Mashfiqun (OP)
Member
 Offline
Activity: 100
Merit: 21
|
 |
February 24, 2019, 09:42:37 AM |
|
Just yesterday I was going to send some bitcoins to my friends address. He gave me his address, I copied it and went to send on my wallet. Suddenly I saw the address my friend gave me started with 3 but the address I pasted to send the transaction started with 1. I then copied other wallet addresses and pasted on notepad. And everytime it was another new address. This was some kind of clipboard hacking. Some kind of malware came into my laptop and started to do these. I think using faucets and other nsfw sites might have done this.
I scanned with my antivirus and MalwareBytes and it was resolved. But I wanted more safety so I did a full Windows re-installation.
Always try to avoid faucets with a lot of ads, don't click anything stupid, don't download anything unwanted.
And always double check addresses before sending any transaction.
Peace.
|
|
|
|
|
|
jademaxsuy
|
|
February 24, 2019, 10:05:18 AM |
|
Hacking your clipboard is possible, instead of pasting the address you just copied recently but the address you'll paste os different which happen in your situation. You did well in cleaning your laptop by reinstalling your operating system which help cleaning your laptop. Some anti-viruses can't detect all viruses.
|
|
|
|
|
|
|
|
UserU
|
|
February 24, 2019, 10:22:53 AM |
|
Did you install some browser extensions recently? Usually these are able to hijack your clipboard.
|
.
.500 CASINO.██ | ▄▀ |
▄
▄ | | .
THE HOTTEST CRYPTO
CASINO & SPORTSBOOK | | ▄▄▄████████████
▄▄▄███████████████████
▐█████████████████████
█████████████████████
▐███████████████████
▐███████████████████
███████████████████
██████▀█████▀██████
▐████████▀█████████
▐███████████████████
███████████████████
▐███████████████████
▀██████▀▀▀▀▀▀ ▀▀▀█ | |
█▄▄▄██████████▄▄▄
███████████▀██▀▀██▄▄
███████████████████▄
█████████████████████
████▄████▄███████▄███
█████████████████████
████▀████▀███████▀███
█████████████████████
███████████████████▀
███████████▄██▄▄██▀▀
▀▀▀██████████▀▀▀ | |
► ORIGINALS
► SLOTS | |
► LIVE GAMES
► SPORTSBOOK |
▄
▄
| ▀▄ | .
██..PLAY NOW.. |
|
|
|
Mashfiqun (OP)
Member
Offline
Activity: 100
Merit: 21
|
|
February 24, 2019, 10:32:45 AM |
|
Did you install some browser extensions recently? Usually these are able to hijack your clipboard.
No, just metamask is there. |
|
|
|
|
|
jademaxsuy
|
|
February 24, 2019, 10:34:58 AM |
|
Did you install some browser extensions recently? Usually these are able to hijack your clipboard.
I think the op did install a browser extension which is the reason why the clipboard can be easily hijack by hackers. Browsers are the first step that the hacker can invade your devices through extensions and downloading unknown files or through pop-up ads. |
|
|
|
|
ryap12
Member
Offline
Activity: 700
Merit: 14
|
|
February 24, 2019, 10:39:58 AM |
|
100% it's a malware you got there. But I am not sure if it's due to those faucets where your computer got infected. Are you using google chrome because the browser prevents you from entering dangerous websites and will scan downloads. I highly suspect you installed an infected software which triggered the installation of the malware. Good thing though you notice the address was changed. You did the right thing by re-installing the entire OS which will also remove those other unwanted programs.
|
|
|
|
|
Mashfiqun (OP)
Member
Offline
Activity: 100
Merit: 21
|
|
February 24, 2019, 11:22:11 AM |
|
100% it's a malware you got there. But I am not sure if it's due to those faucets where your computer got infected. Are you using google chrome because the browser prevents you from entering dangerous websites and will scan downloads. I highly suspect you installed an infected software which triggered the installation of the malware. Good thing though you notice the address was changed. You did the right thing by re-installing the entire OS which will also remove those other unwanted programs.
