Bitcoin Forum
August 20, 2019, 10:57:22 AM *
News: Latest Bitcoin Core release: 0.18.0 [Torrent] (New!)
 
   Home   Help Search Login Register More  
Pages: [1] 2 »  All
  Print  
Author Topic: {WARNING} Cybersecurity vulnerabilities/flaws that may affect you. Up to date.  (Read 397 times)
This is a self-moderated topic. If you do not want to be moderated by the person who started this topic, create a new topic.
iasenko
Hero Member
*****
Offline Offline

Activity: 658
Merit: 1191


WYGIWYD


View Profile WWW
June 26, 2019, 07:00:45 AM
Last edit: August 12, 2019, 11:06:58 AM by iasenko
Merited by suchmoon (4), dbshck (4), DdmrDdmr (2), BitMaxz (1), mjglqw (1), Baofeng (1), rhomelmabini (1)
 #1

There are so many threats out there that are not only in the crypto world, but can be used to steal your coins, so lets put all the warning posts here (and keep the forum tidy).
I'll try to keep the OP updated regularly.


Over 40 Drivers Could Let Hackers Install Persistent Backdoor On Windows PCsnew
Added> 12.08.19

New Malware Replaced Legit Android Apps With Fake Ones On 25 Million Devices
Added> 12.07.19

A New Ransomware Is Targeting Network Attached Storage (NAS) Devices
Added> 11.07.19

Zoom has a flaw that lets a website turn on your Mac's camera without permission
Added> 10.07.19

Over 1,300 Android Apps Caught Collecting Data Even If You Deny Permissions
Added> 10.07.19

"17-Year-Old Weakness in Firefox Let HTML File Steal Other Files From Device"
Added> 05.07.19

Already created topics:
Clipboard Hijacker Malware Monitors 2.3 Million Bitcoin Addresses

WARNING to all DELL users. Security Flaw in Pre-Installed Dell Support Software.

WARNING! to all VLC player users! Stop using VLC and update it now!!

WARNING! Cryptomining Malware Launches Linux VMs On Windows and macOS

PSA: Firefox zero-day exploit used to attack Coinbase. Update Firefox

Malware infected wallets in Github, doublecheck before download, examples here.

Added> 26.06.19
"New Mac Malware Exploits GateKeeper Bypass Bug that Apple Left Unpatched"
Quote
macOS Gatekeeper Bypass Vulnerability

GateKeeper is a security feature built into Apple macOS that enforces code signing and verifies downloaded applications before allowing them to run, helping users protect their systems from malware and other malicious software.

That means, if you download an application from the Internet, GateKeeper will only allow it to execute without any warnings if it has been signed with a valid Apple-issued certificate, otherwise will prompt you to allow or deny the execution.
However, Gatekeeper has been designed to treat both external drives (USB or HDD) and network shares as "safe locations" from where users can run any application without involving GateKeeper's checks and prompts.

Quote
Until Apple patches this issue, researcher advised network administrators to block NFS communications with external IP addresses, and for home users, it is always important to not open email attachments from an unknown, suspicious, or untrustworthy source.
Source.


Added> 27.06.19
"Legit Apps Turned into Spyware' Targeting Android Users in Middle East"

Quote
Cybersecurity researchers are warning about an ongoing Android malware campaign that has been active since 2016 and was first publicly reported in August 2018.
Dubbed "ViceLeaker" by researchers at Kaspersky, the campaign has recently been found targeting Israeli citizens and some other middle eastern countries with a powerful surveillance malware designed to steal almost all accessible information, including call recordings, text messages, photos, videos, and location data—all without users' knowledge.
Quote
According to the researchers, the ViceLeaker attack campaign is still ongoing, and attackers could potentially distribute malicious repackaged versions of legitimate apps through third-party app stores, instant messengers, or attacker-controlled online webpages.
Since such apps masquerade as legitimate or popular apps, Android users are highly recommended to always download apps from trusted sources, like Google Play Store, to prevent themselves from becoming a victim to this attack.
However, you should also not trust every app available on the Play Store. So, always stick to only verified developers to avoid installing malicious apps.

Source

Stay safe!

