Bitcoin Forum
November 09, 2024, 02:35:55 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1] 2 »  All
  Print  
Author Topic: {WARNING} Cybersecurity vulnerabilities/flaws: Ledger exploit (10.08.20).  (Read 687 times)
This is a self-moderated topic. If you do not want to be moderated by the person who started this topic, create a new topic. (1 post by 1+ user deleted.)
TheBeardedBaby (OP)
Legendary
*
Offline Offline

Activity: 2240
Merit: 3150


₿uy / $ell ..oeleo ;(


View Profile
June 26, 2019, 07:00:45 AM
Last edit: August 10, 2020, 10:46:51 AM by TheBeardedBaby
Merited by suchmoon (4), dbshck (4), vapourminer (3), Avirunes (2), DdmrDdmr (2), BitMaxz (1), Lucius (1), mk4 (1), Baofeng (1), dkbit98 (1), rhomelmabini (1), OcTradism (1)
 #1

There are so many threats out there that are not only in the crypto world, but can be used to steal your coins, so lets put all the warning posts here (and keep the forum tidy).
I'll try to keep the OP updated regularly.



Ledger exploit makes you spend Bitcoin instead of altcoins.new
Added> 10.08.20

Sudo Bug Lets Non-Privileged Linux and macOS Users Run Commands as Root
Added> 04.02.20

New Chrome 0-day Bug Under Active Attacks – Update Your Browser Now!
Added> 01.11.19

iOS 13 Bug Lets 3rd-Party Keyboards Gain 'Full Access' — Even When You Deny
Added> 27.09.19

NetCAT: New Attack Lets Hackers Remotely Steal Data From Intel CPUs
Added> 11.09.19

Over 40 Drivers Could Let Hackers Install Persistent Backdoor On Windows PCs
Added> 12.08.19

New Malware Replaced Legit Android Apps With Fake Ones On 25 Million Devices
Added> 12.07.19

A New Ransomware Is Targeting Network Attached Storage (NAS) Devices
Added> 11.07.19

Zoom has a flaw that lets a website turn on your Mac's camera without permission
Added> 10.07.19

Over 1,300 Android Apps Caught Collecting Data Even If You Deny Permissions
Added> 10.07.19

"17-Year-Old Weakness in Firefox Let HTML File Steal Other Files From Device"
Added> 05.07.19

Already created topics:
Clipboard Hijacker Malware Monitors 2.3 Million Bitcoin Addresses

WARNING to all DELL users. Security Flaw in Pre-Installed Dell Support Software.

WARNING! to all VLC player users! Stop using VLC and update it now!!

WARNING! Cryptomining Malware Launches Linux VMs On Windows and macOS

PSA: Firefox zero-day exploit used to attack Coinbase. Update Firefox

Malware infected wallets in Github, doublecheck before download, examples here.

Added> 26.06.19
"New Mac Malware Exploits GateKeeper Bypass Bug that Apple Left Unpatched"
Quote
macOS Gatekeeper Bypass Vulnerability

GateKeeper is a security feature built into Apple macOS that enforces code signing and verifies downloaded applications before allowing them to run, helping users protect their systems from malware and other malicious software.

That means, if you download an application from the Internet, GateKeeper will only allow it to execute without any warnings if it has been signed with a valid Apple-issued certificate, otherwise will prompt you to allow or deny the execution.
However, Gatekeeper has been designed to treat both external drives (USB or HDD) and network shares as "safe locations" from where users can run any application without involving GateKeeper's checks and prompts.

Quote
Until Apple patches this issue, researcher advised network administrators to block NFS communications with external IP addresses, and for home users, it is always important to not open email attachments from an unknown, suspicious, or untrustworthy source.
Source.


Added> 27.06.19
"Legit Apps Turned into Spyware' Targeting Android Users in Middle East"

Quote
Cybersecurity researchers are warning about an ongoing Android malware campaign that has been active since 2016 and was first publicly reported in August 2018.
Dubbed "ViceLeaker" by researchers at Kaspersky, the campaign has recently been found targeting Israeli citizens and some other middle eastern countries with a powerful surveillance malware designed to steal almost all accessible information, including call recordings, text messages, photos, videos, and location data—all without users' knowledge.
Quote
According to the researchers, the ViceLeaker attack campaign is still ongoing, and attackers could potentially distribute malicious repackaged versions of legitimate apps through third-party app stores, instant messengers, or attacker-controlled online webpages.
Since such apps masquerade as legitimate or popular apps, Android users are highly recommended to always download apps from trusted sources, like Google Play Store, to prevent themselves from becoming a victim to this attack.
However, you should also not trust every app available on the Play Store. So, always stick to only verified developers to avoid installing malicious apps.