I generally do check addresses. But this is the only time it was entirely changed. I am lucky that I didn't click the send button. Yes, I thought re-installing OS would help, and it did. Switching to Brave Browser for more ad blocking. <3 |
|
|
|
|
|
hacker1001101001
|
|
February 24, 2019, 11:36:23 AM
Last edit: February 24, 2019, 11:48:13 AM by hacker1001101001 |
|
This probably is a known script in the Windows operating system and is used by many hackers out there to manipulate copy-paste or Keystroke activity of a victim. As per I know this is one of the old operating viruses and has not affected much in the crypto space currently. Rather there are many other similar scripts developed every day to manipulate the data on the web. We could say they are pretty common and most of the anti-virus even if they are some free ones, can detect it. The reason behind you getting affected by the virus would probably be an unwilling click on some spammy stuff online which further led this virus to penetrate in your system and later manipulated your transactions. My best solution to avoid such type of manipulation is using a Linux operating system which would surely keep you secure from such spammy scripts in the future. I would suspect you were using a windows operating system right? You could check this video, to know more about how does the malware work: Windows ClipBoard Hijacker Swaps out CryptoCurrency Addresses |
|
|
|
|
|
Ipwich
|
|
February 24, 2019, 12:11:34 PM |
|
I have my friends got victimized with this in the past, they are not careful in sending without double checking the recipient address and their coins was gone. I'm glad they informed so I'm aware and more careful, I'm also not double stuff from the internet as that could be one of the cause, with my sensitive information in my computer, I only dedicate my PC on crypto thing. |
|
|
|
Mashfiqun (OP)
Member
Offline
Activity: 100
Merit: 21
|
|
February 24, 2019, 12:12:03 PM |
|
This probably is a known script in the Windows operating system and is used by many hackers out there to manipulate copy-paste or Keystroke activity of a victim. As per I know this is one of the old operating viruses and has not affected much in the crypto space currently. Rather there are many other similar scripts developed every day to manipulate the data on the web. We could say they are pretty common and most of the anti-virus even if they are some free ones, can detect it.
The reason behind you getting affected by the virus would probably be an unwilling click on some spammy stuff online which further led this virus to penetrate in your system and later manipulated your transactions.
My best solution to avoid such type of manipulation is using a Linux operating system which would surely keep you secure from such spammy scripts in the future.
I would suspect you were using a windows operating system right?
Yes I am using Windows as stated in my post. Using Linux may be a solution but sometimes Windows is the best way to go. Thanks for your recommendations. |
|
|
|
|
Lucius
Legendary
Offline
Activity: 3416
Merit: 6149
Crypto Swap Exchange🈺
|
|
February 24, 2019, 12:12:58 PM |
|
I scanned with my antivirus and MalwareBytes and it was resolved. But I wanted more safety so I did a full Windows re-installation.
You probably not have such a good antivirus and you only use free version of Malwarebytes. Primary purpose of security software is to protect you from potential threats before they penetrate the system, and for that you should have proactive protection. Think about improving your security software, it is not too expensive, and in any case it is worth it. I also browse some faucets, and it is true most of them have very aggressive advertising and potentially dangerous things, so without adequate protection no user should use such sites / or to use them with device which is not have any crypto wallet. |
|
|
|
Mashfiqun (OP)
Member
Offline
Activity: 100
Merit: 21
|
|
February 24, 2019, 12:29:37 PM |
|
You probably not have such a good antivirus and you only use free version of Malwarebytes. Primary purpose of security software is to protect you from potential threats before they penetrate the system, and for that you should have proactive protection. Think about improving your security software, it is not too expensive, and in any case it is worth it.
Well, sort of. But now I'm considering security seriously. Gonna buy a new premium antivirus. |
|
|
|
|
|
|
crairezx20
Legendary
Offline
Activity: 1638
Merit: 1046
|
|
February 24, 2019, 03:34:22 PM |
|
Some faucets site have auto install script so even you are not clicking any ads the malware or virus will automatically install in your system.
So to avoid getting infected or attack by hackers use an updated antivirus that supports crypto protection like Kaspersky total security.
I never experienced any problem like clipboard virus. I have this virus on my rig miner but I don't use them for transferring bitcoin or any crypto.
