[1] Malicious software — or “malware” for short — is a broad class of software built with malicious intent. Over the course of the last few years, malware infection attempts on this forum has become increasingly sophisticated. Below is a summary of infection techniques that I have encountered. With the most sophisticated attacks, common sense and
virus scans sometimes are not sufficient to ensure safety.
"latest wallet"/"custom wallet"/"faster miner"A newbie asks for the latest wallet, or wallet that doesn't have any TX fees, or the latest/fastest miner, and the attacker posts a program with malware embedded as a response. This type of attempt usually gets spotted pretty quickly.
Copied/new ANNThe attacker creates a new ANN topic and posts a malware link as the download file (or a legit one and changes it to a malware one later).
Replacing links in quotesThe attacker quotes a legitimate post containing a download link written by the real developer (usually the OP or a update post) and changes the link within the quote to a malware link.
Compromised dev accountThe developer account (usually responsible for making the OP) is compromised and a "mandatory update" is posted. This usually happens with old/abandoned coins so the real developer isn't there to notice the rogue update.
Packed/FUD executablesIn most of the cases above, the malware has little to no detections on virustotal. This is because any script kiddie can pay $30 and have their malware crypted, rendering them fully undetectable.
Good security practices:
Don't immediately open attachments or click on suspicious looking linksHackers are very good at creating fake emails that look like they are legitimate (usually malware disguised as legitimate files). Either ignore such requests or independently verify that the supposed source did send the email to you. It is also good practice to at least scan the links or files with
Virustotal.
Anti-Virus/Anti-Malware softwareInstall good anti-virus and anti-malware software that periodically searches for and removes threats. Make sure to keep the software updated at all times and set a scan schedule.
Spam FiltersThe forum database was compromised in 2015 which resulted in the emails associated with the accounts being dumped. You are likely already receiving some spam emails due to this. Your email provider my have decent spam filters that will block out some spam.
Be careful with everythingAlways be careful with what kind of files you download and run, or what kind of drives you plug into your machine. Both may contain self-executing and undetectable malware.
Use common senseNobody is going to give you some *get-rich* Bitcoin mining software, nor is somebody going to sell you any kind of legitimately acquired goods at unreasonably low prices. Do not download and run software from unknown/random users on a machine that you actively use. Even running it inside a VM may not be safe enough.
Untrusted WebsitesDon’t visit untrusted websites and take everything you read with a small grain of salt. Hackers tend to create fake websites and pop-ups with enticing messages that are intended to lure you in and download malware. There have been a lot of phishing attacks such as: Phishing ADs on Google, fake Bitcoin wallets on iOS and Google Play stores, etc.
Sources:[1]
Beware of Increasingly Sophisticated Malware Infection Attempts