Trojan Wallet stealer be careful

[Skar3]

just be careful and encrypt your wallet

[1524731890]

1524731890

[1524731890]

1524731890

[ukpyr]

my wallet is running on a macbook pro so is safe! thanks god

As a software developer focusing on web stuff, more and more of my peers are using Apple products to do their work. The more familiar the developer pool is with the MB, the more malware/trojans/viruses will come out specifically for that. Even if marketshare remains fixed. iOS development has really increased this in particular.

Assuming you're safe because of one fact, is a bad security practice. No one is 100% safe in computing, just like in life. It's all about risk REDUCTION.

[mclovin]

Given how much of a hassle it is to keep one's wallet file secure, it's no surprise that many people keep their coins in online wallets (where they're likely in even bigger danger).

[ama]

3. Install bitcoin client, generate a bunch of bitcoin addresses (current account)
4. Over time transfer in small amounts your funds from your existing client to the addresses created in step 3

Hi,

Why do you (and others) recommend to generate several addresses instead of only one?  Is there any advantage on doing that?  I've seen it recommended some other times and also people asking why, but nobody seems to answer and explain it.

[armaman]

use privatix to create an encrypted bootable (linux) usb disk. store your wallet there, and encrypted on a backup. access your wallet only from the bootable disk and you will be fine.

[Tanner]

It is the best method, flash disk with secure os, without any additional software, only coin client. Wallet address printed and used to payment. It guarantee no hack and hijacks

[strider007]

many wallets in many places. Kind of not all eggs in one basket thing.

[bully]

many wallets in many places. Kind of not all eggs in one basket thing.

too hard to maintain.
just install linux on a free partition of your computer, download btcclient and host your BTC there.
would also be the best solution if you're just surfing/emailing

[titbb]

Thanks for the headsup though, but i almost never use my wallet locally, and have send the funds directly to gox and the like.

Just hoping they dont do stupid things though

[Stalin-chan]

There is a (new?) trojan wallet stealer out in the wild ATM.

Plenty of script kiddies and scammers are going to be trying to get you to download and install it, what's more they'll be putting posts to do so (using lies obviously).

Don't install anything linked to on this forum, unless it's been found by someone with a good reputation to be legit. Assume everything is an attempt to steal your wallet.

You should also encrypt your wallet when not in use.
http://www.freeotfe.org/

Here is a portable apps version http://www.freeotfe.org/downloads/FreeOTFEExplorer_3_51.paf.exe

You have been warned.

Nefario

I can't run exe's in Linux.

[SomeoneWeird]

http://bitcoin.crimeunit.net/wiki/index.php/Trojans

[JonHind]

I would never trust my wallet.dat being contained on a Windows machine. Come to that, I also won't use any Android apps either for bitcoin purposes.

I've also had some friends who have been hit with the mining trojan that is doing the rounds at the moment. This is why a secured linix box (or even a VM) is a must when it comes to dealing with BTC's

[Stalin-chan]

Linux is the superior choice everytime.

[anthonya1g]

If you have more than 1000 Bitcoins in your wallet:

1. get yourself a low cost netbook.
2. Install not bloated linux (like archlinux) or FreeBSD or OpenBSD (in order of growing paranoia).
   - make sure that the above is done with ecrypted partitions and swap (plenty of guides on the net).
   - make sure that the above is done while offline as much as possible (for truly paranoid ones).
   - make sure that you do not not even configure wireless hardware, let alone using it
   - physically plug in Ethernet cable when you need connectivity for a minute or so
3. Install bitcoin client, generate a bunch of bitcoin addresses (current account)
4. Over time transfer in small amounts your funds from your existing client to the addresses created in step 3
5. Keep this used exclusively as bitcoin client and nothing else, plug in Ethernet cable when you need to transfer money.
6. Keep this hardware wallet safe.
7. Creating a bitcoin savings account and making secure backups is still need to be done as described in multiply guides elsewhere.

P.S. Do not forget your passwords.

This is a good tip, although I don't have more than 20 bitcoins lol

[pollus]

Or you had really bad experience or you have way to much free time
I know that setting a laptop like that is a matter of spending 2 -3 hours in front of the screen but most people (including me) will do that after they got burnt. For now I am running on Ubuntu and I feel quite safe behind two firewalls and so on so I do not think there is a need for so drastic measures in my case anyway.

Regards 1

[Vladimir]

Or you had really bad experience or you have way to much free time
I know that setting a laptop like that is a matter of spending 2 -3 hours in front of the screen but most people (including me) will do that after they got burnt. For now I am running on Ubuntu and I feel quite safe behind two firewalls and so on so I do not think there is a need for so drastic measures in my case anyway.

Regards 1

I am simply professionally paranoid and do it before I (could) get burned.

[Bebop]

unless it's been found by someone with a good reputation to be legit

Rep alone is a great start but not the final checking point. When installing apps recomended even by the reputable (yes, who reccomended it to them?) you should also do your own research, for example, Google query of : Appname + trojan, to start with. Also, if the app requires admin rights to install or execute (even in the case of a portable app), then the best practice is to install it sandboxed with network access disabled. Actually if its not intended as a network app, sandbox it or firewall it regardless. Since Windows 7 has a lack of decent lightweight firewall, sanbox may be the best bet for many here.

[LoupGaroux]

Good to remember that the weakest link in any chain of security is the user.

Who is the user for your wallet?

You.

Forewarned is forearmed, and the only thing wrong with paranoia is that it doesn't make you cautious enough. They don't make parables up about the wise man who thought ahead and planned for everything to go exactly wrong at the worst possible moment in the most disastrous way. No, they make them up about the silly rabbits who think that the sky will never, ever fall on their heads. Bad people are out there planning and coding bad things for you right now as we speak, and they have nothing but ill will and criminal intent towards you.

Practice safe Bitcoining at all times. You never know where that block has been.

[micgrez]

What the fuck is bitcoins? lol, I really dunnp:S

[infiniblank]

What if the program above was the spyware!!! mind blown.