Bitcoin Forum

From: https://www.zdnet.com/article/7-hacking-tools-that-look-harmless-but-can-do-real-damage/

If you use your computer to store any amount of crypto, or even if you use a hardware wallet, you should avoid plugging random stuff into your computer that you don't know about, because it is very easy to disguise a cable or a USB flash drive as a malware that logs your keystrokes and copies wallet files.

The following is a list of gadgets you should be particularly concerned of. If you see them anywhere in sight, get your computer away. Especially do not leave your PC unattended in some strange, unfamiliar place.

Flipper Zero:

https://www.zdnet.com/a/img/resize/855ff2f269fb7656c2ed7bb3be82a35aa1cc09ce/2023/10/09/63ef5891-8f2d-436e-a6ec-f44a421e6d5e/img-6268.jpg?auto=webp&width=1280

It has a USB port for connecting to devices and sending keystrokes to execute any command like running a keylogger. It also has a WiFi controller for remote-control and file upload/download. This can be used to upload a malicious copy of a wallet software or download wallet files. It is more capable of doing Denial-of-Service damage than theft, however.

O.MG cables:

https://www.zdnet.com/a/img/resize/f768c6d0e9eaa1f8830c6a6af05b134d976edfe5/2023/04/11/ab56abf2-7063-4ebf-97bf-ef40919fe748/img-2766.jpg?auto=webp&width=1280

It has a USB port for connecting to devices and sending keystrokes to execute any command like running a keylogger. It also has a WiFi controller for remote-control and file upload/download. Very similar to the Flipper Zero except it is more disguised and can be camouflaged with your other cables.


USB Nugget:

https://www.zdnet.com/a/img/resize/9b498803918ceeef6eb03ca3e7d20b5b2c18089f/2024/01/21/bc223ef7-f41b-4c3f-a578-1c7881610b5a/2024-01-21-20-33-44.jpg?auto=webp&width=1280

Like the Flipper Zero and is also easy to detect in a room.

USB Rubber Ducky:

https://www.zdnet.com/a/img/resize/7a291aceff67b459f7fc2c2f6fe5a1998a520d4e/2024/01/21/88e991cd-1abe-4bb4-a9cc-f54aa1f71ac5/2024-01-21-20-45-33.jpg?auto=webp&width=1280

More dangerous kind of hacking tool that looks exactly like a regular USB flash drive (someone can just draw with black sharpie or permanent marker over the logo). Can send keystrokes to execute any command like running a keylogger. No WiFi controller.

WiFi Pineapple

https://www.zdnet.com/a/img/resize/bec612531b86481234fff8b08fca6ca266821fa8/2024/01/21/8ce37a10-4d9f-41c2-9fd6-38734c93b369/2024-01-21-20-36-37.jpg?auto=webp&width=1280

A router capable of performing man-in-the-middle attacks such as changing DNS queries and spoofing TCP/IP packets, and also reading all data that goes through the network except for TLS-encrypted data.

LAN Turtle

https://www.zdnet.com/a/img/resize/c2dfda459e09875def0e463e3581d59c2c98e9b4/2024/01/21/87a9d9fd-426d-4a48-af3a-1a61dc1e9a7a/2024-01-21-20-51-06.jpg?auto=webp&width=1280

A router capable of performing man-in-the-middle attacks such as changing DNS queries and spoofing TCP/IP packets, and also reading all data that goes through the network except for TLS-encrypted data.


Of these devices, only the first four are especially dangerous. As any "virtual keyboard" is capable of opening a terminal to install a keylogger which can record everything you type including seed phrases and wallet passwords, which can be ex-filtrated before the keylogger is even installed.

Ideally, you would make sure that access to your computer area is controlled and that only devices you recognize are present around it.

For maximum security, one of the best option is to go for a wallet on an airgapped device which its OS has been reinstalled and also making sure that it is not connected online by removing its WiFi card. Also remove the Bluetooth. If a wallet is setup on the device with the seed phrase having a strong passphrase is a good option. Backup the seed phrase and disable the USB ports and card reader or something from the Bios.

