[2017-09-06] Trojan Virus TrickBot Targets Coinbase Users

[iamTom123]

A new version of the famous banking Trojan TrickBot has expanded the circle of potential victims to the users of the popular cryptocurrency account Coinbase. This is reported by BleepingComputer.
 
The discover was made by security researchers from Forcepoint. According to their data, TrickBot can impose a fake login page when a user visits Coinbase through his browser. Having received user data to enter the account, scammers transfer cryptocurrency from the victims's wallets to their own.
 
Troyan was first discovered in 2016, and then its purpose was the data of online banking users. Today, it can "infect" users' devices and impose fake login pages on banking portals in more than ten countries. In June 2017, the Trojan targeted PayPal accounts and login pages of several well-known CRM-systems. A new version of TrickBot with "cryptocurrency support" was discovered in late August and was contained in documents attached to the spam mailing allegedly on behalf of the Canadian Imperial Bank of Commerce.

Read more about this news here...

As the world of cryptocurrency is expanding at an amazing pace, so do the ability of many hackers and phishers to victimized innocent and sometimes hapless people. Their main business is always to steal from vulnerable sites and to inflict pain on as many humans as possible. These hackers are the best representative of being heartless and guiltless there can ever be.

Wallet service providers should be doing everything they can inorder to protect the money of the clients who trusted them so much and must fix all the possible leaks and bugs as soon as possible while at the same being always advanced in thinking and decision making.

[chrissss]

till now only thing can hacker do is hacking wallets

thanks bitcoin for that

[BitHodler]

I have seen many articles go by how PayPal accounts have been emptied by trickbot, but now things start to come a whole lot closer.

Danger is that everything is seemingly normal, where people log-in like they normally would, gain access to their account, and the list goes on, while in other cases you can't seem to log-in at all ~ it's extremely well set up.

This once again proves that people for once should enable 2FA. Nowadays with the increased crypto prices, malware will more than ever be pointed at all things crypto related ~ exchanges should force people to enable 2FA.

It will directly eliminate the far majority of the threats, and thus take away a lot pressure from the support staff that get flooded with tickets related to hacked accounts, coin theft, suspicious log-in's, and the list goes on.

[peter0425]

So this maybe the reason why Coinbase issue has escalated in recent month. However, it is still up to us to really safeguard our account like enabling 2FA or at least remind their customers to used this security features for their own safety. Hackers are really targeting trading platform because of the huge amount of money involved. And our world are getting smaller because they are zeroing on every opportunity to exploit those system vulnerabilities just to stole money from someone. And don't click anything, specially the one you received in emails. Because the likelihood of a malware or trojan virus embedded is really high.

[Aveatrex]

A new version of the famous banking Trojan TrickBot has expanded the circle of potential victims to the users of the popular cryptocurrency account Coinbase. This is reported by BleepingComputer.
 
The discover was made by security researchers from Forcepoint. According to their data, TrickBot can impose a fake login page when a user visits Coinbase through his browser. Having received user data to enter the account, scammers transfer cryptocurrency from the victims's wallets to their own.
 
Troyan was first discovered in 2016, and then its purpose was the data of online banking users. Today, it can "infect" users' devices and impose fake login pages on banking portals in more than ten countries. In June 2017, the Trojan targeted PayPal accounts and login pages of several well-known CRM-systems. A new version of TrickBot with "cryptocurrency support" was discovered in late August and was contained in documents attached to the spam mailing allegedly on behalf of the Canadian Imperial Bank of Commerce.

Read more about this news here...

As the world of cryptocurrency is expanding at an amazing pace, so do the ability of many hackers and phishers to victimized innocent and sometimes hapless people. Their main business is always to steal from vulnerable sites and to inflict pain on as many humans as possible. These hackers are the best representative of being heartless and guiltless there can ever be.

Wallet service providers should be doing everything they can inorder to protect the money of the clients who trusted them so much and must fix all the possible leaks and bugs as soon as possible while at the same being always advanced in thinking and decision making.

The problem,these days people click on every link they see without paying attention to the possible phishing.
Keyloggers and such viruses doesn't fall from sky.They come through downloads or through phishing websites.
Paypal has implemented a security system that I honestly fan of.Whenever a foreign IP logs to your account,the account get locked until the owner confirm that he was the one that logged in his account by confirming it by phone number and email verification.
This has to be implemented in exchanges or atleast encourage 2FA to all users.

[1Referee]

exchanges should force people to enable 2FA.

This. I seriously don't understand why exchanges till this day still haven't 'hard coded' the 2FA feature into the process of signing up. I understand that not everyone has access to a secondary device, but if we look at how much harm is being caused to people, I don't see any reason to allow these non 2FA users to keep operating their account without that security feature - it's a necessity. People are treating their fiat savings carefully, where everything is working with 2FA, but I fail to understand why they aren't doing the same with crypto?! It may sound harsh, but if people have everything required to utilize 2FA, but still don't make use of it, they are nothing more than an idiot. They will learn once they lose everything, that's for sure.