Bitcoin Forum
December 12, 2024, 01:50:37 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1] 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 »
  Print  
Author Topic: Trojan Wallet stealer be careful  (Read 50296 times)
Nefario (OP)
Hero Member
*****
Offline Offline

Activity: 602
Merit: 513


GLBSE Support support@glbse.com


View Profile WWW
June 17, 2011, 06:22:35 AM
Last edit: September 09, 2012, 06:56:12 AM by psy
 #1

Many wallet-stealing trojans exist. These trojans are viruses that steal your BTC. If your BTC is stolen, there is effectively zero chance of getting it back.

Worse yet, there are plenty of script kiddies and scammers that are going to be trying to get you to download and install it.

Don't install anything linked to on this forum, unless it's been found to be legit by someone with a good reputation. Assume everything is an attempt to steal your wallet.

You should also encrypt your wallet when not in use. In Bitcoin-Qt, click Settings in the menu bar and then click "Encrypt Wallet". Make sure to use a strong passphrase, but don't forget it! If you forget the passphrase, you will lose all your BTC. Other encryption methods exist, but are more complicated.

You have been warned. Be safe!

Nefario

PGP key id at pgp.mit.edu 0xA68F4B7C

To get help and support for GLBSE please email support@glbse.com
datnoidpoop
Newbie
*
Offline Offline

Activity: 10
Merit: 0


View Profile
June 17, 2011, 06:39:29 AM
 #2

mmmmm, would've been helpful to describe the trojan scam.
AtomicTrader
Newbie
*
Offline Offline

Activity: 34
Merit: 0


View Profile
June 17, 2011, 07:01:51 AM
 #3

Hmmm, what if the link provided above is the trojan?  Grin
Bitman_Begins
Member
**
Offline Offline

Activity: 84
Merit: 10



View Profile WWW
June 17, 2011, 07:14:27 AM
 #4

Thanks for that mate  Smiley

Want to join Tradehill.com? Please use this referral code as you join: TH-R18919

Join the Bitcoin Randomizer using this link and start winning Bitcoins! http://rand.bitcat.ch/?ref=128

Tip me! 1NBN21CDpuc6Gyns2oqRjDSvxaanMeYfbY
UniqueDesigns
Newbie
*
Offline Offline

Activity: 1
Merit: 0


View Profile
June 17, 2011, 07:29:59 AM
 #5

mmmmm, would've been helpful to describe the trojan scam.
You can read it here. https://forum.bitcoin.org/index.php?topic=16457.0

As a Newbie, I can't post on that thread.

So, here's my thought on the subject.

If Bitcoins are a set of digital Alpha/numerric characters for each Bitcoin, then each REAL transaction should add the sellers 'input' characters to the code that verify that the seller ACTUALLY sold them to a Specific buyer, who know has them in his Account/s. They need to be traceable, that way.
So, stealing them would not add any verifiable characters to each Bitcoin, which should render them worthless to the thief, but still holding their value for the owner they were 'stolen' from.
IF he was SMART enough to keep them backed-up, then he'd still have his version of the digital docs, that have his code attached to them,

NO?
Gdecelia
Newbie
*
Offline Offline

Activity: 10
Merit: 0


View Profile
June 17, 2011, 07:48:49 AM
 #6

There will always be problem with "things".. I want bitcoin to stay untracable.  Bitcoin isn't God's currency.. there will always be problems, however we have to work collectively to "fuckup" whatever and whomever is trying to destroy our cyber economy.  I propose anyone who can hack, or "good at computers" should join forces and destroy this threat.  This is the closest thing we have to freedom!
KSauce
Newbie
*
Offline Offline

Activity: 6
Merit: 0


View Profile
June 17, 2011, 08:13:39 AM
 #7

mmmmm, would've been helpful to describe the trojan scam.
You can read it here. https://forum.bitcoin.org/index.php?topic=16457.0

As a Newbie, I can't post on that thread.

So, here's my thought on the subject.