Another option is a 2-of-2 multisig in a way at least one device is a cold wallet like hardware wallet. Or going for a 2-of-3 multisig in a way that at least one device is airgapped. Better security but transaction fee will be high. Better for storage. For a wallet that is not used frequently.

For small amount on a desktop or a mobile wallet. Do not use the device to browse anyhow you want. People are now having at least two phones, and a laptop if possible. I prefer to use just one of my phone for browsing, while the other phone for just something related to wallet and exchanges. Disable download from unknown source. From settings, disable apps not to download files. Do not use it to download anything and also not using it for browsing. Just use it for only wallet and exchanges and let your other phone do the other work and get be careful of malware on the two devices. Do not share files with the devices.

Leave small money on online wallets while the remaining on cold wallets.

Good compilation and enlightening advice on how to protect our funds. I also think that the best option is to avoid any form of external connection to the device that has your wallet. Having a separate device that is solely reserved for your Bitcoin transaction might be expensive but it might be a good security precaution especially if you own huge funds. But I have learned so much from this thread and will always be conscious about devices around my workspace.        

I had a friend who almost got hacked or should I say was hacked by this singular behavior.
In one move. You could have your while device compromised and have yourself to blame for it. This particular friend of mine had a low battery on his device and decided to connect to someone’s laptop for few seconds of power. At the third party’s request, he clicked on the allow storage and transfer of data option and that’s how the third party downloaded all his contact and started reaching out to everyone including myself, asking for emergency aids to assist my friend who was in a critical state from an accident. It’s just unthinkable how these things happens but, from simple and common mistakes such as these, you could loss everything.

This extends to having to connect with any free hotspots out there too. Maybe a friend, in a public bar or coffee shop and more of those places. Your security should be everything in this highly evolved technological age.

Good information bro.
I have a question. is it risky to connect external hard desk via Usb too? and I have a 2 earbuds that i charge from my laptop by connecting them via USB. are they risky too?

Besides that I also heard that devices can be hacked via bluethooth too. we should be careful about that too.

Flipper Zero, I have seen this before. People unlocking hotel rooms and what not with it. There is a huge database of pre scanned devices and that can be downloaded and used by Flipper Zero.
It's dangerous. Imagine you a RFID door which is scanned by one of your friend as a prank and then he uploads it to their database, then your door can be opened by anyone in the world with Flipper Zero.

Several years ago, after reading a lot of evidence here about the dangers of using wireless keyboards and mice, I also refused them. However, the initial impression is of great convenience. Keyboard interception, espionage, and virus infection are common dangers of these devices. Therefore, any use of USB devices should always be double-checked and, if possible, locked with physical locks and disabled at the hardware level.

Why should anyone carry their laptop with them when they are travelling? This make me question as if some one is sane enough they would not carry their laptop that has crypto wallets. Everything that is being discussed in this thread are most probably kits that anyone would encounter in public. The reason being that the list have most of those cables or sticks that are common when you use them when in public.

Why not carry hardware which is owned by you and that does not require using public tools. The article is all about safeguarding anyone who is using electronic tools and not personal. This is the reality in countries that are developed and not in countries where such infrastructure is limited or non existent. It is very evident as these things are not available in my country.

Yeah, recently I created a similar trick being done by cyber criminals, [Warning] USB Malware that targets crypto wallets. (https://bitcointalk.org/index.php?topic=5483746.0)

And the modus here is that this criminals will target the employees of their subject of attack and usually big entities and enterprises. Once the malware was click and infiltrate their systems, then it's game over.

There is nothing that anyone can tell me, it's a big risk running a PC with crypto wallet or assets on the PC, there are many ways that your PC can get infected, I spent most of my youth days doing experiments on PC, windows OS is not strong when it comes to security wise.

This was why I went with a airgapped hardware wallet that I can update the software without having to plug into a PC for upgrade, and the one I choose has no wifi or internet connection needed, PC isn't that safe like you think, even if you are so careful you can still make a mistake one day when operating the system.

