|
kenzawak (OP)
|
 |
January 31, 2019, 09:57:16 PM |
|
https://www.newsbtc.com/2019/01/31/cryptocurrency-scam-mac/"The software steals credentials, including browser cookies, to allow access to cryptocurrency exchange accounts. CookieMiner, as the malware is known, targets exclusively Mac users owing to the cross-device functionality of Apple’s products. In addition to stealing login details and creatively subverting security precautions, the CookieMiner malware also uses the victim’s machine to covertly mine an obscure digital asset called Koto. ... Google Chrome and Apple Safari cookies are stolen. Saved usernames and credit card information from Chrome are stolen. Text messages backed up to Mac are stolen from victims’ iPhone. Browser cookies are stolen to defeat login anomaly detection. ... With this combination of login credentials and cookies, attackers can often bypass the two-factor authentication process protecting accounts. ... CookieMiner also installs mining software on the infected machine. Palo Alto Networks claim that the program is made to look like a piece of Monero-mining software. However, instead of mining the most frequently cryptojacked asset, it sets Mac users’ machine mining Koto, another privacy-focused cryptocurrency associated with Japan that can be mined using just a CPU."
|
|
|
|
|
|
|
|
|
|
|
|
The trust scores you see are subjective; they will change depending on who you have in your trust list. |
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
Malam90
|
|
February 01, 2019, 02:55:43 AM |
|
https://www.newsbtc.com/2019/01/31/cryptocurrency-scam-mac/"The software steals credentials, including browser cookies, to allow access to cryptocurrency exchange accounts. CookieMiner, as the malware is known, targets exclusively Mac users owing to the cross-device functionality of Apple’s products. In addition to stealing login details and creatively subverting security precautions, the CookieMiner malware also uses the victim’s machine to covertly mine an obscure digital asset called Koto. ... Google Chrome and Apple Safari cookies are stolen. Saved usernames and credit card information from Chrome are stolen. Text messages backed up to Mac are stolen from victims’ iPhone. Browser cookies are stolen to defeat login anomaly detection. ... With this combination of login credentials and cookies, attackers can often bypass the two-factor authentication process protecting accounts. ... CookieMiner also installs mining software on the infected machine. Palo Alto Networks claim that the program is made to look like a piece of Monero-mining software. However, instead of mining the most frequently cryptojacked asset, it sets Mac users’ machine mining Koto, another privacy-focused cryptocurrency associated with Japan that can be mined using just a CPU." It is very alarming news for the general people who use Internet from PC, or Android. If Google Chrome isn't enable to protect such maleware, it is shocking. I think Google Chrome will detect this maleware soon. |
|
|
|
|
|
elda34b
|
|
February 01, 2019, 03:06:24 AM |
|
It is very alarming news for the general people who use Internet from PC, or Android. If Google Chrome isn't enable to protect such maleware, it is shocking. I think Google Chrome will detect this maleware soon.
Looks like it's more about Mac. It steals cookies, quite smart but it will only work if users choose to save cookies or something similar. A way to protect from this attack would be to always disable cookies, and avoid any malicious software. Let's hope Mac will be able to solve this issue soon. Btw, this makes me think switching to GNU/Linux is one of my best choices in life. |
|
|
|
|
pooya87
Legendary
 Offline
Activity: 3430
Merit: 10521
|
|
February 01, 2019, 04:26:36 AM |
|
that is why "encryption" exists! you encrypt everything with a password and nobody is going to be able to have access to your data that easily. for example in this case you can encrypt your stored passwords in your browser with a master password that they allow you to set. that way the passwords are stored on your disk encrypted. for example using Firefox you can go to your setting and type in "master password" in the settings search bar and check its box and set a strong encryption password: about:preferences#searchResults
|
.