If Bitcoins are a set of digital Alpha/numerric characters for each Bitcoin, then each REAL transaction should add the sellers 'input' characters to the code that verify that the seller ACTUALLY sold them to a Specific buyer, who know has them in his Account/s. They need to be traceable, that way.
So, stealing them would not add any verifiable characters to each Bitcoin, which should render them worthless to the thief, but still holding their value for the owner they were 'stolen' from.
IF he was SMART enough to keep them backed-up, then he'd still have his version of the digital docs, that have his code attached to them,

NO?

How would this affect the trace-ability of the coins?
Vladimir
Hero Member
*****
Offline Offline

Activity: 812
Merit: 1001


-


View Profile
June 17, 2011, 08:22:30 AM
 #8

If you have more than 1000 Bitcoins in your wallet:

1. get yourself a low cost netbook.
2. Install not bloated linux (like archlinux) or FreeBSD or OpenBSD (in order of growing paranoia).
   - make sure that the above is done with ecrypted partitions and swap (plenty of guides on the net).
   - make sure that the above is done while offline as much as possible (for truly paranoid ones).
   - make sure that you do not not even configure wireless hardware, let alone using it
   - physically plug in Ethernet cable when you need connectivity for a minute or so
3. Install bitcoin client, generate a bunch of bitcoin addresses (current account)
4. Over time transfer in small amounts your funds from your existing client to the addresses created in step 3
5. Keep this used exclusively as bitcoin client and nothing else, plug in Ethernet cable when you need to transfer money.
6. Keep this hardware wallet safe.
7. Creating a bitcoin savings account and making secure backups is still need to be done as described in multiply guides elsewhere.

P.S. Do not forget your passwords.





-
newunit16
Member
**
Offline Offline

Activity: 133
Merit: 10


View Profile
June 17, 2011, 08:41:52 AM
 #9

i believe i am the exception when it comes to people who use windows, but i have:
a) never used virus prevention program
and
b) never had a virus.

practice common sense when downloading and using software on a windows machine. this should be your credo.

if you are really worried, you should read and follow the instructions given on another post about "how to secure your wallet".
basically you create a new "savings" wallet on a known virus-free OS and back it up. you should only SEND money to it, and should only ACCESS it from a known virus-free os.

p.s. i have a program that will generate 50382 FREE BTC! PM ME FOR LENK TEU DOWNLOEDS!9
SomeoneWeird
Hero Member
*****
Offline Offline

Activity: 700
Merit: 500


View Profile
June 17, 2011, 08:56:30 AM
 #10

i believe i am the exception when it comes to people who use windows, but i have:
a) never used virus prevention program
and
b) never had a virus.

practice common sense when downloading and using software on a windows machine. this should be your credo.

if you are really worried, you should read and follow the instructions given on another post about "how to secure your wallet".
basically you create a new "savings" wallet on a known virus-free OS and back it up. you should only SEND money to it, and should only ACCESS it from a known virus-free os.

p.s. i have a program that will generate 50382 FREE BTC! PM ME FOR LENK TEU DOWNLOEDS!9

I doubt that, very much.
Vladimir
Hero Member
*****
Offline Offline

Activity: 812
Merit: 1001


-


View Profile
June 17, 2011, 08:58:32 AM
 #11

newunit16, lol.

Yep.

- Doctor, what shall I do to avoid AIDS?
- Drink milk.
- Before or after...?
- Instead of.

-
newunit16
Member
**
Offline Offline

Activity: 133
Merit: 10


View Profile
June 17, 2011, 09:16:35 AM
 #12

like i said, i am sure i am the exception.

i work in the IT business, and i am aware of how uncommon this is, which is why i said i am the exception. i am not boasting here, i am not trying to enlarge my "epeen". it is mere fact.

it should go without saying that a bit of common windows sense will go a long way in preventing the spread of virii. i suppose i should have said that was what i was trying to emphasize when i stated i have never had a windows virus. but, i thought it went without saying.
Vladimir
Hero Member
*****
Offline Offline

Activity: 812
Merit: 1001


-


View Profile
June 17, 2011, 09:19:18 AM
 #13

like i said, i am sure i am the exception.

i work in the IT business, and i am aware of how uncommon this is, which is why i said i am the exception. i am not boasting here, i am not trying to enlarge my "epeen". it is mere fact.