Now I can do anything I want on my PC, there is no crypto related things stored on my PC so I can install what I want without having to deal with the fear that something bad could go wrong.

@NotATether, when I saw this first device on the list, I remembered that I saw that one of the forum members offered it for sale a few months ago, and I was curious and checked what exactly it was about. It seems that this Flipper is a very interesting and powerful device with which you can do all kinds of "naughty" things.

It seems that in addition to the usual threats from the internet, we will also have to pay attention to all these "solid" threats, especially if we use our devices outside the home environment.

Ahh flipper zero :), who can forget this!! This is literally the best hacking device, that is out there, like the infinity gauntlet from Avenger. Power to control all. I have also seen those cables before (never knew it's called O.MG cable). It's really something. There is no way know which is actually the normal cable. It's completely identical from the original. And when connected, it'll run commands/scripts in an instance without the user realizing or noticing.

When they say avoid plugin unnecessary devices to your device it is actually for our own good. Especially the USB device it is an easy way for people who wants to harm or steal a file that is important to us from our devices without us being aware of what is coming. Seen it on movies and most persons think it's just an act but it is not. In reality there are professional hackers who work for all these scam companies, and they do the dirty work for them. However, the temptation is much so some people cannot withhold the urge to see what is in the USB that is why up till this day people are still falling victims in this kind of attacks because of ignorance.

How can someone even be sure of the kind of USB cables they buy from the market nowadays? I think I used one of the mentioned cords for transferring data when I got a new device, and one of the cables that came with it that I used to transfer data from my old phone to the new one just looks like the one mentioned in OMG cables. So far as good, there has not been any form of fund loss or any of such; maybe it is probably not it as the device was connected to my old crypto wallet, which I no longer use.

If searching for a reliable product is worth it including knowing how to avoid Punycode sites, then we need to be very careful of the kind of devices we plug in to our system, there are times that its not only the malfunctioning that we see as this products side effect, they also carries an inbuilt malware in them, which can be easy transmitted to any device they are connected to, and this calls for us to ensure buying reliable products and also getting them from the certified vendors or market place, there are many fake and substandard items in the markets in which we cannot trust their ends, thanks for bringing this to the awareness of members to avoid such before happening.

It's just best to plug those cables that you know and you've bought from a legit store and brand you trust. And as for going outside, just don't connect with any public wifi because you'll never know on which of them is the one that's just waiting for someone to connect through it and then on the other side, is the connection that has been setup by the hacker. I know about flipper zero and I see folks that have been flaunting it to the public, I don't know if they have good or ill intentions or they just want to test but as usual, it's always best to just take care of ourselves wherever we go.

LAN Turtle, which is called USB to LAN adopter here.
I didn't know it could be used in hacking, I often use this on my laptop connecting directly to my wifi modem.

Upon buying those products as mentioned above, they should be on the official store or merchant that can be trusted.
And if you have crypto, it should be stored on a device that you don't often use, not on the laptop for work.

A separate device for your crypto wallets and exchanges can be the answer to this problem, so a Bitcoin, holder will not fall prey to these hacks, because sometimes it can be necessary to plug your device to external connections. With a separate device for your Bitcoin, you'll have to be extra careful and never connected to unfamiliar connectors, thanks OP for sharing this vital information.

External hard disks use USB cables which can be modded to serve up a keylogger, as I pointed out in the OP.

But the probably that you will be targeted with one of these is very low. Just don't plug random stuff into your computer as the title says.

I remember writing about the USBHarpoon (https://bitcointalk.org/index.php?topic=5186863.0) back in 2019. It's a malicious cable that downloads malware onto your device if connected. This thread of yours reminded me of it.

