Bitcoin Forum
November 11, 2024, 03:27:11 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1] 2 3 »  All
  Print  
Author Topic: Are you using a Public DNS server? your coins are at risk !  (Read 18182 times)
mikeywith (OP)
Legendary
*
Offline Offline

Activity: 2408
Merit: 6618


be constructive or S.T.F.U


View Profile
April 30, 2018, 10:35:55 PM
Last edit: April 30, 2018, 10:53:54 PM by mikeywith
Merited by DooMAD (2), vapourminer (1), Lucius (1), LuckyBtc (1), Mkmanik (1)
 #1

Most of you heard of the DNS attack which targeted Myetherwallet (MEW) web wallet users. tons of coins were stolen that day ( 6 days ago).

I can not stress on how important it is to use a hardware or at least an offline wallet to store your crypto ,but should you INSIST on using web based wallet keep in mind that you are only a few steps far from being compromised.

there are a few ways hackers can steal your coins, one of the most obvious is a DNS attack, therefore you should avoid using public - known DNS servers such as Google, OpenDns Home , etc ...

1- Always use your ISP DNS server, even though it is probably technically less secured than say  Google DNS server but the fact that it is not used by so many users and mostly unknown, it stays far from the hacker's targets.

2- Always make sure that you are using a secure connection, using chrome for an example, you have to see a green lock next to the url your browsing, click on secure and check the validity of the certificate.

3-The use of Virtual Keyboards can save you sometimes. something like Kaspersky Virtual Keyboard is much more secure than hitting your keyboard.


4-use multiple wallets, remember the old saying about eggs and basket ! it is still valid.

  --------------------------------------------------------------


**Pay to secure your money, as you already know, nothing is free in life, just like you pay to ensure your car , house and health you have to pay to secure your fundings, hardware wallets are really cheap ! spend a little on one !



**Avoid storing your funds on exchanges , exchanges are hackers no1 target. every couple of months you will most likely hear about an exchange being compromised, you do not want your coins to be there !



stay safe guys, this is the BILL you have to pay for owning crypto, you get 100% freedom + you take 100% responsibility of your fundings.




█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
Welsh
Staff
Legendary
*
Offline Offline

Activity: 3304
Merit: 4115


View Profile
May 01, 2018, 10:56:28 AM
Merited by Jet Cash (1), LuckyBtc (1)
 #2

Use multiple wallets on different hardware. It's always good to have several offline wallets generated by different hardware and stored in different locations. (the private key that is) Private keys should also never be stored digitally for obvious reasons. Even if you must access your coins on a regular basis a hardware wallet is likely worth the initial investment as it prevents some of the common pitfalls.

My general advise for people wanting to exchange coins is only store your coins on the exchange just before he actually exchange them and then transfer them to an offline wallet as soon as possible if needed. If you are exchanging high amounts then it might be better to pay a little more in fees and exchange them in smaller chunks to prevent losing all if a exchange was compromised whilst you were exchanging.
Lucius
Legendary
*
Offline Offline

Activity: 3416
Merit: 6149


Crypto Swap Exchange🈺


View Profile WWW
May 01, 2018, 01:44:06 PM
 #3

Most of you heard of the DNS attack which targeted Myetherwallet (MEW) web wallet users. tons of coins were stolen that day ( 6 days ago).

I can not stress on how important it is to use a hardware or at least an offline wallet to store your crypto ,but should you INSIST on using web based wallet keep in mind that you are only a few steps far from being compromised.

there are a few ways hackers can steal your coins, one of the most obvious is a DNS attack, therefore you should avoid using public - known DNS servers such as Google, OpenDns Home , etc ...

1- Always use your ISP DNS server, even though it is probably technically less secured than say  Google DNS server but the fact that it is not used by so many users and mostly unknown, it stays far from the hacker's targets.

2- Always make sure that you are using a secure connection, using chrome for an example, you have to see a green lock next to the url your browsing, click on secure and check the validity of the certificate.

3-The use of Virtual Keyboards can save you sometimes. something like Kaspersky Virtual Keyboard is much more secure than hitting your keyboard.


4-use multiple wallets, remember the old saying about eggs and basket ! it is still valid.

  --------------------------------------------------------------


**Pay to secure your money, as you already know, nothing is free in life, just like you pay to ensure your car , house and health you have to pay to secure your fundings, hardware wallets are really cheap ! spend a little on one !



