Bitcoin Forum
December 09, 2016, 02:13:40 AM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: « 1 2 3 4 [5] 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 »
  Print  
Author Topic: Trojan Wallet stealer be careful  (Read 47112 times)
X68N
Hero Member
*****
Offline Offline

Activity: 546


View Profile
June 23, 2011, 02:41:45 PM
 #81

Install that trojan on a new setup PC, and spam the trojanholder with real fat/high count of defunct wallet.dat

This is Spamming, and the Trojanuser which want to steal wallets deserve it,
getting nothing else than bullshit.
Maybe this should done in Network ;-)

Coinbase - All your money are belong to us  Cheesy -> http://de.wikipedia.org/wiki/All_your_base_are_belong_to_us
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481249620
Hero Member
*
Offline Offline

Posts: 1481249620

View Profile Personal Message (Offline)

Ignore
1481249620
Reply with quote  #2

1481249620
Report to moderator
1481249620
Hero Member
*
Offline Offline

Posts: 1481249620

View Profile Personal Message (Offline)

Ignore
1481249620
Reply with quote  #2

1481249620
Report to moderator
1481249620
Hero Member
*
Offline Offline

Posts: 1481249620

View Profile Personal Message (Offline)

Ignore
1481249620
Reply with quote  #2

1481249620
Report to moderator
minor_miner
Newbie
*
Offline Offline

Activity: 28


View Profile
June 23, 2011, 03:29:16 PM
 #82

Install that trojan on a new setup PC, and spam the trojanholder with real fat/high count of defunct wallet.dat

This is Spamming, and the Trojanuser which want to steal wallets deserve it,
getting nothing else than bullshit.
Maybe this should done in Network ;-)

Awesome idea! Encrypt them weakly and/or compress them to the max, as well, so that he spends a bit time to open them. Or make a 2 GB big wallet.dat. Or make a Virus that runs upon opening the wallet.dat Cheesy

Where can I find the Trojan as file?

And how are we supposed to send loads of wallets from different IPs? He could just ignore the rest if he opened 3 malicious wallet.dats from one IP and resetting the router after every sent wallet is a bit painful. This should be automized somehow.
Niloo92
Newbie
*
Offline Offline

Activity: 4


View Profile
June 23, 2011, 04:11:38 PM
 #83

Would this work ?
as protection from the trojan ?
http://forum.bitcoin.org/index.php?topic=21530.0
coinage
Member
**
Offline Offline

Activity: 60


View Profile
June 24, 2011, 12:24:58 AM
 #84

i believe i am the exception when it comes to people who use windows, but i have:
a) never used virus prevention program
and
b) never had a virus.

practice common sense when downloading and using software on a windows machine. this should be your credo.


[The below posting actually ends very optimistically.]


Regarding your comments, I felt the same way and got away with it for the longest time, but the reality is this:

You will be right about being safe every time you go online
. . . until you are wrong !


I realized this when I more than once halted a partial intrusion (in the days before bitcoin), using a diligently adjusted outbound firewall.  The moment unwanted code runs on your machine, or might have, you may be toast -- and often won't know it.  (That's true with or without antivirus software, especially when up against stealthy wallet stealing code that could hurt you months after it runs a single time.)

Keeping every piece of software from every vendor up to date on Windows is just not very practical (and it's expensive, and so tedious).  Since then I have switched to Linux, where major distributions make it easy to update virtually all your software (including applications) at no cost, in one operation, without having to go to any websites or do much work at all.  But I don't pretend that I can be completely secure even now.

Since it only takes one infiltration to compromise your system, and since you could lose files or gain an undetectable rootkit, it makes sense to only keep low-value wallets (and no lists of critical bitcoin-related passwords) on daily-use machines, at least UNTIL a dramatically new level of security is available.  (Keep the rest on a non-networked machine for now.  An alternative might be to install a simple, trusted OS which has your Bitcoin client but nothing else, and on top of that to run a fully virtualized copy of Windows/Linux for daily use, provided you can ensure the guest OS can't directly touch most of your hardware.)


Appearances to the contrary, I think there actually are feasible, user-friendly solutions to the problem ... of beginners ... using Bitcoin clients ... with big wallets ... on possibly infected computers.  Coming up, I will discuss them in some detail with the developers or in the appropriate forums.
m4dhatter
Member
**
Offline Offline

Activity: 69


View Profile
June 24, 2011, 01:19:54 PM
 #85

I just cant stress enough. Keep your wallet backed up on a machine not connected to the net!
aggietallboy
Newbie
*
Offline Offline

Activity: 17


View Profile
June 24, 2011, 03:54:25 PM
 #86

i believe i am the exception when it comes to people who use windows, but i have:
a) never used virus prevention program
and
b) never had a virus.

practice common sense when downloading and using software on a windows machine. this should be your credo.

if you are really worried, you should read and follow the instructions given on another post about "how to secure your wallet".
basically you create a new "savings" wallet on a known virus-free OS and back it up. you should only SEND money to it, and should only ACCESS it from a known virus-free os.

p.s. i have a program that will generate 50382 FREE BTC! PM ME FOR LENK TEU DOWNLOEDS!9

Unless you are running a good firewall, the average time to infection for an unprotected windows PC on the internet is under 1 minute now.