Any piece of unknown external hardware can potentially be a risk, so it's hard to answer with yes or no to such a question. The more popular the brand is, the less likely there is a problem with it. If you bought it from a trusted shop, I wouldn't worry that much, unless it's a completely unknown, cheap, and weird-looking gadget. If you got it from someone in a dark back alley, then I don't know what to tell you. ;)

How likely is a USB device to gain access to an unattended locked Linux laptop? I'd be more worried about physical theft, so bring a Kensington cable lock:
https://p1-ofp.static.pub/medias/bWFzdGVyfHJvb3R8MzQxNDJ8aW1hZ2UvcG5nfGgzMS9oNDYvMTEwNjk3MTkwNTIzMTgucG5nfDkzNzY3ODMzYTI5NmI2YTQ5ZTIyNTgyODEzNmJjY2ZmMTIzNDExOGI5MTU4Mjk4MmNkYmUzZTU0YThlYTU0ODk/0B47388-01-200x150.png

Other than that, use the basis: an encrypted disk, and a laptop with soldered RAM (https://www.pcmag.com/news/microsoft-blames-liquid-nitrogen-for-surface-devices-using-soldered-ram) against liquid nitrogen freezing to read your decryption password, you know, just the basics :D
And don't use Windows of course. "Plug and play" is a huge security risk. It's probably safe to say that as long as you're using Windows, hardware attacks shouldn't be anywhere near the top of your list of potential attack vectors.

What danger can a keylogger or malware pose to hardware wallet? Malware will not be able to physically press the transaction confirmation buttons for you, given that you probably double-check the sending address for correctness before confirming the sending of the transaction.

Will the following gadgets pose a threat if the computer has a password to access it?

Do not also allow friend or family members who may want to borrow your computer for use to plug anything into your computers. In fact, do not let another person use your personal computer without supervision, it is not advised. Individuals can be careless with properties that are not their personal belongings, this is why supervision is very necessary for it especially as it is more important to you.

Ive seen a lot of news before related to data stealing with the use of charging cables in different stations, and stores, people see this as one of their convenient ways to get a temporary charge or connect to the internet, and these items are one of the reason why i don't rarely use those plugs came from them because i know already the possibilities, even connected in the wifi there's a lot of information can be get to your device or else possible getting compromised. Good compilations at least people are aware of their security and of course, people have cryptocurrencies bound to their devices. Im curious if this device can be blocked with our anti-virus or just ideally disable the port.

To say the worse isnt it madness that a supposed enlightened crypto holder would find a lone USB or flash drive and will of all places to check what's inside it is a gadget in which he has his crypto stored he chooses to use in doing that. to be plain such a person doesn't deserve owning a bitcoin by carrying such a lame act. Intermittently we contribute to making this hackers appear very smart and wise by an act of stupidity on our end that ordinarily we don't need an elementary certificate to know about it and doing the right simple things. 

Theoretically, hardware wallets are supposed to be safe from these kind of devices.

HOWEVER, that doesn't mean the software wallets themselves are also safe. They can easily be replaced with a fake copy that prompts your hardware wallet to sign a malicious transaction, and you might fall for it if the hardware wallet doesn't show you the amount being transferred out.


Yes, because they can download a malicious payload from the internet exploiting a zero-day vulnerability in Windows and then install a keylogger which records your password.

How are you going to double-check the sending address, if your software is compromised? Usually, I see the sending address on my monitor. If anything on my screen can be compromised, I'll verify the same incorrect address is indeed also showing on my hardware wallet.

I'm getting paranoid about buying things now online. I believe it's easy to put something in something that you order and could put something malicious in a gadget that can look like that. Knowing this, how would you even see or check a specific device that could be malicious?

Software could do this too right? It's quite concerning, to be honest.

It is. Add a €2.50 eSim (https://bitcointalk.org/index.php?topic=5464321.msg62740631#msg62740631) and any device can suddenly upload your data even if you think it's air-gapped.

At first when I heard that it is not advisable to share hotspot with unknown persons, I thought it was a joke not until till thread has been able to educate me on this security tips.
That means we would not let our devices into the hands of strangers but if I may ask, what about when we take our devices maybe personal computer or phones for repair and we are not there to monitor what they are doing? even when we are there, we might not know what the technician is doing.

I have eSim on my phone but it's from a reliable source, a very big network in my country. Is there any possible way that someone could tamper with it or not? If someone hacked the QR and somewhat put some malicious code or something. Adding it to my phone is really easy.  ???