Source

Stay safe!

nakamura12
Hero Member
*****
Offline Offline

Activity: 2450
Merit: 682


drop me a dm if interested to rent my PT


View Profile
June 28, 2019, 03:37:29 AM
 #2

Is the solution on these flaws by updating it?. Anyway, I don't have any of those mention right now. I used VLC before but seems like they have problems that you'll encounter. Is there any other programs that can affect your cyber security as of now?. Does apple mobile devices can be affected too?.

Stedsm
Legendary
*
Offline Offline

Activity: 3052
Merit: 1273



View Profile
June 28, 2019, 07:39:38 AM
 #3

Is the solution on these flaws by updating it?. Anyway, I don't have any of those mention right now. I used VLC before but seems like they have problems that you'll encounter. Is there any other programs that can affect your cyber security as of now?. Does apple mobile devices can be affected too?.

I believe that any device that is connected to the internet and most importantly, gets filled with a lot of apps every now and then (even if it passes the Security measures of Siri), I believe it is still vulnerable to getting hacked and your data stolen.

For you to save your coins in your phone:

- Don't save your keys in it at all.
- Use 2FA and password and never forget it at any cost.
- If you've got email and phone verification to login, I'd still suggest you 2FA over these as emails can be hacked as well as SMSes can also be watched.
- Guard your wallet with a password different than the one you'll use to get into it (like when you tap on that wallet, it should ask for a pattern/password for extra security).

██████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
██████████████████████
.SHUFFLE.COM..███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
█████████████████████
████████████████████
██████████████████████
████████████████████
██████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
██████████████████████
██████████████████████
██████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
.
...Next Generation Crypto Casino...
Lafu
Legendary
*
Offline Offline

Activity: 3150
Merit: 3226



View Profile
June 28, 2019, 07:30:53 PM
 #4

Maybe you can add this thread to your OP too https://bitcointalk.org/index.php?topic=4601535.0  guess a lot of new users dont know that this can be happen.

And it should be a warning for those that download things and that they should check it a few times before they download and install Software.

Also simple Browser extensions can also have some Malware in it .

Upgrade00
Legendary
*
Offline Offline

Activity: 2212
Merit: 2368


Playgram - The Telegram Casino


View Profile WWW
June 28, 2019, 07:36:27 PM
 #5

- Use 2FA and password and never forget it at any cost.

It's also advisable to back up your 2FA account, if you use Google authenticator, or more preferably use authy which automatically creates a back up which can be assesses using your email and password

▄▄███████▄▄███████
▄███████████████▄▄▄▄▄
▄████████████████████▀░
▄█████████████████████▄░
▄█████████▀▀████████████▄
██████████████▀▀█████████
████████████████████████
██████████████▄▄█████████
▀█████████▄▄████████████▀
▀█████████████████████▀░
▀████████████████████▄░
▀███████████████▀▀▀▀▀
▀▀███████▀▀███████

▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
 
Playgram.io
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀

▄▄▄░░
▀▄







▄▀
▀▀▀░░
▄▄▄███████▄▄▄
▄▄███████████████▄▄
▄███████████████████▄
▄██████████████▀▀█████▄
▄██████████▀▀█████▐████▄
██████▀▀████▄▄▀▀█████████
████▄▄███▄██▀█████▐██████
█████████▀██████████████
▀███████▌▐██████▐██████▀
▀███████▄▄███▄████████▀
▀███████████████████▀
▀▀███████████████▀▀
▀▀▀███████▀▀▀
██████▄▄███████▄▄████████
███▄███████████████▄░░▀█▀
███████████░█████████░░
░█████▀██▄▄░▄▄██▀█████░
█████▄░▄███▄███▄░▄█████
███████████████████████
███████████████████████
██░▄▄▄░██░▄▄▄░██░▄▄▄░██
██░░░░██░░░░██░░░░████
██░░░░██░░░░██░░░░████
██▄▄▄▄▄██▄▄▄▄▄██▄▄▄▄▄████
███████████████████████
███████████████████████
 
PLAY NOW

on Telegram
[/
TheBeardedBaby (OP)
Legendary
*
Offline Offline

Activity: 2240
Merit: 3150


₿uy / $ell ..oeleo ;(


View Profile
June 28, 2019, 07:49:55 PM
 #6

Maybe you can add this thread to your OP too https://bitcointalk.org/index.php?topic=4601535.0  guess a lot of new users dont know that this can be happen.

