Bitcoin Forum
December 13, 2017, 07:52:40 AM *
News: Latest stable version of Bitcoin Core: 0.15.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: How to buy and keep purchased coins safe even if you know your PC is hacked?  (Read 185 times)
millenniumbaby
Newbie
*
Offline Offline

Activity: 10


View Profile
November 14, 2017, 02:56:25 PM
 #1

Guys, I intend to buy substantial amount of various cryptocurrencies as investment. Being pretty new to cryptocurrencies and having heard of horror experiences of coins being stolen, I want to take precautions first before I begin investing.

Assuming that I already know that my home internet network has been compromised/hacked whereby the hackers know of my intention to buy said cryptocurrencies. Let's just say the hackers already have a virtual mirror copy of my PC and is able to see/monitor/record what I'm doing on my PC in realtime or they have injected keylogging virus to find private keys, my questions are:

1. What would then be the safest procedure and method to create and store the cryptocurrencies I intend to purchase with the knowledge even if someone is watching or have planted keylogger virus, that's all they can do but can't steal it? If you suggest hardware wallets, what if I intend to buy and invest in cryptocurrencies that hardware wallets such as trezor or ledger have yet to support?

2. Let say one of the coins I plan to invest is 20 ethereum coins and to store them in paper wallet. Should I store all of them in a single paper wallet or create several paper wallets with different values in them (eg 5 wallets x 2 coins + 10 wallets x 1 coin) so that whenever there is a need to sell/use them, I just retrieve one paper wallet from storage rather than going through a sweeping process with one wallet whenever I want to retrieve a portion of the coins in the wallet. What are the pros and cons here?

Thanks all.
1513151560
Hero Member
*
Offline Offline

Posts: 1513151560

View Profile Personal Message (Offline)

Ignore
1513151560
Reply with quote  #2

1513151560
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1513151560
Hero Member
*
Offline Offline

Posts: 1513151560

View Profile Personal Message (Offline)

Ignore
1513151560
Reply with quote  #2

1513151560
Report to moderator
1513151560
Hero Member
*
Offline Offline

Posts: 1513151560

View Profile Personal Message (Offline)

Ignore
1513151560
Reply with quote  #2

1513151560
Report to moderator
1513151560
Hero Member
*
Offline Offline

Posts: 1513151560

View Profile Personal Message (Offline)

Ignore
1513151560
Reply with quote  #2

1513151560
Report to moderator
Iranus
Hero Member
*****
Offline Offline

Activity: 518


View Profile
November 14, 2017, 08:11:38 PM
 #2

1. What would then be the safest procedure and method to create and store the cryptocurrencies I intend to purchase with the knowledge even if someone is watching or have planted keylogger virus, that's all they can do but can't steal it?
Use a paper wallet, airgapped PC, hardware wallet or any other system which doesn't involve exposing your private keys to the Internet at any time.
2. What are the pros and cons here?
Should be pretty clear, but okay.

-It's convenient
-It's possible that you could lose some of them but not others
-An attacker who knows what funds you have might find it easier to take your wallet if there's only one
-Con - the fact that you're buying these tokens anyway.

dead_m92
Sr. Member
****
Offline Offline

Activity: 416



View Profile
November 14, 2017, 08:19:39 PM
 #3

But why would you use a hacked pc in order to store your bitcoins? i am sorry, but this makes no sense.. it is the same as saying that you want to open your bank account on your computer knowing that you have more than 100k in there, and your pc is hacked. This makes no sense at all, it is the same.
Just buy a new pc, and try to use that to create a wallet, or just buy a trezor , it is impossible to be hacked using one of those because you need to press a button in order to send funds, so it can not be hacked at all..

bitart
Hero Member
*****
Offline Offline

Activity: 700


View Profile
November 14, 2017, 09:17:02 PM
 #4

Step nr. 1.: Assuming that your computer is compromised, reinstall the OS asap, install an antivirus and anti malware.
Paper wallet or hardware wallet.
If you want to buy and hold, you can use paper wallet, if you need to do transactions frequently your choise should be a hardware wallet.
If you want to maximize the security of the paper wallet, download a copy of a paper wallet generator, and install a fresh OS on a PC with a USB printer (without internet connection) and generate and print a paper wallet (or print at least 10 to be on the safe side).
If you don't reveal your private keys, your paper wallets will be fine to store the coins. You can use your public key to send coins to the wallets and you can check you balance without any risk.

