Bitcoin Forum
November 11, 2024, 04:27:25 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Malicious web sites can inject viruses on your computer to steal your money  (Read 188 times)
tesla80 (OP)
Member
**
Offline Offline

Activity: 448
Merit: 89

Full Stack Engineer


View Profile
June 09, 2018, 08:03:56 PM
Merited by ecnalubma (5), vapourminer (1), xtraelv (1), Zepher (1)
 #1

Hello,

There are many type of web sites we visit everyday, but some of them are just scam and aim to steal your money.
The most dangerous ones are playing against Greed, so the automated trading sites.
I want to talk about the web based trading bots which require often visiting of the bot site.

As you know there are software systems which trades instead of you 24/7 all the time using some predefined or custom strategies.
Some of them are not open source, some of them are just web sites which require membership and sharing of your API keys for the given exchanges.

The ones which are not working on your local (computer), there are some problems and possibilities your money can be stolen.

When you sign up to a bot web site, you are entering an e-mail address, a password, your name and your API keys.

Some of the bot web sites are fake, even if they work, they have some other stuff on mind.

I saw that they try to login to your exchange using your e-mail and the password in case they are the same with the exchange.

In some of the web sites, there are malicious file injections over javascript (mostly for chrome users), simply the web site uploads a virus to your computer and puts it to Startup folder to make sure it will run after next restart (it wont run immediately because your antivirus or even windows firewall will detect it).
After the file injection, you are open for several types of attacks.
Simply they put some keyloggers and steal your e-mail and exchange passwords using pishing.

So you sign up a web site with expecting more money, but you lose your existing money instead.

How to understand that I'm infected?
Be careful if your browser crashes suddenly, they close the browser and expect you to enter your passwords again, then they will get them.
Stay alerted, check some unusual behavior on your computer, for example more CPU usage, suddenly showing up and hiding console windows.

Check the following files, delete them if you have one on your computer:
c:\users\<user>\AppData\Roaming\Adobe\SWF Frame Renderer\swfrenderer.exe
c:\ProgramData\NTuser.pol
c:\users\<user>\AppData\Roaming\2.exe
c:\program files\Common Files\Microsoft Shared\OFFICE16\LICLUA.EXE
c:\program files\Common Files\Microsoft Shared\Office16\Office Setup Controller\pkeyconfig.companion.dll
c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
c:\program files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe
Delete suspicious files and links in this folder:
c:\Users\<user>\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

Useful software for virus removal:
It is recommended that you run and scan in this order.
And yes it is not enough to scan with just a few.
RKill - https://www.bleepingcomputer.com/download/rkill/
TDSKiller - https://usa.kaspersky.com/downloads/tdsskiller
AVG Removal Tool - https://www.avg.com/en-GB/Utilities
AdwCleaner - https://toolslib.net/downloads/finish/1/
FRST - https://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/
JRT - https://www.bleepingcomputer.com/download/junkware-removal-tool/
ComboFix - https://www.bleepingcomputer.com/download/combofix/
RogueKiller - https://www.bleepingcomputer.com/download/roguekiller/
Download Chrome Cleanup Tool - https://www.bleepingcomputer.com/download/chrome-cleanup-tool/
Malwarebytes Anti-Ransomware - https://www.bleepingcomputer.com/download/malwarebytes-anti-ransomware/
Malwarebytes Anti-Rootkit - https://www.bleepingcomputer.com/download/malwarebytes-anti-rootkit/
Malwarebytes Anti-Malware - https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/
CCleaner - https://www.bleepingcomputer.com/download/ccleaner/
Microsoft Security Essentials - https://www.microsoft.com/en-us/download/details.aspx?id=5201

Use antivirus:
Recommended BitDefender Internet Security
You can set up a 30 day trial and clean your computer.
Actually there are tons of antiviruses, if you use all of them as demo for 30 days one by one, you can have antivirus protection for a year or more.

Install antivirus on your smartphone:
You can also install BitDefender and scan it again.

How to create the most secure environment for crypto work?
- Activate 2FA, SMS and all other features in all accounts
- Get withdraw compliant measures
- Do not login to the stock exchange a dozen times a day
- Turn off your computers when you are not using them
- Store your money in more than one stock exchange
- Use a separate email address for each stock exchange
- Use a completely different password for each account
- Turn off password saving
- Use a separate browser for crypto work
- Do not have any plugins in the browser
- Use the browser with a theme, customize it, play with the color, then notice it when you see something different.
- Do a virus scan on the computer before entering the stock market or e-mail
- Do not enter sites with free stuff
- Do not tell anyone that you have Bitcoin
- Use an encrypted virtual machine (VM) for your crypto operations: Linux is recommended
- Be careful 2x more on your Windows computer
- Pay attention to the software you installed on your computer
- Choose the software you use for crypto operations from open source ones
- Change your passwords periodically (for example, add a few characters at the end)
- You can use paper to store passwords, do not leave passwords in txt on your computer
- If you want to keep passwords in txt, please keep these files encrypted with WinZip/WinRaR. It is recommended that you also keep the file in a USB flash
- Pay attention to the addresses of the sites you have entered and the security certificates (key icon in the address bar)
- Do not make your phone jailbreak or root. Use cleanly with the original operating system
- Run virus cleanup software periodically or in any doubt and scan
- Remember that not only crypto money, but also your money in the bank can be stolen the same way

A known bot with malicious team is Cryptohopper.com
You can add here other bots with bad manner.