And it should be a warning for those that download things and that they should check it a few times before they download and install Software.

Also simple Browser extensions can also have some Malware in it .

Done man, good work. I haven't seen your thread before very useful information Smiley BTW if you see any threads that fall under this warning thread, please post them here Smiley

Lafu
Legendary
*
Offline Offline

Activity: 3150
Merit: 3226



View Profile
June 28, 2019, 09:26:47 PM
 #7

I will be try to get me some list and i will post it here because lately the theme Malware and some kind of things getting bigger .
I saw a few topics and threads about that but i have to look where they are and i will post it here for sure .

Stedsm
Legendary
*
Offline Offline

Activity: 3052
Merit: 1273



View Profile
June 28, 2019, 10:15:48 PM
 #8

With all the ado going about these vulnerabilities where we are talking mostly about malwares, can someone throw some light on ransomware too which was on everyone's lips as it used to hack the PCs and hackers asking for BTC as extortion money to give back your data? That is one major thing that puts crypto under red light.

██████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
██████████████████████
.SHUFFLE.COM..███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
█████████████████████
████████████████████
██████████████████████
████████████████████
██████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
██████████████████████
██████████████████████
██████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
.
...Next Generation Crypto Casino...
TheBeardedBaby (OP)
Legendary
*
Offline Offline

Activity: 2240
Merit: 3150


₿uy / $ell ..oeleo ;(


View Profile
June 28, 2019, 10:37:01 PM
 #9

With all the ado going about these vulnerabilities where we are talking mostly about malwares, can someone throw some light on ransomware too which was on everyone's lips as it used to hack the PCs and hackers asking for BTC as extortion money to give back your data? That is one major thing that puts crypto under red light.

Well, you can live even without antivirus if you follow certain rules, you need to keep good digital hygiene, that includes to be careful which sites you are visiting, how you handle your mail and just the typical common sense kind of things. If you don't open a file you are not sure they are OK, and enable the shadow volume copy, you're going to be fine even with the randsomware.

Lafu
Legendary
*
Offline Offline

Activity: 3150
Merit: 3226



View Profile
June 29, 2019, 12:52:51 PM
 #10

@iasenko

Maybe that is something too for this thread !

Lately a lot of Fake Anns was created with malware downloads on the Wallet download links.
We or some Users know that but as a new Users or Newbies dont know that.

How it works is that they create an Ann for some Coin and it Looks like as a normal download link but in the background is a link hided there are not pointing to github.
It looks like when you see the Link that it is from github but it dosnt take you to there.
It gets you instant an download from a other site and the Wallet is infected with Malware.


I have done an example here how it looks https://bitcointalk.org/index.php?topic=4720640.msg51528662#msg51528662


TheBeardedBaby (OP)
Legendary
*
Offline Offline

Activity: 2240
Merit: 3150


₿uy / $ell ..oeleo ;(


View Profile
July 05, 2019, 07:26:17 AM
 #11

"17-Year-Old Weakness in Firefox Let HTML File Steal Other Files From Device"

Yet another weakness found in the Firefox. Read and beware.

Quote
Except for phishing and scams, downloading an HTML attachment and opening it locally on your browser was never considered as a severe threat until a security researcher today demonstrated a technique that could allow attackers to steal files stored on a victim's computer.

Barak Tawily, an application security researcher, shared his findings with The Hacker News, wherein he successfully developed a new proof-of-concept attack against the latest version of Firefox by leveraging a 17-year-old known issue in the browser.

The attack takes advantage of the way Firefox implements Same Origin Policy (SOP) for the "file://" scheme URI (Uniform Resource Identifiers), which allows any file in a folder on a system to get access to files in the same folder and subfolders.