.BLACKJACK ♠ FUN. | | | ███▄██████
██████████████▀
████████████
█████████████████
████████████████▄▄
░█████████████▀░▀▀
██████████████████
░██████████████
█████████████████▄
░██████████████▀
████████████
███████████████░██
██████████ | | CRYPTO CASINO &
SPORTS BETTING | | │ | | │ | ▄▄███████▄▄
▄███████████████▄
███████████████████
█████████████████████
███████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████████████
█████████████████████
███████████████████
▀███████████████▀
███████████████████ | | .
|
|
|
|
|
ranman09
|
|
February 01, 2019, 04:38:03 AM |
|
that is why "encryption" exists! you encrypt everything with a password and nobody is going to be able to have access to your data that easily. for example in this case you can encrypt your stored passwords in your browser with a master password that they allow you to set. that way the passwords are stored on your disk encrypted. for example using Firefox you can go to your setting and type in "master password" in the settings search bar and check its box and set a strong encryption password: about:preferences#searchResults
Interesting I didn't know firefox can do this. Do we have the same option for google chrome? |
|
|
|
|
pooya87
Legendary
Offline
Activity: 3430
Merit: 10521
|
|
February 01, 2019, 05:15:18 AM |
|
that is why "encryption" exists! you encrypt everything with a password and nobody is going to be able to have access to your data that easily. for example in this case you can encrypt your stored passwords in your browser with a master password that they allow you to set. that way the passwords are stored on your disk encrypted. for example using Firefox you can go to your setting and type in "master password" in the settings search bar and check its box and set a strong encryption password: about:preferences#searchResults
Interesting I didn't know firefox can do this. Do we have the same option for google chrome? there is no such option for Google Chrome as far as i know and last time i checked they don't seem to have any plans on adding the feature either because they think it is not going to increase your security! there are extensions you can use but then again trusting these extensions is another problem. |
.
.BLACKJACK ♠ FUN. | | | ███▄██████
██████████████▀
████████████
█████████████████
████████████████▄▄
░█████████████▀░▀▀
██████████████████
░██████████████
█████████████████▄
░██████████████▀
████████████
███████████████░██
██████████ | | CRYPTO CASINO &
SPORTS BETTING | | │ | | │ | ▄▄███████▄▄
▄███████████████▄
███████████████████
█████████████████████
███████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████████████
█████████████████████
███████████████████
▀███████████████▀
███████████████████ | | .
|
|
|
|
figmentofmyass
Legendary
Offline
Activity: 1652
Merit: 1483
|
|
February 01, 2019, 06:33:30 AM |
|
Google Chrome and Apple Safari cookies are stolen.
Saved usernames and credit card information from Chrome are stolen.
Text messages backed up to Mac are stolen from victims’ iPhone.
Browser cookies are stolen to defeat login anomaly detection.
...
With this combination of login credentials and cookies, attackers can often bypass the two-factor authentication process protecting accounts. sorry if this is a dumb question, but how exactly does this compromise 2FA? all of the compromised data is browser-based (something you know, not something you have), with the exception of "stolen text messages". but old text messages shouldn't overcome SMS 2-factor authentication because those one-time codes are only good for a very limited time. and if you use TOTP-based 2FA, you should be completely safe. can somebody walk me through this? |
|
|
|
aoluain
Legendary
 Online
Activity: 2240
Merit: 1256
|
|
February 01, 2019, 06:55:45 AM |
|
Google Chrome and Apple Safari cookies are stolen.
Saved usernames and credit card information from Chrome are stolen.
Text messages backed up to Mac are stolen from victims’ iPhone.
Browser cookies are stolen to defeat login anomaly detection.
...