1566298642
Hero Member
*
Offline Offline

Posts: 1566298642

View Profile Personal Message (Offline)

Ignore
1566298642
Reply with quote  #2

1566298642
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
nakamura12
Full Member
***
Offline Offline

Activity: 546
Merit: 116


★777Coin.com★ Fun BTC Casino!


View Profile
June 28, 2019, 03:37:29 AM
 #2

Is the solution on these flaws by updating it?. Anyway, I don't have any of those mention right now. I used VLC before but seems like they have problems that you'll encounter. Is there any other programs that can affect your cyber security as of now?. Does apple mobile devices can be affected too?.

Stedsm
Legendary
*
Offline Offline

Activity: 1764
Merit: 1117


Piiiii Kaaaaaa Chuuuuuuu


View Profile
June 28, 2019, 07:39:38 AM
 #3

Is the solution on these flaws by updating it?. Anyway, I don't have any of those mention right now. I used VLC before but seems like they have problems that you'll encounter. Is there any other programs that can affect your cyber security as of now?. Does apple mobile devices can be affected too?.

I believe that any device that is connected to the internet and most importantly, gets filled with a lot of apps every now and then (even if it passes the Security measures of Siri), I believe it is still vulnerable to getting hacked and your data stolen.

For you to save your coins in your phone:

- Don't save your keys in it at all.
- Use 2FA and password and never forget it at any cost.
- If you've got email and phone verification to login, I'd still suggest you 2FA over these as emails can be hacked as well as SMSes can also be watched.
- Guard your wallet with a password different than the one you'll use to get into it (like when you tap on that wallet, it should ask for a pattern/password for extra security).

chrisflapton
Newbie
*
Offline Offline

Activity: 2
Merit: 0


View Profile WWW
June 28, 2019, 11:09:13 AM
Last edit: July 01, 2019, 02:22:12 AM by chrisflapton
 #4

There are so many threats out there that are not only in the crypto world, but can be used to steal your coins, so lets put all the warning posts here (and keep the forum tidy).
I'll try to keep the OP updated regularly.


Already created topics:
WARNING to all DELL users. Security Flaw in Pre-Installed Dell Support Software.

WARNING! to all VLC player users! Stop using VLC and update it now!!

WARNING! Cryptomining Malware Launches Linux VMs On Windows and macOS

PSA: Firefox zero-day exploit used to attack Coinbase. Update Firefox

Added> 26.06.19
"New Mac Malware Exploits GateKeeper Bypass Bug that Apple Left Unpatched"
Quote
macOS Gatekeeper Bypass Vulnerability

GateKeeper is a security feature built into Apple macOS that enforces code signing and verifies downloaded applications before allowing them to run, helping users protect their systems from malware and other malicious software.

That means, if you download an application from the Internet, GateKeeper will only allow it to execute without any warnings if it has been signed with a valid Apple-issued certificate, otherwise will prompt you to allow or deny the execution.
However, Gatekeeper has been designed to treat both external drives (USB or HDD) and network shares as "safe locations" from where users can run any application without involving GateKeeper's checks and prompts.

Quote
Until Apple patches this issue, researcher advised network administrators to block NFS communications with external IP addresses, and for home users, it is always important to not open email attachments from an unknown, suspicious, or untrustworthy source.
Source.


Added> 27.06.19
"Legit Apps Turned into Spyware' Targeting Android Users in Middle East"

Quote
Cybersecurity researchers are warning about an ongoing Android malware campaign that has been active since 2016 and was first publicly reported in August 2018.
Dubbed "ViceLeaker" by researchers at Kaspersky, the campaign has recently been found targeting Israeli citizens and some other middle eastern countries with a powerful surveillance malware designed to steal almost all accessible information, including call recordings, text messages, photos, videos, and location data—all without users' knowledge.
Quote
According to the researchers, the ViceLeaker attack campaign is still ongoing, and attackers could potentially distribute malicious repackaged versions of legitimate apps through third-party app stores, instant messengers, or attacker-controlled online webpages.
Since such apps masquerade as legitimate or popular apps, Android users are highly recommended to always download apps from trusted sources, like Google Play Store, to prevent themselves from becoming a victim to this attack.
However, you should also not trust every app available on the Play Store. So, always stick to only verified developers to avoid installing malicious apps.

Source

Stay safe!

