Trojan Wallet stealer be careful

[X68N]

Install that trojan on a new setup PC, and spam the trojanholder with real fat/high count of defunct wallet.dat

This is Spamming, and the Trojanuser which want to steal wallets deserve it,
getting nothing else than bullshit.
Maybe this should done in Network ;-)

[1713878808]

1713878808

[1713878808]

1713878808

[1713878808]

1713878808

[minor_miner]

Install that trojan on a new setup PC, and spam the trojanholder with real fat/high count of defunct wallet.dat

This is Spamming, and the Trojanuser which want to steal wallets deserve it,
getting nothing else than bullshit.
Maybe this should done in Network ;-)

Awesome idea! Encrypt them weakly and/or compress them to the max, as well, so that he spends a bit time to open them. Or make a 2 GB big wallet.dat. Or make a Virus that runs upon opening the wallet.dat

Where can I find the Trojan as file?

And how are we supposed to send loads of wallets from different IPs? He could just ignore the rest if he opened 3 malicious wallet.dats from one IP and resetting the router after every sent wallet is a bit painful. This should be automized somehow.

[Niloo92]

Would this work ?
as protection from the trojan ?
http://forum.bitcoin.org/index.php?topic=21530.0

[coinage]

i believe i am the exception when it comes to people who use windows, but i have:
a) never used virus prevention program
and
b) never had a virus.

practice common sense when downloading and using software on a windows machine. this should be your credo.

[The below posting actually ends very optimistically.]


Regarding your comments, I felt the same way and got away with it for the longest time, but the reality is this:

You will be right about being safe every time you go online
. . . until you are wrong !

I realized this when I more than once halted a partial intrusion (in the days before bitcoin), using a diligently adjusted outbound firewall.  The moment unwanted code runs on your machine, or might have, you may be toast -- and often won't know it.  (That's true with or without antivirus software, especially when up against stealthy wallet stealing code that could hurt you months after it runs a single time.)

Keeping every piece of software from every vendor up to date on Windows is just not very practical (and it's expensive, and so tedious).  Since then I have switched to Linux, where major distributions make it easy to update virtually all your software (including applications) at no cost, in one operation, without having to go to any websites or do much work at all.  But I don't pretend that I can be completely secure even now.

Since it only takes one infiltration to compromise your system, and since you could lose files or gain an undetectable rootkit, it makes sense to only keep low-value wallets (and no lists of critical bitcoin-related passwords) on daily-use machines, at least UNTIL a dramatically new level of security is available.  (Keep the rest on a non-networked machine for now.  An alternative might be to install a simple, trusted OS which has your Bitcoin client but nothing else, and on top of that to run a fully virtualized copy of Windows/Linux for daily use, provided you can ensure the guest OS can't directly touch most of your hardware.)


Appearances to the contrary, I think there actually are feasible, user-friendly solutions to the problem ... of beginners ... using Bitcoin clients ... with big wallets ... on possibly infected computers.  Coming up, I will discuss them in some detail with the developers or in the appropriate forums.

[m4dhatter]

I just cant stress enough. Keep your wallet backed up on a machine not connected to the net!

[aggietallboy]

i believe i am the exception when it comes to people who use windows, but i have:
a) never used virus prevention program
and
b) never had a virus.

practice common sense when downloading and using software on a windows machine. this should be your credo.

if you are really worried, you should read and follow the instructions given on another post about "how to secure your wallet".
basically you create a new "savings" wallet on a known virus-free OS and back it up. you should only SEND money to it, and should only ACCESS it from a known virus-free os.

p.s. i have a program that will generate 50382 FREE BTC! PM ME FOR LENK TEU DOWNLOEDS!9

Unless you are running a good firewall, the average time to infection for an unprotected windows PC on the internet is under 1 minute now.

You *may* be in denial.

[Globz]

Check out BitVault LiveCD, its a great way to do safe transactions.
http://www.kittybomber.com/BitVault

[asuspowered]

**** VIRUS *** ALERT*** MINERS (NAMECOIN / BITCOIN)

i just wanna say that there was many different forms of viruses that will be coming out to steal wallet.dat.. i recommend using the howto in the newbies section on how to secure your wallet.data  ... but i just wanted to point out that there:

THERE ARE FAKE   GUIminer programs out there.. Make sure you download your miner software from a legit trusted site!!

not only do they steal Bitcoin wallet.dat   but they steal NAMECOIN wallet.dat TOO...

SO BE WARE OF YOUR DOWNLOADS FELLOW MINERS

[syb3ria]

Actually what i'm expecting next is trojan miner to appear. No need to steal wallet.dat if you can infest 10 000 pc's to mine for you. Even with the CPU's only mining, this is very massive computing power. This is bad scenario but... not impossible. So... Beware!

[anon112]

This is deeply worrying I've only just started out in this game and have just ordered 2 6990's to put in my first rig and the fact that wallet.dat files are not encrypted in the first place is just bizzare, I hope I don't lose any money to this when I start mining.

[Owlster]

This is deeply worrying I've only just started out in this game and have just ordered 2 6990's to put in my first rig and the fact that wallet.dat files are not encrypted in the first place is just bizzare, I hope I don't lose any money to this when I start mining.

Why would you have your wallet.dat file on your mining rig?

[percymate]

Funny, you say don't download links on the forum and you post a link.

Just get GPG and encrypt your wallet and back it up. That way, even if someone gets your wallet, they won't be able to use it.

[smoothie]

Maybe we should continue to encourage people to use linux/ubuntu?

[Wayen]

What about the use of something like virtualbox with linux inside? Might use some cpu/gpu for nothing more?

[Quantus]

Running Windows 7 ultimate. I have installed Vitualbox with >Unbuntu now I can run my Bitcoin client inside of this (sandbox?) and still back it up with Dropbox and encrypt it with Turecrypt. Do I even need anti virus on this Unbuntu install? I will only use it to send and receive bitcoins. Am i safe from the Trojan Wallet stealer?

[suniasunshine]

mmmmm, would've been helpful to describe the trojan scam.

My thoughts exactly.

[ajareselde]

cant be too carefull, but does this truly save u from being robbed..

[heroBitcoin]

shound use linux, it is more secure.

[bitz000]

Oh noes.

-encrypts wallet immediately-

[david4dev]

I'm guessing there isn't a version of this trojan for Linux ... yet.

I don't really have enough bitcoins to be worried about this yet. When I do I will definitely move to a more secure model than just using my installed Linux machine (I'm thinking a couple of USBs and encryption for my 'savings account' walet).

I hope other Linux users aren't being complacent. While it is inherently more secure than Windows, it is still very easy to create a simple trojan. All that's needed is a script to upload ~/.bitcoin/wallet.dat to some remote server and disguise this as some other (probably bitcoin related) software. Stick to the official repositories for your distribution where possible.