where those user don't bother too much about their browser or browsing destination.

Yeah its unexpected but true. Not so easy to cut out from life IMO where i think many of us are blindly addicted to these.

I guess more than 4-5 years ago i have this kind of apps downloaded to my mobile and that was a Apps cleaner and I thought it will work as i wanted to be deleted those not needed apps or cache but what happens is irritating because lots of popups happening from time to time and when i deleted that cleaning app my fone act like crazy untill time that i need to dispose the said gadget and now i learn from my mistakes

for Op thanks for this thread as many newbies and non tech person here needs some good advice like this

I usually split my browsing habits to prevent these attacks. I use a "clean" OS for payments and accessing my wallets and I use virtual sessions to sandbox "unknown" websites. When you get these attacks, you just stop the session and reload a new virtual session with a clean OS.  ;)

Another way to do this, is to boot with a Tails boot disk and to "experiment" with unknown sites within that environment. When you run into problems like this, you simply reboot and Tails will start again, with no problems. <No browser ad-ons needed.>  ;)

That is what hackers do to get your information. Even if it's just a simple GIF image but it may contains an executable javascript that will run once you click the image. It is called Cross-site Scripting that will take your information or send you a malware that will harm your device. What is Cross-site Scripting? https://en.m.wikipedia.org/wiki/Cross-site_scripting#Persistent

That's the final part of their hacking attempt. Its kinda simillar with phishing website where they just need to have the loop for delivering malware on your device. After that you could see some unusual activity on your device like;

1. Device will start to redirect you that phishing link or web as a bookmark destination where you haven't touch it to browse.
2. Sometime you can see that device is trying to log in to your wallet related app itself where you haven't command to browse there.
3. Your device Antivirus (existing not installed from untrusted source) will start giving notification to clean your device.

In my opinion its much better to be careful enough if you face a browsing situation where its forcing you to install/update/download something. Get out from there instantly if possible or shut down your device. Prevention is always better than cure.

One correlated hacking procedure is that of Sim Swapping. It combines retrieving your personal data and identity theft. Basically, what Sim Swappers do is convince the telephone operator that they have lost/damaged "their" sim card, and demand a replacement. In order to do this, they use some of your identity information which they have manage to get hold of (via phishing, fake links, fake KYC, or other means), such as your full name, address, id, and then claim to be you needing the replacement for your sim.

Once the have the duplicate sim (which normally invalidates yours), they then use it on sites that rely on the sms verification to impersonate you during the validation procedure (along with some of the details they managed to get in advance).
 
While I don’t think that it is a very extended practice, a guy has just been condemned to 10 years of prison time for performing the above and getting away with 7,5M$ is crypto, stolen to participants at Consensus, a Coindesk event, during 2018 (See:  California Jails Student for 10 Years for $7.5 Million SIM-Swap Bitcoin Hack (https://www.ccn.com/bitcoin-hacker-10-years-jail-7-5-million-sim-swap)).

Nobody can force me to install or download anything, it can only be an attempt which will be stoped by me, or in case that person does not use common sense it will be stoped by security software before installation. If someone is not aware of how the internet works, and what should or should not do during browsing, some things will be learned unfortunately in the hard way. In some cases shut down is only option, just because browser can be frozen, but some browsers will automatically open previously loaded pages and you are back to where everything started.


They need to make fake documents for this, and they need to go personally at the operator store. In my country you can not get new sim card just by asking that via phone call or by e-mail. In addition to making false documents, almost every store today is under video surveillance, so this is not easy attack to perform. I do not know how that student was caught, but 10 years is too low punishment - he will get out probably a lot earlier, and continue where he left off.

Most legal sites uses google admob and the likes which can't show such types of ads only sites with illegal content that can't get approved by admob uses ads that has the tendency of showing phishing/hacking ads and if you decide to visit sites with illegal content then you should know what you're getting yourself into and take precautions.

Honestly not comfortable using an app for blocking ads, I mostly prefer to fix my browser setting and block the ads, pop ups and redirect and so far still haven't any issues.

I feel like installing a pop up blocker it literally access my privacy and obviously it's a third party. Anyway, will it's still best to just use incognito more often?