UsernameBitcoin
Sr. Member
****
Offline Offline

Activity: 302


★Jetwin.com★


View Profile
November 14, 2017, 09:49:07 PM
 #5

The best way to know this is if you use two factor authentication on as many things as you can have them on. Keep your twelve words safe, which is your lifeline if you are to ever lose your wallet on your phone. You can use them to restore onto any industry standard bitcoin wallet. Just remember to keep them safe and your passphrase as well if you used that to create a wallet.


▄▄▄████████▄▄▄
▄▄███▀▀▀ ▄  ▄ ▀▀▀███▄▄
▄██▀▀ ▄▄████  ████▄▄ ▀▀██▄
▄██▀ ▄███████    ███████▄ ▀██▄
██▀ ▄████████▀    ▀████████▄ ▀██
██▀ ██████████      ██████████ ▀██
██▀ ██████████        ██████████ ▀██
▄██                                ██▄
██ ▄                              ▄ ██
██ ███▄                        ▄███ ██
██ ██████▄                  ▄██████ ██
██ ▀████████              ████████▀ ██
▀██ ███████                ███████ ██▀
██▄ █████▀                ▀█████ ▄██
██▄ ████        ▄▄        ████ ▄██
██▄ ▀█      ▄▄████▄▄      █▀ ▄██
██▄    ▄▄██████████▄▄    ▄██▀
▀██▄▄ ▀▀██████████▀▀ ▄▄██▀
▀▀███▄▄▄ ▀▀▀▀ ▄▄▄███▀▀
▀▀▀████████▀▀▀
 

    [    ]
jseverson
Sr. Member
****
Online Online

Activity: 448


View Profile
November 15, 2017, 03:35:39 AM
 #6

The better question would be: why would you not want to wipe your PC clean after knowing that it has been infected with something?

Format your hard drive and do a clean re-install. Secure it as you should. It it's your home network that has been compromised, use Tor or a VPN service when handling your coins. Bitcoin wouldn't be your only concern when operating from a compromised system either. Your PC could be used for DDoS attacks, your identity could be stolen, etc. The best thing you could do in this situation is wipe your PC. Everything else is risky.

Also, just so you know, typical keyloggers cannot steal your coins from desktop wallets for as long as you don't type out your private key or seed. They can't really do anything with your password unless you also use that password on online services elsewhere.

millenniumbaby
Newbie
*
Offline Offline

Activity: 10


View Profile
November 15, 2017, 05:29:20 AM
 #7

1. What would then be the safest procedure and method to create and store the cryptocurrencies I intend to purchase with the knowledge even if someone is watching or have planted keylogger virus, that's all they can do but can't steal it?
Use a paper wallet, airgapped PC, hardware wallet or any other system which doesn't involve exposing your private keys to the Internet at any time.
2. What are the pros and cons here?
Should be pretty clear, but okay.

-It's convenient
-It's possible that you could lose some of them but not others
-An attacker who knows what funds you have might find it easier to take your wallet if there's only one
-Con - the fact that you're buying these tokens anyway.

Makes sense. A combination of paper wallet and hardware wallet is the way to go.

I'm buying those crytos that are relatively cheap and hodl for long term as I believe in the crypto ecosystem. As I'm just starting off with cryptos, I'd buy some first and then try my hand later on mining them.
millenniumbaby
Newbie
*
Offline Offline

Activity: 10


View Profile
November 15, 2017, 05:37:27 AM
 #8

But why would you use a hacked pc in order to store your bitcoins? i am sorry, but this makes no sense.. it is the same as saying that you want to open your bank account on your computer knowing that you have more than 100k in there, and your pc is hacked. This makes no sense at all, it is the same.
Just buy a new pc, and try to use that to create a wallet, or just buy a trezor , it is impossible to be hacked using one of those because you need to press a button in order to send funds, so it can not be hacked at all..


I'm not saying that I would knowingly use a hacked PC to transact. That would be suicide. Do you not know that virus/keylogger can reside in your harddisk/USB drive/memory stick MBR and even if you format them normally, the virus/keylogger is still there? What happens when you use it because you thought it was free from virus/keylogger?

And if your entire connected equipment in your home network is infected and you have failed to remove them all, any one of them that is still infected can infect the new PC that you intend to buy the moment you connect to your home network to gain internet access, just like a daisy chain effect.