It shows clipboard.exe on task manager that is why I restrict the windows when this clipboard.exe running because I don't know how to remove this without waiting too long to scan the rig.
Anyway, I just use my rig for mining and everything there including the bat script is edited from my laptop before I transfer them to the mining rig.
Always make sure that you are using antivirus and you will be fine to protect your self from malware and viruses. Don't use AVG, Avast and McAfee it may lead to more malware and advertisement.
ESET and Kaspersky are the best for me because after you download a file or going to a website if they found suspicious or viruses they will automatically disinfect the file or delete without asking you.
|
|
|
|
|
Velkro
Legendary
Offline
Activity: 2296
Merit: 1014
|
|
February 24, 2019, 07:33:26 PM |
|
Just yesterday I was going to send some bitcoins to my friends address. He gave me his address, I copied it and went to send on my wallet. Suddenly I saw the address my friend gave me started with 3 but the address I pasted to send the transaction started with 1. I then copied other wallet addresses and pasted on notepad. And everytime it was another new address. This was some kind of clipboard hacking.
You infected your PC somehow. Best way to fight this is to reinstall whole operating system you have. Cleaning virus is never 100% precise and you can't be sure it was destroyed completly. Best course of action is to reinstall OS as you mentioned. Learn about computer hygiene for future actions and to not loose ur Bitcoins. |
|
|
|
|
logfiles
Copper Member
Legendary
Offline
Activity: 2156
Merit: 1818
Top Crypto Casino
|
|
February 24, 2019, 08:11:53 PM Merited by vapourminer (1) |
|
My best solution to avoid such type of manipulation is using a Linux operating system which would surely keep you secure from such spammy scripts in the future.
I use Linux too and yes for now it feels safe but that does not mean that someone out there will not consider making malware for Linux too. I think the reason we don't have so many such cases in Linux is because it does not have a big user base as windows so making malware for Linux does not seem profitable and feasible for the hackers. Care always has to be taken care off regardless of the operating system because you never know on which side of the bed the hacker might wake up from one day  Some faucets site have auto install script so even you are not clicking any ads the malware or virus will automatically install in your system.
So to avoid getting infected or attack by hackers use an updated antivirus that supports crypto protection like Kaspersky total security.
Add the NoScript add on to the list. I currently use it in Mozilla Firefox and it blocks all suspicious scripts while you browser through different web pages. The power is in your hands on what script to unblock and which to keep blocked. This can prevent necessary downloading of malware or infection of your web browser without your knowledge. |
|
|
|
Kopyleft
Member
Offline
Activity: 168
Merit: 15
Future of Security Tokens
|
|
February 24, 2019, 08:16:28 PM
Last edit: February 24, 2019, 08:46:36 PM by Kopyleft |
|
Thanks for sharing this information. For safety I clear my clip boards daily and always write down any important information or data I need. I regularly also scan my device for virus or malware. We should all always be security conscious. Especially when dealing with unverified links and apps.
|
|
|
|
EndimyonsDream
Member
Offline
Activity: 209
Merit: 10
|
|
February 24, 2019, 09:28:47 PM |
|
I would also advise to start using the Brave browser, best browser out there in my opinion when it comes to security and protecting yourself.
|
|
|
|
|
emulsifryer
Member
Offline
Activity: 337
Merit: 10
Bet2dream.com
|
|
February 24, 2019, 11:34:54 PM |
|
Just yesterday I was going to send some bitcoins to my friends address. He gave me his address, I copied it and went to send on my wallet. Suddenly I saw the address my friend gave me started with 3 but the address I pasted to send the transaction started with 1. I then copied other wallet addresses and pasted on notepad. And everytime it was another new address. This was some kind of clipboard hacking. Some kind of malware came into my laptop and started to do these. I think using faucets and other nsfw sites might have done this.
I scanned with my antivirus and MalwareBytes and it was resolved. But I wanted more safety so I did a full Windows re-installation.
Always try to avoid faucets with a lot of ads, don't click anything stupid, don't download anything unwanted.
And always double check addresses before sending any transaction.
Peace.
I have also experienced the same thing as what happened to yours. You must double check every time you make transactions because you wouldn't know if the address you were going to send your coins is not really yours. |
|
|
|
|