Thanks for the warning! I also heard that there's a vulnerability in MyBB is to blame for the leak of personal information.
Hackers accessed data from thousands of members and leaked them online on a hacker forum.

https://socialengineered.net/index.php?threads/data-breach-and-change-of-platform.103346/
added another proof https://brica.de/alerts/alert/public/1264933/socialengineered-forum-hacked-and-data-leaked-online/
Lafu
Legendary
*
Offline Offline

Activity: 1246
Merit: 1126



View Profile
June 28, 2019, 07:30:53 PM
 #5

Maybe you can add this thread to your OP too https://bitcointalk.org/index.php?topic=4601535.0  guess a lot of new users dont know that this can be happen.

And it should be a warning for those that download things and that they should check it a few times before they download and install Software.

Also simple Browser extensions can also have some Malware in it .
Upgrade00
Full Member
***
Offline Offline

Activity: 308
Merit: 124


The Future is now


View Profile WWW
June 28, 2019, 07:36:27 PM
 #6

- Use 2FA and password and never forget it at any cost.

It's also advisable to back up your 2FA account, if you use Google authenticator, or more preferably use authy which automatically creates a back up which can be assesses using your email and password

iasenko
Hero Member
*****
Offline Offline

Activity: 658
Merit: 1191


WYGIWYD


View Profile WWW
June 28, 2019, 07:49:55 PM
 #7

Maybe you can add this thread to your OP too https://bitcointalk.org/index.php?topic=4601535.0  guess a lot of new users dont know that this can be happen.

And it should be a warning for those that download things and that they should check it a few times before they download and install Software.

Also simple Browser extensions can also have some Malware in it .

Done man, good work. I haven't seen your thread before very useful information Smiley BTW if you see any threads that fall under this warning thread, please post them here Smiley

Lafu
Legendary
*
Offline Offline

Activity: 1246
Merit: 1126



View Profile
June 28, 2019, 09:26:47 PM
 #8

I will be try to get me some list and i will post it here because lately the theme Malware and some kind of things getting bigger .
I saw a few topics and threads about that but i have to look where they are and i will post it here for sure .
Stedsm
Legendary
*
Offline Offline

Activity: 1764
Merit: 1117


Piiiii Kaaaaaa Chuuuuuuu


View Profile
June 28, 2019, 10:15:48 PM
 #9

With all the ado going about these vulnerabilities where we are talking mostly about malwares, can someone throw some light on ransomware too which was on everyone's lips as it used to hack the PCs and hackers asking for BTC as extortion money to give back your data? That is one major thing that puts crypto under red light.

iasenko
Hero Member
*****
Offline Offline

Activity: 658
Merit: 1191


WYGIWYD


View Profile WWW
June 28, 2019, 10:37:01 PM
 #10

With all the ado going about these vulnerabilities where we are talking mostly about malwares, can someone throw some light on ransomware too which was on everyone's lips as it used to hack the PCs and hackers asking for BTC as extortion money to give back your data? That is one major thing that puts crypto under red light.

Well, you can live even without antivirus if you follow certain rules, you need to keep good digital hygiene, that includes to be careful which sites you are visiting, how you handle your mail and just the typical common sense kind of things. If you don't open a file you are not sure they are OK, and enable the shadow volume copy, you're going to be fine even with the randsomware.

Lafu
Legendary
*
Offline Offline

Activity: 1246
Merit: 1126



View Profile
June 29, 2019, 12:52:51 PM
 #11

@iasenko

Maybe that is something too for this thread !

Lately a lot of Fake Anns was created with malware downloads on the Wallet download links.
We or some Users know that but as a new Users or Newbies dont know that.

How it works is that they create an Ann for some Coin and it Looks like as a normal download link but in the background is a link hided there are not pointing to github.
It looks like when you see the Link that it is from github but it dosnt take you to there.
It gets you instant an download from a other site and the Wallet is infected with Malware.


I have done an example here how it looks https://bitcointalk.org/index.php?topic=4720640.msg51528662#msg51528662

iasenko
Hero Member
*****
Offline Offline

Activity: 658
Merit: 1191


WYGIWYD


View Profile WWW
July 05, 2019, 07:26:17 AM
 #12

"17-Year-Old Weakness in Firefox Let HTML File Steal Other Files From Device"

Yet another weakness found in the Firefox. Read and beware.