With this combination of login credentials and cookies, attackers can often bypass the two-factor authentication process protecting accounts. sorry if this is a dumb question, but how exactly does this compromise 2FA? all of the compromised data is browser-based (something you know, not something you have), with the exception of "stolen text messages". but old text messages shouldn't overcome SMS 2-factor authentication because those one-time codes are only good for a very limited time. and if you use TOTP-based 2FA, you should be completely safe. can somebody walk me through this? Good question and very relevant,, there must be something else to it. Personally I have never used Chrome and I didnt fall for the "convenience" of using it at the expense of compromising privacy. Chrome allows third-party websites to access your IP address and any
information that site has tracked using cookies. If you care about privacy
at all, you should ditch the browser that supports a company using data
to sell advertisements and enabling other companies to track your online
movements I have always used Firefox in private mode, I dont allow Firefox to store my browsing history. This is something the Mozilla foundatuon have always based the operations on. We do not collect personally identifiable data, not what you do or what
websites you go tohttps://www.fastcompany.com/90174010/bye-chrome-why-im-switching-to-firefox-and-you-should-tooI wonder why it is targeted solely to apple users, android users could surly be targeted too? |
|
|
|
|
|
| R |
▀▀▀▀▀▀▀██████▄▄
████████████████
▀▀▀▀█████▀▀▀█████
████████▌███▐████
▄▄▄▄█████▄▄▄█████
████████████████
▄▄▄▄▄▄▄██████▀▀ | LLBIT | | | 4,000+ GAMES███████████████████
██████████▀▄▀▀▀████
████████▀▄▀██░░░███
██████▀▄███▄▀█▄▄▄██
███▀▀▀▀▀▀█▀▀▀▀▀▀███
██░░░░░░░░█░░░░░░██
██▄░░░░░░░█░░░░░▄██
███▄░░░░▄█▄▄▄▄▄████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ | █████████
▀████████
░░▀██████
░░░░▀████
░░░░░░███
▄░░░░░███
▀█▄▄▄████
░░▀▀█████
▀▀▀▀▀▀▀▀▀ | █████████
░░░▀▀████
██▄▄▀░███
█░░█▄░░██
░████▀▀██
█░░█▀░░██
██▀▀▄░███
░░░▄▄████
▀▀▀▀▀▀▀▀▀ |
| | | ██░░░░░░░░░░░░░░░░░░░░░░██
▀█▄░▄▄░░░░░░░░░░░░▄▄░▄█▀
▄▄███░░░░░░░░░░░░░░███▄▄
▀░▀▄▀▄░░░░░▄▄░░░░░▄▀▄▀░▀
▄▄▄▄▄▀▀▄▄▀▀▄▄▄▄▄
█░▄▄▄██████▄▄▄░█
█░▀▀████████▀▀░█
█░█▀▄▄▄▄▄▄▄▄██░█
█░█▀████████░█
█░█░██████░█
▀▄▀▄███▀▄▀
▄▀▄▀▄▄▄▄▀▄▀▄
██▀░░░░░░░░▀██ | | | | | | | .
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
░▀▄░▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄░▄▀
███▀▄▀█████████████████▀▄▀
█████▀▄░▄▄▄▄▄███░▄▄▄▄▄▄▀
███████▀▄▀██████░█▄▄▄▄▄▄▄▄
█████████▀▄▄░███▄▄▄▄▄▄░▄▀
████████████░███████▀▄▀
████████████░██▀▄▄▄▄▀
████████████░▀▄▀
████████████▄▀
███████████▀ | ▄▄███████▄▄
▄████▀▀▀▀▀▀▀████▄
▄███▀▄▄███████▄▄▀███▄
▄██▀▄█▀▀▀█████▀▀▀█▄▀██▄
▄██▀▄██████▀████░███▄▀██▄
███░█████████▀██░████░███
███░████░█▄████▀░████░███
███░████░███▄████████░███
▀██▄▀███░█████▄█████▀▄██▀
▀██▄▀█▄▄▄██████▄██▀▄██▀
▀███▄▀▀███████▀▀▄███▀
▀████▄▄▄▄▄▄▄████▀
▀▀███████▀▀ | | OFFICIAL PARTNERSHIP
FAZE CLAN
SSC NAPOLI | | |
|
|
|
|
qiman
|
|
February 01, 2019, 07:06:42 AM |
|
This is so unfortunate that the bad apples are working so hard to undermine mass adoption and make it very difficult for the average Joe Bloggs to enter crypto. Instead of being useful and becoming advocates for change and helping people join this big technical revolution, they prefer to work hard just for quick gain and out of malice to make sure less and less people want to join this niche market. Many newbies are frightened off because of this attitude from rogue entities and it scares them entering this space. I do hope that cyber police become more and more vigilant in catching these nasty people who are trying to undermine crypto and the blockchain for normal users and investors.
|
|
|
|
|
|
|
365 |
TM | | | |
EZ365 is a digital ecosystem that combines
the best aspects of online gaming, cryptocurrency
trading and blockchain education. ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ | |
..WHITEPAPER.. ..INVESTOR PITCH..