Here is a video of how it's done > https://www.youtube.com/watch?v=XU223hfXUVY

Source

hatshepsut93
Legendary
*
Offline Offline

Activity: 3038
Merit: 2161


View Profile
July 05, 2019, 10:50:43 AM
Merited by TheBeardedBaby (1)
 #12

"17-Year-Old Weakness in Firefox Let HTML File Steal Other Files From Device"

Sometimes crypto sites, usually wallets, tell their users to download the html page and run it locally - MyEtherWallet does this, if I remember correctly. With this bug now revealed, users should no longer rely on the fact that browsers are sandboxed and can't harm their machine. Like with any other software, people should verify that they get HTML files from the real developers, and that developers have some established reputation and not just nonames that popped up yesterday.
Lafu
Legendary
*
Offline Offline

Activity: 3150
Merit: 3226



View Profile
July 05, 2019, 08:55:48 PM
 #13

With the software Sandboxie you can run your browser also in sandboxed mode and if there is some program or other software that would be try to doing something it cant !
You also have an log file there where you can look when something happend .

With the wallets i has got that some years ago , i guess it was the dinar wallet , installed and 3 Minutes all my accounts and things was hacked even some BTC stolen !
And that was changed my mind and looking before i install or use some software !

Baofeng
Legendary
*
Offline Offline

Activity: 2772
Merit: 1680



View Profile
July 09, 2019, 01:04:02 PM
Merited by TheBeardedBaby (1)
 #14

Maybe you can add this as well to the list,

Over 1,300 Android Apps Caught Collecting Data Even If You Deny Permissions

Quote
"Apps can circumvent the permission model and gain access to protected data without user consent by using both covert and side channels," the researchers wrote.
"These channels occur when there is an alternate means to access the protected resource that is not audited by the security mechanism, thus leaving the resource unprotected."

I recently posted this personal experience in relation to the above article: Smishing and how not to fall for it

 
 RAZED  
███████▄▄▄████▄▄▄▄
████▄███████████████
██▄██████▀▀████▀▀█████▄
████
██████████████
▄████████▄████████████▄
████████▀███████████▄
██████████████▐█▄█▀████████
▀████████████▌▐█▀██████████
▀███████████▌▀████████████
█████████▄▄▄
█████▄▄██████
████████████████████████
█████▀█████████████████▀
██████████████
▄▄███████▄▄
▄███████████████
▄███████████████████▄
█████████████████████▄
▄███████████████████████▄
████████████████████████
█████████████████████████
██████████████████████
▀█████
█████████████████▀
▀█
████████████████████▀
▀█████
█████████████
▀███████████████▀
█████████
 
RAZED ORIGINALS
SLOTS & LIVE CASINO
SPORTSBOOK
|
 NO 
KYC
 
 RAZE THE LIMITS   PLAY NOW 
TheBeardedBaby (OP)
Legendary
*
Offline Offline

Activity: 2240
Merit: 3150


₿uy / $ell ..oeleo ;(


View Profile
July 10, 2019, 06:29:48 AM
 #15

@Baofeng, I added your one today.

Warning to all Mac users using Zoom. Zoom has a flaw that lets a website turn on your Mac's camera without permission

Quote
Video conferencing app Zoom has a major security flaw in its Mac client, letting any website turn on your Mac's camera without a warning, security researcher Jonathan Leitschuh claims.

In a blog post Monday, Leitschuh detailed the vulnerability, which he says he'd disclosed to Zoom more than 90 days ago, and the company still hasn't fixed it
source

Baofeng
Legendary
*
Offline Offline

Activity: 2772
Merit: 1680



View Profile
July 11, 2019, 10:46:21 AM
 #16

A New Ransomware Is Targeting Network Attached Storage (NAS) Devices

Quote
A new ransomware family has been found targeting Linux-based Network Attached Storage (NAS) devices made by Taiwan-based QNAP Systems and holding users' important data hostage until a ransom is paid, researchers told The Hacker News.
Ideal for home and small business, NAS devices are dedicated file storage units connected to a network or through the Internet, which allow users to store and share their data and backups with multiple computers.

Not using it, but for those who have installed it in their home and small business, just be careful and your system might be compromise, specially if you have like a wallet backup or some personal data in it.

 
 RAZED  
███████▄▄▄████▄▄▄▄
████▄███████████████
██▄██████▀▀████▀▀█████▄
████
██████████████
▄████████▄████████████▄
████████▀███████████▄
██████████████▐█▄█▀████████
▀████████████▌▐█▀██████████
▀███████████▌▀████████████
█████████▄▄▄
█████▄▄██████
████████████████████████
█████▀█████████████████▀
██████████████
▄▄███████▄▄
▄███████████████
▄███████████████████▄
█████████████████████▄
▄███████████████████████▄
████████████████████████
█████████████████████████
██████████████████████
▀█████
█████████████████▀
▀█
████████████████████▀
▀█████
█████████████
▀███████████████▀
█████████
 