Quote
Except for phishing and scams, downloading an HTML attachment and opening it locally on your browser was never considered as a severe threat until a security researcher today demonstrated a technique that could allow attackers to steal files stored on a victim's computer.

Barak Tawily, an application security researcher, shared his findings with The Hacker News, wherein he successfully developed a new proof-of-concept attack against the latest version of Firefox by leveraging a 17-year-old known issue in the browser.

The attack takes advantage of the way Firefox implements Same Origin Policy (SOP) for the "file://" scheme URI (Uniform Resource Identifiers), which allows any file in a folder on a system to get access to files in the same folder and subfolders.

Here is a video of how it's done > https://www.youtube.com/watch?v=XU223hfXUVY

Source

hatshepsut93
Hero Member
*****
Online Online

Activity: 1246
Merit: 800


Bitcoin realist


View Profile
July 05, 2019, 10:50:43 AM
Merited by iasenko (1)
 #13

"17-Year-Old Weakness in Firefox Let HTML File Steal Other Files From Device"

Sometimes crypto sites, usually wallets, tell their users to download the html page and run it locally - MyEtherWallet does this, if I remember correctly. With this bug now revealed, users should no longer rely on the fact that browsers are sandboxed and can't harm their machine. Like with any other software, people should verify that they get HTML files from the real developers, and that developers have some established reputation and not just nonames that popped up yesterday.

Lafu
Legendary
*
Offline Offline

Activity: 1246
Merit: 1126



View Profile
July 05, 2019, 08:55:48 PM
 #14

With the software Sandboxie you can run your browser also in sandboxed mode and if there is some program or other software that would be try to doing something it cant !
You also have an log file there where you can look when something happend .

With the wallets i has got that some years ago , i guess it was the dinar wallet , installed and 3 Minutes all my accounts and things was hacked even some BTC stolen !
And that was changed my mind and looking before i install or use some software !
Baofeng
Hero Member
*****
Offline Offline

Activity: 868
Merit: 519


View Profile
July 09, 2019, 01:04:02 PM
Merited by iasenko (1)
 #15

Maybe you can add this as well to the list,

Over 1,300 Android Apps Caught Collecting Data Even If You Deny Permissions

Quote
"Apps can circumvent the permission model and gain access to protected data without user consent by using both covert and side channels," the researchers wrote.
"These channels occur when there is an alternate means to access the protected resource that is not audited by the security mechanism, thus leaving the resource unprotected."

I recently posted this personal experience in relation to the above article: Smishing and how not to fall for it

..bustadice..         ▄▄████████████▄▄
     ▄▄████████▀▀▀▀████████▄▄
   ▄███████████    ███████████▄
  █████    ████▄▄▄▄████    █████
 ██████    ████████▀▀██    ██████
██████████████████   █████████████
█████████████████▌  ▐█████████████
███    ██████████   ███████    ███
███    ████████▀   ▐███████    ███
██████████████      ██████████████
██████████████      ██████████████
 ██████████████▄▄▄▄██████████████
  ▀████████████████████████████▀
                     ▄▄███████▄▄
                  ▄███████████████▄
   ███████████  ▄████▀▀       ▀▀████▄
               ████▀      ██     ▀████
 ███████████  ████        ██       ████
             ████         ██        ████
███████████  ████     ▄▄▄▄██        ████
             ████     ▀▀▀▀▀▀        ████
 ███████████  ████                 ████
               ████▄             ▄████
   ███████████  ▀████▄▄       ▄▄████▀
                  ▀███████████████▀
                     ▀▀███████▀▀
           ▄██▄
           ████
            ██
            ▀▀
 ▄██████████████████████▄
██████▀▀██████████▀▀██████
█████    ████████    █████
█████▄  ▄████████▄  ▄█████
██████████████████████████
██████████████████████████
    ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
    ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
       ████████████
......Play......
iasenko
Hero Member
*****
Offline Offline

Activity: 658
Merit: 1191


WYGIWYD


View Profile WWW
July 10, 2019, 06:29:48 AM
 #16

@Baofeng, I added your one today.

Warning to all Mac users using Zoom. Zoom has a flaw that lets a website turn on your Mac's camera without permission

Quote
Video conferencing app Zoom has a major security flaw in its Mac client, letting any website turn on your Mac's camera without a warning, security researcher Jonathan Leitschuh claims.