| | | |
.'M████▀▀██ ██
W█Ws'V██ ██▄▄███▀▀█
i█████m.~M████▀▀██ ███
d███████Ws'V██ ██████
****M██████m.~███f~~__mW█
██▀▀▀████████= Y██▀▀██W ,gm███████
g█████▄▄▄██ █A~`_WW Y█ ██!,████████
g▀▀▀███ ████▀▀`_m████i!████P W███ ██
_███▄▄▄██▀▀▀███Af`_m███ █W ███A ]███ ██
__ ~~~▀▀▀▀▄▄▄█*f_m██████ ██i!██!i███████
Y█████▄▄▄▄__. i██▀▀▀██████████ █!,██████
8█ █▀▀█████.!██ ██████████i! █████
'█ █ █ █W M█▄▄▄██████ ██ !██
!███▄▄█ ██i'██████████ ██
Y███████████.]██████████████
█ ███████b ███ ██████
Y █ █▀▀█i!██ ████
V███ █ █W Y█████
~~▀███▄▄▄█['███
~~*██ | |
Play | | | |
│
│ ███
│ ███
│ ███
│ │ ███
███ │ ███
███ ███ ███
│ ███ ███ ███
███ ███ ███ ███
███ ███ │ │
███ ███ │ │
│ │
│ | |
Trade | | | |
__▄▄████▄▄
__▄▄███████████████▄▄▄
_▄▄█████████▀▀~`,▄████████████▄▄▄
~▀▀████▀▀~`,_▄▄███████████████▀▀▀
d█~ =▀███████████████▀▀
]█! m▄▄ '~▀▀▀████▀▀~~ ,_▄▄
,W█. *████▄▄__ ' __▄▄█████
!██P █████████████████████
W█. - ██████████████████▀
i██[ ~ ▀▀█████████▀▀▀
g███!
Y███ | |
Learn |
|
|
|
|
shirackjs
|
|
February 01, 2019, 08:21:53 AM |
|
This is alarming, 2FA is the additional step to secure our accounts in exchanges and online wallets. Now, it can be comprised which mean hackers are able to access our accounts easily.  |
|
|
|
|
kkgfhj123
Jr. Member
Offline
Activity: 56
Merit: 4
|
|
February 01, 2019, 08:26:54 AM |
|
One are the other way we all are dependent on third party like crome or safari... I thinking data being leaked from chrome and safari is the trust issue... This a horrible new  Hardware wallets are the only option to secure your funds |
|
|
|
|
romero121
Legendary
Offline
Activity: 3164
Merit: 1213
|
|
February 01, 2019, 08:29:10 AM |
|
When you find something alarming it's our responsibility to make ourself active in the process of securing our funds. In the past I've lost more than 0.5btc due to the security breach, as I haven't enabled 2FA. Once after enabling I never found anything go wrong. Now the news to defeat 2FA shows the increased hackers into the cryptocurrency network. Right now it seems hardware wallet is the best in the market for Cryptocurrency holdings.
|
|
|
|
|
kelz1
Copper Member
Jr. Member
Offline
Activity: 140
Merit: 3
|
|
February 01, 2019, 08:37:02 AM |
|
This development is very alarming, exchanges should start to offer 3 factor authentication. Those who trade big might have several bitcoins left on the exchanges to day trade.
|
|
|
|
bitfocus
Member
Offline
Activity: 532
Merit: 15
|
|
February 01, 2019, 12:29:32 PM |
|
such development is super alarming! most of the users trust 2FA - now those days are gone!
|
|
|
|
|
Pab
Legendary
Offline
Activity: 1862
Merit: 1012
|
|
February 01, 2019, 01:49:46 PM |
|
that is why "encryption" exists! you encrypt everything with a password and nobody is going to be able to have access to your data that easily. for example in this case you can encrypt your stored passwords in your browser with a master password that they allow you to set. that way the passwords are stored on your disk encrypted. for example using Firefox you can go to your setting and type in "master password" in the settings search bar and check its box and set a strong encryption password: about:preferences#searchResults
Interesting I didn't know firefox can do this. Do we have the same option for google chrome? That is nice thanks for sharing It can be very good to use it I have been reading that together with new IT technology we will also have new much improved hacking methods unfortunately it is going together So good move is to use encryption for protection Personally i don't like to use any extension in my browser I can recommend you to try Proton VPN i use his VPN long time and i am very happy also because i have better internet with his vpn You can even pay with btc for upgrading version only 46 euro a year |
|
|
|
hatshepsut93
Legendary
Offline
Activity: 2954
Merit: 2145
|
sorry if this is a dumb question, but how exactly does this compromise 2FA?
all of the compromised data is browser-based (something you know, not something you have), with the exception of "stolen text messages". but old text messages shouldn't overcome SMS 2-factor authentication because those one-time codes are only good for a very limited time. and if you use TOTP-based 2FA, you should be completely safe.
can somebody walk me through this?