You *may* be in denial.
Globz
Newbie
*
Offline Offline

Activity: 14

www.kittybomber.com


View Profile WWW
June 24, 2011, 03:55:36 PM
 #87

Check out BitVault LiveCD, its a great way to do safe transactions.
http://www.kittybomber.com/BitVault

BitVault LiveCD - Bitcoin Secure Transactions Environment
http://www.kittybomber.com/BitVault
asuspowered
Newbie
*
Offline Offline

Activity: 17


View Profile
June 24, 2011, 07:01:05 PM
 #88

**** VIRUS *** ALERT*** MINERS (NAMECOIN / BITCOIN)

i just wanna say that there was many different forms of viruses that will be coming out to steal wallet.dat.. i recommend using the howto in the newbies section on how to secure your wallet.data  ... but i just wanted to point out that there:

THERE ARE FAKE   GUIminer programs out there.. Make sure you download your miner software from a legit trusted site!!

not only do they steal Bitcoin wallet.dat   but they steal NAMECOIN wallet.dat TOO...

SO BE WARE OF YOUR DOWNLOADS FELLOW MINERS
syb3ria
Jr. Member
*
Offline Offline

Activity: 56


'buntusiast


View Profile
June 24, 2011, 11:06:20 PM
 #89

Actually what i'm expecting next is trojan miner to appear. No need to steal wallet.dat if you can infest 10 000 pc's to mine for you. Even with the CPU's only mining, this is very massive computing power. This is bad scenario but... not impossible. So... Beware!
anon112
Newbie
*
Offline Offline

Activity: 20


we be minin'


View Profile
June 24, 2011, 11:37:24 PM
 #90

This is deeply worrying I've only just started out in this game and have just ordered 2 6990's to put in my first rig and the fact that wallet.dat files are not encrypted in the first place is just bizzare, I hope I don't lose any money to this when I start mining.

Sharecoin: SdvAyYUqJ7boaMfpCivDkAt11CRPdWCXAs
Owlster
Newbie
*
Offline Offline

Activity: 3



View Profile WWW
June 24, 2011, 11:55:50 PM
 #91

This is deeply worrying I've only just started out in this game and have just ordered 2 6990's to put in my first rig and the fact that wallet.dat files are not encrypted in the first place is just bizzare, I hope I don't lose any money to this when I start mining.

Why would you have your wallet.dat file on your mining rig?

To throw out the thought constructs that have been imposed on man for generations and express ones true self by unleashing the holographic mind is the ultimate act of rebellion!
percymate
Newbie
*
Offline Offline

Activity: 14


View Profile
June 25, 2011, 02:49:31 AM
 #92

Funny, you say don't download links on the forum and you post a link.

Just get GPG and encrypt your wallet and back it up. That way, even if someone gets your wallet, they won't be able to use it.
smoothie
Legendary
*
Offline Offline

Activity: 1848


LEALANA Monero Physical Silver Coins


View Profile
June 25, 2011, 09:29:03 PM
 #93

Maybe we should continue to encourage people to use linux/ubuntu?

███████████████████████████████████████

            ,╓p@@███████@╗╖,           
        ,p████████████████████N,       
      d█████████████████████████b     
    d██████████████████████████████æ   
  ,████²█████████████████████████████, 
 ,█████  ╙████████████████████╨  █████y
 ██████    `████████████████`    ██████
║██████       Ñ███████████`      ███████
███████         ╩██████Ñ         ███████
███████    ▐▄     ²██╩     a▌    ███████
╢██████    ▐▓█▄          ▄█▓▌    ███████
 ██████    ▐▓▓▓▓▌,     ▄█▓▓▓▌    ██████─
           ▐▓▓▓▓▓▓█,,▄▓▓▓▓▓▓▌          
           ▐▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▌          
    ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓─  
     ²▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓╩    
        ▀▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▀       
           ²▀▀▓▓▓▓▓▓▓▓▓▓▓▓▀▀`          
                   ²²²                 
███████████████████████████████████████

. ★☆ WWW.LEALANA.COM        My PGP fingerprint is A764D833.        SMOOTHIE'S HEALTH AND FITNESS JOURNAL          History of Monero development Visualization ★☆ .
LEALANA  PHYSICAL MONERO COINS 999 FINE SILVER.
 