After reading the title, it kind of reminds me of the video I just watched not too long ago about flipper zero and also this O.MG Elite cable which looks like a normal cable but it isn't just a normal charging cable but also a device that can be used to send or execute a command like taking a picture and more. I hope others who are not aware of this should read op and all the replies. It really isn't safe if you are getting something that isn't trusted or the source is not known.

Most of this gaget is scaring looking out their manipulating power to high Jack some one data, but for me the best option is to keep once crypto in the hard that , be don't have anything to do with order than transmission only, and before any of such one must know where he always Carry out such and how trust worthy the place is in case if necessity can hold them responsible but all the measure provided one need follow strictly to avoid story that touch.

Thanks for the warning and the write up OP,  the only thing I connect to my PC is my smartphone, moving files in and out, nothing else, I know about the dangers of connecting any USB into your PC, as I have messes up my whole Windows OS several times this way.

My mistake then was collecting files from friends through USB flash, movies and software and later my windows OS will start misbehaving, people are so careless that they can carry trojan in their USD flash wherever they go and if you are the type that likes freebies, it's possible you will want some freebies out of a infected USB flash.

Till today, I don't take files and software from anyone anymore, its like they are more careless than I am, as for crypto related softwares, I don't run them on my PC anymore, I bought a airgapped crypto wallet some time ago and it's completely offline, I know that the dangers of fake software are possible to penetrate your hardware wallet security, just be careful when you are updating your hardware wallet.

I prefer not rushing to install the latest software update on my hardware wallet, not after few weeks of the software has been available, just in case if something is wrong with the new update.

There was a time when no password was used on my pc and laptop and my friends and cousins used to come to play games because the configuration of the computer was a little better. But ever since I got involved with this crypto currency I have started using password on my computer and not giving access to anyone other than me.
I think your topic is going to be a warning to those who are new here. Besides, I think it is possible to grab the important information of computer and web browsers through a single pen drive without any kind of hacking device. Like if you give your device to your friend and if he is only plugged a pendrive which has tools like Browser Password decryptor then your all password and data on browser can easily goes to his hand. Moreover, there may be such tools that such software will be auto-run by plugging the pen drive which is capable of taking data. So any unfamiliar device is a plugin on some PCs as well as giving someone else to run your device is risky.

It depends what the source of the sending address is. If you are sending coins to yourself on a compromised machine, then the software you are using can also show you a wrong address. But if I send you an address via this forum or email, then your malware isn't going to replace the original source (my PM/email). A clipboard malware would replace the pasted address, but the source remains unaffected.

I'm not worried about eSims in your phone, I'm worried about (future) compromised hardware that has an eSim embedded in it. Imagine you enter your seed phrase on what you think is an offline system, but there's a keylogger that has it's own eSim data connection to the attacker's server. It will be very difficult to detect.
Even easier if the eSim is inside a fake hardware wallet. The moment you restore your seed phrase, it gets drained.

Why not? A compromised browser could easily replace one address for another. Compromised Tor exit nodes already do that (sslstrip (https://blog.torproject.org/bad-exit-relays-may-june-2020/)).

Isn't it kinda counter productive knowing that you bought a hardwallet with eSim capabilities? To be stored like cold storage an offline system then have an eSim? Or are you saying that fake products could have that kind of technology then sending the hacker data from what you have produced using the fake HW?

The seller won't tell you of course.

Yes. I did mention "a fake hardware wallet". Now that I think about it, it doesn't even have to be a working hardware wallet. Imagine a targeted attack: a burglar replaces your hardware wallet by a fake one. It looks the same, so you won't notice anything suspicious. Weeks later, when you want to use your hardware wallet, you enter your PIN. It gets uploaded to the burglar's server instantly. The device tells you your PIN is incorrect, and you try again. It gets uploaded again.
By the time you realize something's wrong, the burglar has stolen all your funds.

That's freaking scary, I hope no one gets victimized by that, and make sure that you are buying from legitimate stores from their official websites. These posts make me more paranoid and want to secure everything. :o