Cyber Security, Mobile Security, Web/Desktop/Embedded Programming, Electronics, M2M, IoT
Joochil
Newbie
*
Offline Offline

Activity: 6
Merit: 0


View Profile
June 09, 2018, 08:29:54 PM
 #2

"there are malicious file injections over javascript (mostly for chrome users), simply the web site uploads a virus to your computer"

HAHA LOL Thats Impossible JS will NEVER upload a file to your system Stop spreading BULLS****T You're stupid
tesla80 (OP)
Member
**
Offline Offline

Activity: 448
Merit: 89

Full Stack Engineer


View Profile
June 10, 2018, 12:45:15 PM
 #3

"there are malicious file injections over javascript (mostly for chrome users), simply the web site uploads a virus to your computer"

HAHA LOL Thats Impossible JS will NEVER upload a file to your system Stop spreading BULLS****T You're stupid
Stop spamming topics. I'm highly skilled cyber security engineer with 15 years experience. The topic is correct and you are dumb.

Cyber Security, Mobile Security, Web/Desktop/Embedded Programming, Electronics, M2M, IoT
ecnalubma
Sr. Member
****
Offline Offline

Activity: 1540
Merit: 420


www.Artemis.co


View Profile
June 10, 2018, 04:10:23 PM
 #4

Thanks for these mate, I have learned new tips on how to make my crypto activities more secured. What we do in crypto is not just about making money aside from it we must also be aware of these treats that we encounter daily and not setting aside our security it is more important than making money. 

..A R T E M I S..|
▀▄▀ PRESALE IS NOW LIVE! VISIT THE WEBSITE ▀▄▀
|📌 TWITTER
📌 YOUTUBE
📌 TELEGRAM
|
xtraelv
Legendary
*
Offline Offline

Activity: 1288
Merit: 1926


฿ear ride on the rainbow slide


View Profile
June 11, 2018, 10:28:22 PM
 #5

Chrome allows you to turn JavaScript off and on for websites.  To do so, follow these steps:

If you'd like to turn JavaScript off or on for all sites:
Click the Chrome menu More in the top right hand corner of your browser
Select Settings
Click Show advanced settings
Under the "Privacy" section, click the Content settings button.
In the "Javascript" section, select "Do not allow any site to run JavaScript" or "Allow all sites to run JavaScript (recommended)"
If you are seeing a message pop up that says you have to enable javascript, but you have javascript enabled after checking the steps above, you may have malware.

Source: https://productforums.google.com/forum/#!msg/chrome/BYOQskiuGU0/p5M_3BKs26EJ

We are surrounded by legends on this forum. Phenomenal successes and catastrophic failures. Then there are the scams. This forum is a digital museum.  
* The most iconic historic bitcointalk threads.* Satoshi * Cypherpunks*MtGox*Bitcointalk hacks*pHiShInG* Silk Road*Pirateat40*Knightmb*Miner shams*Forum scandals*BBCode*
Troll spotting*Thank you to madnessteat for my custom avatar hat.
Joochil
Newbie
*
Offline Offline

Activity: 6
Merit: 0


View Profile
June 12, 2018, 12:02:18 AM
 #6

"there are malicious file injections over javascript (mostly for chrome users), simply the web site uploads a virus to your computer"

HAHA LOL Thats Impossible JS will NEVER upload a file to your system Stop spreading BULLS****T You're stupid
Stop spamming topics. I'm highly skilled cyber security engineer with 15 years experience. The topic is correct and you are dumb.

OK Mr skillz highly man SHOW OR WRITE ONE FUCK***ING JS SCRIPT AND UPLOAD IT TO A SHELL (I CAN SEND YOU ONE!) AND THAN I SWEAR TO GOD THAT I WILL CLICK ON IT WHILE RECORDING A VIDEO PROOF AND THAN HACK ME ? COOOME ON IM READY TO BET WITH BTC ON THIS .

IF YOU CANT THAN GO AND DIE U CRAPPY FACE .
NOTE: FOR ESCROW WE WILL USE OgNasty BET: 1 BTC


Rules: As you said ONCE I CLICK on the website you will FUUUUUUUUUUUUU*ing HACk ME IM WAITING
Zepher
Copper Member
Hero Member
*****
Offline Offline

Activity: 686
Merit: 603


Electricity is really just organized lightning


View Profile
June 12, 2018, 09:00:49 AM
 #7

Great post OP, have a merit on me.

Z



I could even recommend that this post is stickied considering the concise and full information in protecting yourself (if you don't know how) that this user has provided. Thanks again.

My only payment address: 1ZephertJThxkHih7XcaUHBkMSnvkTt5u
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!