In a blog post Monday, Leitschuh detailed the vulnerability, which he says he'd disclosed to Zoom more than 90 days ago, and the company still hasn't fixed it
source

Baofeng
Hero Member
*****
Offline Offline

Activity: 868
Merit: 519


View Profile
July 11, 2019, 10:46:21 AM
 #17

A New Ransomware Is Targeting Network Attached Storage (NAS) Devices

Quote
A new ransomware family has been found targeting Linux-based Network Attached Storage (NAS) devices made by Taiwan-based QNAP Systems and holding users' important data hostage until a ransom is paid, researchers told The Hacker News.
Ideal for home and small business, NAS devices are dedicated file storage units connected to a network or through the Internet, which allow users to store and share their data and backups with multiple computers.

Not using it, but for those who have installed it in their home and small business, just be careful and your system might be compromise, specially if you have like a wallet backup or some personal data in it.

..bustadice..         ▄▄████████████▄▄
     ▄▄████████▀▀▀▀████████▄▄
   ▄███████████    ███████████▄
  █████    ████▄▄▄▄████    █████
 ██████    ████████▀▀██    ██████
██████████████████   █████████████
█████████████████▌  ▐█████████████
███    ██████████   ███████    ███
███    ████████▀   ▐███████    ███
██████████████      ██████████████
██████████████      ██████████████
 ██████████████▄▄▄▄██████████████
  ▀████████████████████████████▀
                     ▄▄███████▄▄
                  ▄███████████████▄
   ███████████  ▄████▀▀       ▀▀████▄
               ████▀      ██     ▀████
 ███████████  ████        ██       ████
             ████         ██        ████
███████████  ████     ▄▄▄▄██        ████
             ████     ▀▀▀▀▀▀        ████
 ███████████  ████                 ████
               ████▄             ▄████
   ███████████  ▀████▄▄       ▄▄████▀
                  ▀███████████████▀
                     ▀▀███████▀▀
           ▄██▄
           ████
            ██
            ▀▀
 ▄██████████████████████▄
██████▀▀██████████▀▀██████
█████    ████████    █████
█████▄  ▄████████▄  ▄█████
██████████████████████████
██████████████████████████
    ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
    ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
       ████████████
......Play......
iasenko
Hero Member
*****
Offline Offline

Activity: 658
Merit: 1191


WYGIWYD


View Profile WWW
July 11, 2019, 12:11:09 PM
 #18

A New Ransomware Is Targeting Network Attached Storage (NAS) Devices

Quote
A new ransomware family has been found targeting Linux-based Network Attached Storage (NAS) devices made by Taiwan-based QNAP Systems and holding users' important data hostage until a ransom is paid, researchers told The Hacker News.
Ideal for home and small business, NAS devices are dedicated file storage units connected to a network or through the Internet, which allow users to store and share their data and backups with multiple computers.

Not using it, but for those who have installed it in their home and small business, just be careful and your system might be compromise, specially if you have like a wallet backup or some personal data in it.

Good, I've updated the OP. No need to be only crypto related threat, I'm not sure if anyone would keep their private keys or backups on device with access to internet or the local network.

iasenko
Hero Member
*****
Offline Offline

Activity: 658
Merit: 1191


WYGIWYD


View Profile WWW
July 27, 2019, 07:10:03 PM
 #19

If you are using Libre Office you should be very careful about what files you are opening.
Just Opening A Document in LibreOffice Can Hack Your Computer (Unpatched)


Quote
You should be extra careful about what document files you open using the LibreOffice software over the next few days.
That's because LibreOffice contains a severe unpatched code execution vulnerability that could sneak malware into your system as soon as you open a maliciously-crafted document file.

There is no fix yet but in the next few days the LibreOffice team will come out with an patch. Until then stay away from any suspicious files.

OasisDre
Jr. Member
*
Offline Offline

Activity: 56
Merit: 2


View Profile
July 28, 2019, 06:06:08 AM
 #20

Damn its like the internet is not safe anymore,how can a data leaking bug lives in a browser for years and just get detected now??unbelievable

BITWINGS - Guaranteed worth $0.20
Minephone - First smartphone that produces up to 2 ETH/month (http://minephone.bitwings.org)
Pages: [1] 2 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!