Then the hacker/virus/keylogger will just wait patiently in the background for you to slip up to steal your coins.
millenniumbaby
Newbie
*
Offline Offline

Activity: 10


View Profile
November 15, 2017, 05:47:49 AM
 #9

Step nr. 1.: Assuming that your computer is compromised, reinstall the OS asap, install an antivirus and anti malware.
Paper wallet or hardware wallet.
If you want to buy and hold, you can use paper wallet, if you need to do transactions frequently your choise should be a hardware wallet.
If you want to maximize the security of the paper wallet, download a copy of a paper wallet generator, and install a fresh OS on a PC with a USB printer (without internet connection) and generate and print a paper wallet (or print at least 10 to be on the safe side).
If you don't reveal your private keys, your paper wallets will be fine to store the coins. You can use your public key to send coins to the wallets and you can check you balance without any risk.


This makes very much sense, using paper and hardware wallet. Thank you. However, reinstall OS, antivirus, anti-malware does not guarantee it can eliminate the unknown viruses/keyloggers 100% and also there are some virus/keylogger that can hide in storage MBR that you do not know about and connecting a new PC/equipment to your home network might get infected through your other equipment that is also connected to the same home network.



The best way to know this is if you use two factor authentication on as many things as you can have them on. Keep your twelve words safe, which is your lifeline if you are to ever lose your wallet on your phone. You can use them to restore onto any industry standard bitcoin wallet. Just remember to keep them safe and your passphrase as well if you used that to create a wallet.

2FA is not as secure if they already hacked and have access to your email without your knowledge and if your handphone is also hacked together, then they can re-route handphone text messages to the hacker first before it reaches you.



The better question would be: why would you not want to wipe your PC clean after knowing that it has been infected with something?

Format your hard drive and do a clean re-install. Secure it as you should. It it's your home network that has been compromised, use Tor or a VPN service when handling your coins. Bitcoin wouldn't be your only concern when operating from a compromised system either. Your PC could be used for DDoS attacks, your identity could be stolen, etc. The best thing you could do in this situation is wipe your PC. Everything else is risky.

Also, just so you know, typical keyloggers cannot steal your coins from desktop wallets for as long as you don't type out your private key or seed. They can't really do anything with your password unless you also use that password on online services elsewhere.


Even if you know your system is compromised and you wipe you PC clean, are you an expert enough of a person to trust that the PC is totally wiped out clean? What about viruses that can create hidden folders/directories in harddisk/usb storage MBR that a full format cannot remove them that you don't know about? Once you install the new OS, you would think the system is clean but in actual fact is not.


bryson
Newbie
*
Offline Offline

Activity: 9


View Profile
November 15, 2017, 06:06:35 AM
 #10

Why would you even consider buying a "substantial amount" of bitcoins when you know that your computer is compromised?  Doing this is just asking someone to steal your coins. Doing a clean wipe or re-installing your OS is probably the best way of being sure that you will keep your coins. Buying a paper or hardware wallet is probably recommended as it offers more security.
AGD
Legendary
*
Offline Offline

Activity: 1414


HODLER SINCE 2013


View Profile
November 15, 2017, 06:13:46 AM
 #11

https://en.bitcoin.it/wiki/How_to_set_up_a_secure_offline_savings_wallet

My ignore list here: https://bitcointalk.org/index.php?topic=1652334.0 +++ GPG Public key FFBD756C24B54962E6A772EA1C680D74DB714D40 +++ http://pgp.mit.edu/pks/lookup?op=get&search=0x1C680D74DB714D40
jseverson
Sr. Member
****
Online Online

Activity: 448


View Profile
November 16, 2017, 02:36:44 PM
 #12

Even if you know your system is compromised and you wipe you PC clean, are you an expert enough of a person to trust that the PC is totally wiped out clean? What about viruses that can create hidden folders/directories in harddisk/usb storage MBR that a full format cannot remove them that you don't know about? Once you install the new OS, you would think the system is clean but in actual fact is not.

If you're paranoid enough to cover such scenarios, why would you even consider storing Bitcoins on a compromised system? I seriously doubt any virus can survive a full format unless you're visiting really shady sites, but if you're buying a substantial amount of coins, investing in a clean, new, sealed hard drive should not be too much of an issue. Do not use pirated software and your newly installed system should be completely clean. Additionally, if you're worried about viruses from your home network, you may want to install Linux instead, as they are much more secure against such viruses, especially when other computers on your network are comprised of Windows/Mac machines. Use a paid VPN service to prevent man-in-the-middle attacks, and use Tor if at all possible. I cannot assure that you will be 100% safe even then, but I can tell you that you would be much better off than if you were using a compromised system.

Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!