Do not worry m8, even if you are an exception, you are not the only one.

-
newunit16
Member
**
Offline Offline

Activity: 133
Merit: 10


View Profile
June 17, 2011, 09:25:00 AM
 #14



Do not worry m8, even if you are an exception, you are not the only one.

im sure im not, but im also sure we are a rare breed these days.
seppohovi
Newbie
*
Offline Offline

Activity: 5
Merit: 0


View Profile
June 17, 2011, 09:39:34 AM
 #15

http://www.symantec.com/security_response/writeup.jsp?docid=2011-061615-3651-99&tabid=2
donjoe
Full Member
***
Offline Offline

Activity: 183
Merit: 100



View Profile
June 17, 2011, 09:47:51 AM
 #16

Quote
FreeOTFE is an On The Fly Encryption application.

You can use it instead of TC because it doesn't need to be installed
TrueCrypt also has a portable version.

But anyway, like the victim said, encryption alone isn't a solution. Encryption is nothing unless your system is guaranteed to be malware-free. Keyloggers can easily steal your password, which makes all the encryption in the world useless.

Use a secure non-Windows OS to store your wallet and restrict its exposure to the Internet as much as humanly possible (minuscule online time, aggressive firewall settings, aggressive anti-malware settings, aggressive antivirus settings etc.).

▮█     KRYLL     ▮█     AUTOMATED CRYPTO TRADING STRATEGIES MADE SIMPLE     ▮█
▁▁   ▮ █     Whitepaper   █   Token sale will start on Feb 7, 2018   █   Announcement     █ ▮   ▁▁
╚═══════●  ﹙ Telegram ﹚  ●●  ﹙ Twitter ﹚  ●●  ﹙ Facebook ﹚  ═══════╝
doomy
Newbie
*
Offline Offline

Activity: 28
Merit: 0



View Profile
June 17, 2011, 09:50:19 AM
 #17

Use a secure non-Windows OS

Any OS can be insecure and have the potential to compromise your wallet file. It all depends on the user. You can be using OpenBSD but have a password called love123.
newunit16
Member
**
Offline Offline

Activity: 133
Merit: 10


View Profile
June 17, 2011, 10:14:10 AM
 #18

Use a secure non-Windows OS

Any OS can be insecure and have the potential to compromise your wallet file. It all depends on the user. You can be using OpenBSD but have a password called love123.

this is true. it is also not necessary to use a non-windows os to create your "savings" wallet. so long as the install is known to be malware free during creation, and you do not use but rather back up this wallet, you're good.

reformat windows, make wallet, backup and encrypt then delete original: gold. ONLY access said wallet from a known non-malware OS.
donjoe
Full Member
***
Offline Offline

Activity: 183
Merit: 100



View Profile
June 17, 2011, 11:14:07 AM
 #19

Any OS can be insecure
You're being wilfully ignorant of the fact that Windows is much more popular and therefore much more effort has been put into developing hacks and exploits for it than for other OSes. Wilful ignorance doesn't make decisions simpler, it makes them more probably wrong.

▮█     KRYLL     ▮█     AUTOMATED CRYPTO TRADING STRATEGIES MADE SIMPLE     ▮█
▁▁   ▮ █     Whitepaper   █   Token sale will start on Feb 7, 2018   █   Announcement     █ ▮   ▁▁
╚═══════●  ﹙ Telegram ﹚  ●●  ﹙ Twitter ﹚  ●●  ﹙ Facebook ﹚  ═══════╝
aristidesfl
Newbie
*
Offline Offline

Activity: 7
Merit: 0


View Profile
June 17, 2011, 11:28:28 AM
 #20

Analysis by Symantec:
http://www.symantec.com/connect/blogs/all-your-bitcoins-are-ours
Pages: [1] 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 »
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!