If found another article , and it says that stolen cookies can be used to fake the identity of victim's machine, and thus login without a 2FA check on some sites. However, there are still a lot of unexplained details, like how they avoid 2FA checks on withdrawals, how do they spoof IP address and so on. It's an interesting topic and people who have very important online accounts, like traders, should definitely check it, so here's some links: https://security.stackexchange.com/questions/178663/why-isnt-stealing-cookies-enough-to-authenticatehttps://stackoverflow.com/questions/2498599/can-some-hacker-steal-the-cookie-from-a-user-and-login-with-that-name-on-a-web-sMaybe on some sites you can remove 2FA if you have access to the email, and if this malware can give access to victims email, they can get all the control they need. |
|
|
|
Lucius
Legendary
Offline
Activity: 3220
Merit: 5634
Blackjack.fun-Free Raffle-Join&Win $50🎲
|
|
February 01, 2019, 02:21:45 PM |
|
for example using Firefox you can go to your setting and type in "master password" in the settings search bar and check its box and set a strong encryption password
I know this option is enabled in Firefox, and it make sense to set master password., But user need to enter that master password only once per session (first time Firefox is open), and then all passwords are available. From the aspect of security how much is passwords safe from hack after user is unlock passwords with master password? I see Google Chrome offer password manager, but I do not see any mention of master password as Firefox... https://support.google.com/chrome/answer/95606?co=GENIE.Platform%3DDesktop&hl=en |
.
.BLACKJACK ♠ FUN. | | | ███▄██████
██████████████▀
████████████
█████████████████
████████████████▄▄
░█████████████▀░▀▀
██████████████████
░██████████████
█████████████████▄
░██████████████▀
████████████
███████████████░██
██████████ | | CRYPTO CASINO &
SPORTS BETTING | | │ | | │ | ▄▄███████▄▄
▄███████████████▄
███████████████████
█████████████████████
███████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████████████
█████████████████████
███████████████████
▀███████████████▀
███████████████████ | | .
|
|
|
|
|
Cofee.BLUE
|
|
February 01, 2019, 02:22:33 PM |
|
https://www.newsbtc.com/2019/01/31/cryptocurrency-scam-mac/"The software steals credentials, including browser cookies, to allow access to cryptocurrency exchange accounts. CookieMiner, as the malware is known, targets exclusively Mac users owing to the cross-device functionality of Apple’s products. In addition to stealing login details and creatively subverting security precautions, the CookieMiner malware also uses the victim’s machine to covertly mine an obscure digital asset called Koto. ... Google Chrome and Apple Safari cookies are stolen. Saved usernames and credit card information from Chrome are stolen. Text messages backed up to Mac are stolen from victims’ iPhone. Browser cookies are stolen to defeat login anomaly detection. ... With this combination of login credentials and cookies, attackers can often bypass the two-factor authentication process protecting accounts. ... CookieMiner also installs mining software on the infected machine. Palo Alto Networks claim that the program is made to look like a piece of Monero-mining software. However, instead of mining the most frequently cryptojacked asset, it sets Mac users’ machine mining Koto, another privacy-focused cryptocurrency associated with Japan that can be mined using just a CPU." For you to get access on google chrome you should have the intelligence of thousands of website developers and programmers.For someone to steal someone's phone saved information there must be a bait or device control. Hijacking can be done using finest computer with program on it and i don't think just someone could do that to leading technology companies more of like movie twists. |
|
|
|
|
|
ToyotaFortuner
|
|
February 01, 2019, 04:23:07 PM |
|
more and more viruses are spread by hackers who try to steal assets owned by cryptocurrency users, and preferably when you want to access your wallet or place of exchange you have to be more careful and not be careless.
|
|
|
|
|
|
bit-freedom
|
|
February 02, 2019, 01:15:48 PM |
|
Thank you for the warning. It is a strong battle between the hackers and users like us. Please stay safe everybody and be careful when clicking on hyperlinks and downloading stuffs. Stay safe and let’s win the battle against the hackers and scammers.
|
|
|
|
|
|