**Avoid storing your funds on exchanges , exchanges are hackers no1 target. every couple of months you will most likely hear about an exchange being compromised, you do not want your coins to be there !



stay safe guys, this is the BILL you have to pay for owning crypto, you get 100% freedom + you take 100% responsibility of your fundings.





That DNS attack is just another proof that hackers are working to find new ways how to hack online wallets,which means they are becoming unfortunately less safe and therefore less secure.Users do not pay attention whether page is genuine or is it have SSL,and when it comes to cryptocurrency you can lose everything in blinking of a eye.

Regarding virtual keyboards,there is option in Windows for that, but opinions are divided can that protect us from keyloggers or not.

As you suggest it is best to invest some money(around 100 $,maybe more)to buy hardware wallet,and also to spend some time on personal education.IT security is very important for anyone who wants to deal with cryptocurrency.

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
hugeblack
Legendary
*
Offline Offline

Activity: 2688
Merit: 3971



View Profile WWW
May 01, 2018, 03:04:59 PM
 #4

I didn't follow the technical news on the previous days, so I do not know of what happened with Myetherwallet wallet.
As a result of the increase in the prices of these currencies, there has been a lot of news that talk about such attacks, so I do not find the traditional protection methods will withstand for a long time.
So I prefer a paper wallet with public address(use any block explorer to check your balance) + mixing services (for privacy).

move your post to Beginners & Help

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
mikeywith (OP)
Legendary
*
Offline Offline

Activity: 2408
Merit: 6618


be constructive or S.T.F.U


View Profile
May 01, 2018, 03:26:18 PM
 #5

Most of you heard of the DNS attack which targeted Myetherwallet (MEW) web wallet users. tons of coins were stolen that day ( 6 days ago).

I can not stress on how important it is to use a hardware or at least an offline wallet to store your crypto ,but should you INSIST on using web based wallet keep in mind that you are only a few steps far from being compromised.

there are a few ways hackers can steal your coins, one of the most obvious is a DNS attack, therefore you should avoid using public - known DNS servers such as Google, OpenDns Home , etc ...

1- Always use your ISP DNS server, even though it is probably technically less secured than say  Google DNS server but the fact that it is not used by so many users and mostly unknown, it stays far from the hacker's targets.

2- Always make sure that you are using a secure connection, using chrome for an example, you have to see a green lock next to the url your browsing, click on secure and check the validity of the certificate.

3-The use of Virtual Keyboards can save you sometimes. something like Kaspersky Virtual Keyboard is much more secure than hitting your keyboard.


4-use multiple wallets, remember the old saying about eggs and basket ! it is still valid.

  --------------------------------------------------------------


**Pay to secure your money, as you already know, nothing is free in life, just like you pay to ensure your car , house and health you have to pay to secure your fundings, hardware wallets are really cheap ! spend a little on one !



**Avoid storing your funds on exchanges , exchanges are hackers no1 target. every couple of months you will most likely hear about an exchange being compromised, you do not want your coins to be there !



stay safe guys, this is the BILL you have to pay for owning crypto, you get 100% freedom + you take 100% responsibility of your fundings.






Regarding virtual keyboards,there is option in Windows for that, but opinions are divided can that protect us from keyloggers or not.




from a programmer point of view i can confirm that Windows Virtual keyboard is really easy to log. in fact even Kasper's virtual keyboard is hack-able but it should be something harder to do for an average programmer like me.

so just as you said, the best thing is hardware wallet, all these other stuff are just a little extra security tips, like someone with only a knife in hand during WW2. can't really fight but might just get lucky Cheesy

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
mikeywith (OP)
Legendary
*
Offline Offline

Activity: 2408
Merit: 6618


be constructive or S.T.F.U


View Profile
May 04, 2018, 07:57:45 PM
Merited by vapourminer (1)
 #6

I didn't follow the technical news on the previous days, so I do not know of what happened with Myetherwallet wallet.
As a result of the increase in the prices of these currencies, there has been a lot of news that talk about such attacks, so I do not find the traditional protection methods will withstand for a long time.
So I prefer a paper wallet with public address(use any block explorer to check your balance) + mixing services (for privacy).

move your post to Beginners & Help

paper wallet is safe until you decide to move your coins, if you use a compromised pc to do so then you are doomed !
paper wallet is for sure much more secured than online wallets but still a hardware wallet is much more secure.