RAZED ORIGINALS
SLOTS & LIVE CASINO
SPORTSBOOK
|
 NO 
KYC
 
 RAZE THE LIMITS   PLAY NOW 
TheBeardedBaby (OP)
Legendary
*
Offline Offline

Activity: 2240
Merit: 3150


₿uy / $ell ..oeleo ;(


View Profile
July 11, 2019, 12:11:09 PM
 #17

A New Ransomware Is Targeting Network Attached Storage (NAS) Devices

Quote
A new ransomware family has been found targeting Linux-based Network Attached Storage (NAS) devices made by Taiwan-based QNAP Systems and holding users' important data hostage until a ransom is paid, researchers told The Hacker News.
Ideal for home and small business, NAS devices are dedicated file storage units connected to a network or through the Internet, which allow users to store and share their data and backups with multiple computers.

Not using it, but for those who have installed it in their home and small business, just be careful and your system might be compromise, specially if you have like a wallet backup or some personal data in it.

Good, I've updated the OP. No need to be only crypto related threat, I'm not sure if anyone would keep their private keys or backups on device with access to internet or the local network.

TheBeardedBaby (OP)
Legendary
*
Offline Offline

Activity: 2240
Merit: 3150


₿uy / $ell ..oeleo ;(


View Profile
July 27, 2019, 07:10:03 PM
 #18

If you are using Libre Office you should be very careful about what files you are opening.
Just Opening A Document in LibreOffice Can Hack Your Computer (Unpatched)


Quote
You should be extra careful about what document files you open using the LibreOffice software over the next few days.
That's because LibreOffice contains a severe unpatched code execution vulnerability that could sneak malware into your system as soon as you open a maliciously-crafted document file.

There is no fix yet but in the next few days the LibreOffice team will come out with an patch. Until then stay away from any suspicious files.

OasisDre
Member
**
Offline Offline

Activity: 532
Merit: 41


View Profile
July 28, 2019, 06:06:08 AM
 #19

Damn its like the internet is not safe anymore,how can a data leaking bug lives in a browser for years and just get detected now??unbelievable

▬▬▬▬▬▬▌   Vulcan Forged    ▐▬▬▬▬▬▬
▬▬▬▬▬▬▌    Telegram   ▌    Discord      ▌     Twitter      ▐▬▬▬▬▬▬
▬▬▬▬▬▬▬▬▬▬▬▬▬▬   DISCOVER   ▬▬▬▬▬▬▬▬▬▬▬▬▬▬
Baofeng
Legendary
*
Offline Offline

Activity: 2772
Merit: 1680



View Profile
July 29, 2019, 06:36:34 AM
 #20

Robinhood Brokerage Firm Alerts of Passwords Stored in Clear Text

Quote
The Robinhood stock trading site is alerting users that passwords were stored in their system in human readable format, otherwise known as clear text. While no foul play was detected, this could have allowed employees or unauthorized users to view an account's password.

Any site that stores passwords should only do so in an encrypted manner and not store them in a clear text format. If stored in clear text, the passwords are insecure as employees could potentially see an account's passwords and attackers could access them in the event of a breach.

In an email shared with BleepingComputer, Robinhood is alerting affected users that "an issue" caused their passwords to be stored in a clear text. This issue was discovered Monday night and has since been resolved, but Robinhood is suggesting users reset their passwords to be safe.

I'm sure some of you are famiiar with Robinhood since they've just open up their crypto trading. So for those who have an account on that platform, you need to update your password as not to risk your account.

 
 RAZED  
███████▄▄▄████▄▄▄▄
████▄███████████████
██▄██████▀▀████▀▀█████▄
████
██████████████
▄████████▄████████████▄
████████▀███████████▄
██████████████▐█▄█▀████████
▀████████████▌▐█▀██████████
▀███████████▌▀████████████
█████████▄▄▄
█████▄▄██████
████████████████████████
█████▀█████████████████▀
██████████████
▄▄███████▄▄
▄███████████████
▄███████████████████▄
█████████████████████▄
▄███████████████████████▄
████████████████████████
█████████████████████████
██████████████████████
▀█████
█████████████████▀
▀█
████████████████████▀
▀█████
█████████████
▀███████████████▀
█████████
 
RAZED ORIGINALS
SLOTS & LIVE CASINO
SPORTSBOOK
|
 NO 
KYC
 
 RAZE THE LIMITS   PLAY NOW 
Pages: [1] 2 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!