Wayen
Newbie
*
Offline Offline

Activity: 21


View Profile
June 26, 2011, 02:48:38 AM
 #94


What about the use of something like virtualbox with linux inside? Might use some cpu/gpu for nothing more?
Quantus
Hero Member
*****
Offline Offline

Activity: 669



View Profile
June 27, 2011, 12:59:00 AM
 #95

Running Windows 7 ultimate. I have installed Vitualbox with >Unbuntu now I can run my Bitcoin client inside of this (sandbox?) and still back it up with Dropbox and encrypt it with Turecrypt. Do I even need anti virus on this Unbuntu install? I will only use it to send and receive bitcoins. Am i safe from the Trojan Wallet stealer?

(I am a 1MB block supporter who thinks all users should be using Full-Node clients)
Avoid the XT shills, they only want to destroy bitcoin, their hubris and greed will destroy us.
Know your adversary https://www.youtube.com/watch?v=BKorP55Aqvg
suniasunshine
Newbie
*
Offline Offline

Activity: 8


View Profile
June 27, 2011, 05:03:32 AM
 #96

mmmmm, would've been helpful to describe the trojan scam.
My thoughts exactly.

14Mvbz2kTNCabRj6WKz2E1Un2VSHUfpMiu
ajareselde
Legendary
*
Offline Offline

Activity: 1414


✔ Need a manager !? https://goo.gl/S51oFc


View Profile
June 27, 2011, 08:24:50 AM
 #97

cant be too carefull, but does this truly save u from being robbed..

.BitDice.               ▄▄███▄▄
           ▄▄██▀▀ ▄ ▀▀██▄▄
      ▄▄█ ▀▀  ▄▄█████▄▄  ▀▀ █▄▄
  ▄▄██▀▀     ▀▀ █████ ▀▀     ▀▀██▄▄
██▀▀ ▄▄██▀      ▀███▀      ▀██▄▄ ▀▀██
██  ████▄▄       ███       ▄▄████  ██
██  █▀▀████▄▄  ▄█████▄  ▄▄████▀▀█  ██
██  ▀     ▀▀▀███████████▀▀▀     ▀  ██
             ███████████
██  ▄     ▄▄▄███████████▄▄▄     ▄  ██
██  █▄▄████▀▀  ▀█████▀  ▀▀████▄▄█  ██
██  ████▀▀       ███       ▀▀████  ██
██▄▄ ▀▀██▄      ▄███▄      ▄██▀▀ ▄▄██
  ▀▀██▄▄     ▄▄ █████ ▄▄     ▄▄██▀▀
      ▀▀█ ▄▄  ▀▀█████▀▀  ▄▄ █▀▀
           ▀▀██▄▄ ▀ ▄▄██▀▀
               ▀▀███▀▀
        ▄▄███████▄▄
     ▄███████████████▄
    ████▀▀       ▀▀████
   ████▀           ▀████
   ████             ████
   ████ ▄▄▄▄▄▄▄▄▄▄▄ ████
▄█████████████████████████▄
██████████▀▀▀▀▀▀▀██████████
████                   ████
████                   ████
████                   ████
████                   ████
████                   ████
████▄                 ▄████
████████▄▄▄     ▄▄▄████████
  ▀▀▀█████████████████▀▀▀
        ▀▀▀█████▀▀▀
▄▄████████████████████████████████▄▄
██████████████████████████████████████
█████                            █████
█████                            █████
█████                            █████
█████                            █████
█████                     ▄▄▄▄▄▄▄▄▄▄
█████                   ▄█▀▀▀▀▀▀▀▀▀▀█▄
█████                   ██          ██
█████                   ██          ██
█████                   ██          ██
██████████████████▀▀███ ██          ██
 ████████████████▄  ▄██ ██          ██
   ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ ██          ██
             ██████████ ██          ██
           ▄███████████ ██████▀▀██████
          █████████████  ▀████▄▄████▀
[/]
heroBitcoin
Newbie
*
Offline Offline

Activity: 12


View Profile
June 27, 2011, 05:25:21 PM
 #98

shound use linux, it is more secure.
bitz000
Newbie
*
Offline Offline

Activity: 5


View Profile
June 27, 2011, 07:08:35 PM
 #99

Oh noes.

-encrypts wallet immediately-
david4dev
Jr. Member
*
Offline Offline

Activity: 56


View Profile WWW
June 27, 2011, 11:44:55 PM
 #100

I'm guessing there isn't a version of this trojan for Linux ... yet.

I don't really have enough bitcoins to be worried about this yet. When I do I will definitely move to a more secure model than just using my installed Linux machine (I'm thinking a couple of USBs and encryption for my 'savings account' walet).

I hope other Linux users aren't being complacent. While it is inherently more secure than Windows, it is still very easy to create a simple trojan. All that's needed is a script to upload ~/.bitcoin/wallet.dat to some remote server and disguise this as some other (probably bitcoin related) software. Stick to the official repositories for your distribution where possible.

Wallet Manager | 1NPxP8LMt22gjK5unW8W2gB9ruqyvytkpt
Pages: « 1 2 3 4 [5] 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 »
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!