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
exalterego
Newbie
*
Offline Offline

Activity: 99
Merit: 0


View Profile
May 04, 2018, 09:18:22 PM
 #7

3-The use of Virtual Keyboards can save you sometimes. something like Kaspersky Virtual Keyboard is much more secure than hitting your keyboard.

  --------------------------------------------------------------

Kaspersky lab has proven to be the source of viruses, so I personally would not recommend this very software.
Try using some other virtual keyboards, especially if you are using an Android-based wallet - this would ensure the security of your funds.
paul gatt
Hero Member
*****
Offline Offline

Activity: 896
Merit: 500


View Profile
May 04, 2018, 10:12:46 PM
 #8

Right! If we use public DNS servers, it is very easy to steal passwords and information. This will reveal the secrets of your trading. And maybe your money is stolen quickly. To invest in bitcoin use a dedicated computer for bitcoin safety.
twistedvape
Newbie
*
Offline Offline

Activity: 16
Merit: 0


View Profile
May 04, 2018, 10:19:43 PM
 #9

I prefer to use the offline wallet and store the private keys data on hdd. Because I think it's safer.
9jaflick
Sr. Member
****
Offline Offline

Activity: 728
Merit: 254



View Profile
May 04, 2018, 10:47:52 PM
 #10

as advised, always protect your browser before accessing anything website that you store your funds in, Kaspersky antivirus is a good one. and secondly be self-conscious, don't store all your funds on one wallet, split it to different wallets. I have more than 7 wallets. if a hacker mistakenly gains access to your wallet, you will still be left with something because you didn't store all your coin in one particular wallet.
Welsh
Staff
Legendary
*
Offline Offline

Activity: 3304
Merit: 4115


View Profile
May 04, 2018, 10:54:44 PM
 #11

Right! If we use public DNS servers, it is very easy to steal passwords and information. This will reveal the secrets of your trading. And maybe your money is stolen quickly. To invest in bitcoin use a dedicated computer for bitcoin safety.

It's worth noting that if you are using any DNS sever then you should trust the source. So if you don't trust your ISP then you probably shouldn't use their DNS sever.

as advised, always protect your browser before accessing anything website that you store your funds in, Kaspersky antivirus is a good one. and secondly be self-conscious, don't store all your funds on one wallet, split it to different wallets. I have more than 7 wallets. if a hacker mistakenly gains access to your wallet, you will still be left with something because you didn't store all your coin in one particular wallet.
I swear by extensions such as noscript suite which prevent's javascript and other things from running automatically. It's probably better protection that an anti virus, although can also be used in combination with anti virus software.
keycellko
Full Member
***
Offline Offline

Activity: 406
Merit: 102



View Profile
May 04, 2018, 11:35:53 PM
 #12

Yes, i was scared when that happened to myetherwallet, thinking that my tokens and eth were stolen along with it. I got relieved when i checked that its still intact. All my life savings was there. I agree that we need to invest to secure our money. A hard wallet or offline wallet is the most secure wallet. Im thinking,also, to buy another laptop and make it solely for my cryptoworks.
9jaflick
Sr. Member
****
Offline Offline

Activity: 728
Merit: 254



View Profile
May 04, 2018, 11:43:29 PM
 #13


as advised, always protect your browser before accessing anything website that you store your funds in, Kaspersky antivirus is a good one. and secondly be self-conscious, don't store all your funds on one wallet, split it to different wallets. I have more than 7 wallets. if a hacker mistakenly gains access to your wallet, you will still be left with something because you didn't store all your coin in one particular wallet.
I swear by extensions such as noscript suite which prevent's javascript and other things from running automatically. It's probably better protection that an anti virus, although can also be used in combination with anti virus software.
honestly speaking i have not tried using an extension, maybe I will give it a try this time around, we learn every day
dimastegar
Sr. Member
****
Offline Offline

Activity: 798
Merit: 251


Small Trader


View Profile
May 04, 2018, 11:54:25 PM
 #14

I always use VPN to transact. I do not know if this is risky or not for me. And so far I am grateful my coins are always safe. Whether through MEW or Exchangers, I'm always wary of using both because we know that Hackers can use DNS from MEW or Exchangers to get Private keys and Passwords. They are smart. However, risk is the part we have to deal with.

                ██████████████████
            █████  █████  █████  █████
         ███████████████████████████████
       ████  ████████████████████████  ███
      ██████████████████████████████████████
     ██  ████████████████████████████████████
    ████████████████████████████     █████  ██
   █████████████████████████████ ▐█▌ ██████████
  ███  █████████████████▌     ██ ▐█▌ ██████████
  ██████████████████████▌ ██  ██ ▐█▌ ███████  ██
  ███████████████      █▌ ██  ██ ▐█▌ ███████████
  ██  ███████████  ██  █▌ ██  ██ ▐█▌ ███████████
  ███████████████  ██  █▌ ██  ██ ▐█▌ ███████  ██
  █████████        ██  █▌ ██  ██ ▐█▌ ██████████
   ██  █████████████████▌ ██  ██ ▐█▌ ██████████
    ██████████████        ██  ██ ▐█▌ ██████  █
     ███████████████████████████ ▐█▌ ████████
      ██  ███████████████        ▐█▌ ███  ██
       ███████████████████████████████████
         ████  ████████████████████  ███
            ██████  ████  ████  ██████
                ██████████████████


IDEX
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██

  Start Trading Instantly
  BOUNTY
  Telegram
mikeywith (OP)
Legendary
*
Offline Offline

Activity: 2408
Merit: 6618


be constructive or S.T.F.U


View Profile
May 05, 2018, 09:47:28 PM
 #15

I always use VPN to transact. I do not know if this is risky or not for me. And so far I am grateful my coins are always safe. Whether through MEW or Exchangers, I'm always wary of using both because we know that Hackers can use DNS from MEW or Exchangers to get Private keys and Passwords. They are smart. However, risk is the part we have to deal with.


using a VPN to transact doesn't mean anything, it could be safe as much as it could be less safe. there really isn't a tight risk ratio attached to using VPN. a DNS attack is not on MEW it self , it is on rout from your PC to the WEB WALLET. anywhere in between.
i still insist on using hardware wallet for best security practice.

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
EthanB
Sr. Member
****
Offline Offline

Activity: 462
Merit: 336


View Profile
May 05, 2018, 09:57:20 PM
 #16

It sounds like the biggest concern is a public DNS server that is very commonly used. If you are able to find a public DNS server that is relatively unused would that then mitigate most of the concern for hacking through that route? I'm pretty new to all of this, but how is your ISP DNS anymore protected than a public DNS that is used equally as much?
andrew1carlssin
Jr. Member
*
Offline Offline

Activity: 168
Merit: 3

#Please, read:Daniel Ellsberg,-The Doomsday *wk


View Profile WWW
May 05, 2018, 10:01:16 PM
 #17

since we are at crypto forum ... I would bet some chips ... PKI and SSL certificates vulnerabilities ...

Satoshi's book editor; SCIpher - https://pdos.csail.mit.edu/archive/scigen/scipher.html
levvv
Member
**
Offline Offline

Activity: 532
Merit: 17


View Profile
May 06, 2018, 11:48:02 AM
 #18

Yeah it is risky if you use public dns. what i wonder is why google dns can be hijacked.
for me, using myetherwallet alone is not secure to operate. just use metamask or other secure wallet.
carrie_white
Full Member
***
Offline Offline

Activity: 784
Merit: 101



View Profile
May 06, 2018, 01:09:10 PM
 #19

wow, thanks for the information, I even found out if using google DNS is very dangerous, I used to use it to stabilize my modem connection, and now I will never again do, thanks again for the information

dollarneed
Hero Member
*****
Offline Offline

Activity: 742
Merit: 500



View Profile
May 06, 2018, 01:44:36 PM
 #20

I always use VPN to transact. I do not know if this is risky or not for me. And so far I am grateful my coins are always safe. Whether through MEW or Exchangers, I'm always wary of using both because we know that Hackers can use DNS from MEW or Exchangers to get Private keys and Passwords. They are smart. However, risk is the part we have to deal with.
I'm using a VPN too, is this safe enough?? (I'm not a tech savvy so i don't have any idea about this) Well, this makes me scared but thanks God my tokens are still safe out there, to be honest I'm just worried about MEW wallet, not exchange since I have enabled 2fa factor though it's not completely safe and bad way storing your crypto out there.

I swear by extensions such as noscript suite which prevent's javascript and other things from running automatically. It's probably better protection that an anti virus, although can also be used in combination with anti virus software.
How about installing extensions such as EAL or MetaMask or Cryptonite as MEW wallet suggested, is this safe enough? in order to protect us from the DNS attack.
Pages: [1] 2 3 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!