Bitcoin Forum
November 19, 2024, 09:35:35 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1] 2 »  All
  Print  
Author Topic: Crypto at Risk Due to Malware  (Read 443 times)
Joshonwill (OP)
Jr. Member
*
Offline Offline

Activity: 51
Merit: 1


View Profile
October 01, 2019, 11:38:17 AM
Merited by boltz (1)
 #1


The Juniper Threat Labs group says “Masad Stealer sends the majority of the data it gathers [through] a Telegram bot constrained by the risk on-screen character.” This new malware targets Bitcoin, Monero (XMR), Cardano (ADA), Ether (ETH), (DASH), XRP, Litecoin (LTC) and such different cryptographic forms of cryptocurrencies.

So as to comprehend the gravity of the risk, process this reality: A location associated with ‘Masad Clipper and Stealer’ has gathered Bitcoin worth more than $9000 till date. The malware is being promoted on hacking discussions. It is really being sold through a layered methodology. It begins with a free form and it tends to be moved up to one with all highlights for $85.

News Source: TheCoinRepublic
ichai
Member
**
Offline Offline

Activity: 445
Merit: 10

Worlds Simplest Cryptocurrency Wallet


View Profile
October 01, 2019, 11:43:10 AM
 #2

Does this mean all coins will be hacked if we use Telegram's services or provide information to them?
I currently use the fluctuation notification service in the MEW wallet and currently notify when an email arrives. So can they access my wallets and my email data?

▂▂▂▂▂▂▂▂▂▂▂▂▂▃▅▆█ L E A D █▆▅▃▂▂▂▂▂▂▂▂▂▂▂▂
World's Simplest and Safest Decentralized Cryptocurrency Wallet!
▬▬▬▬▬▬▬ • STORE • SEND • SPEND • SWAP • STAKE • ▬▬▬▬▬▬
bitmover
Legendary
*
Offline Offline

Activity: 2492
Merit: 6323


bitcoindata.science


View Profile WWW
October 01, 2019, 12:30:51 PM
Merited by Herbert2020 (1)
 #3

This is an old phising attempt..... It is a malware that replace your clipboard with the attackers address.

Quote
It may be an upgraded version or a direct predecessor. It is developed using Autoit scripts and then compiled as a Windows executable. The team explained that it automatically replaces crypto wallet address that has been copied to the clipboard with its own addresses.
https://www.thecoinrepublic.com/alert-cryptocurrencies-at-risk-due-to-new-malware/

This is nothing new, and also one can easily avoid it. Just look at the address you copied and pasted. A simple double check is enough to avoid this attack. Everyone should always double check the address you are transferring your coins.

vanya.pronin.1983
Member
**
Offline Offline

Activity: 378
Merit: 10


View Profile
October 01, 2019, 05:31:04 PM
 #4

Just be careful and install and anti virus software on your PC. Besides, I thought that Telegram is the best secured chat that cares about your security. I do not know if something has changed, but never experienced any problems with TG.
aces777
Sr. Member
****
Offline Offline

Activity: 686
Merit: 250



View Profile
October 01, 2019, 07:30:40 PM
 #5

This like things have been ongoing. It is actually nothing new, and not so much to be worried about. Just be careful, and you might need to install an antivirus as well. Also always ensure you check at least twice your address, before making any transaction. We can never be too security conscious. This is very key in this field, to avoid being scammed, or making losses.

▄▄▄▄███████▄▄▄▄        ▄▄▄▄███████▄▄▄▄        ▄▄▄▄███████▄▄▄▄
▄▄█████████████████▄▄  ▄▄█████████████████▄▄  ▄▄█████████████████▄▄
▄█████████████████████▄▄█████████████████████▄▄█████████████████████▄
██████████▀▀  █████████████████▀      ▀████████████████▀      ▀████████
▄█████████     ████████████████   ▄██▄   ██████████████   ▄██▄   ███████▄
████████████   ███████████████████████   ████████████████████▀   ████████
████████████   █████████████████████▀   ▄██████████████████     █████████
████████████   ███████████████████▀   ▄██████████████████████▄   ████████
▀███████████   █████████████████▀   ▄██████████████████   ▀██▀   ███████▀
███████████   ████████████████          ███████████████▄      ▄████████
▀█████████████████████▀▀█████████████████████▀▀█████████████████████▀
▀▀█████████████████▀▀  ▀▀█████████████████▀▀  ▀▀█████████████████▀▀
▀▀▀▀███████▀▀▀▀        ▀▀▀▀███████▀▀▀▀        ▀▀▀▀███████▀▀▀▀
swapSwap, Earn, Bridge, Mint Crypto
& NFT in Multiple Chains
.
Furryball
Member
**
Offline Offline

Activity: 490
Merit: 19


View Profile
October 01, 2019, 07:44:05 PM
 #6


The Juniper Threat Labs group says “Masad Stealer sends the majority of the data it gathers [through] a Telegram bot constrained by the risk on-screen character.” This new malware targets Bitcoin, Monero (XMR), Cardano (ADA), Ether (ETH), (DASH), XRP, Litecoin (LTC) and such different cryptographic forms of cryptocurrencies.

So as to comprehend the gravity of the risk, process this reality: A location associated with ‘Masad Clipper and Stealer’ has gathered Bitcoin worth more than $9000 till date. The malware is being promoted on hacking discussions. It is really being sold through a layered methodology. It begins with a free form and it tends to be moved up to one with all highlights for $85.

News Source: TheCoinRepublic
This is not a new news at all and i have heard about this malware for some time now, this malware is capable of swapping your own address in your clipboards to the hackers address, only those who aren't careful will fall victim for this

▬▬▬▬▬▬▌   Vulcan Forged    ▐▬▬▬▬▬▬
▬▬▬▬▬▬▌    Telegram   ▌    Discord      ▌     Twitter      ▐▬▬▬▬▬▬
▬▬▬▬▬▬▬▬▬▬▬▬▬▬   DISCOVER   ▬▬▬▬▬▬▬▬▬▬▬▬▬▬
cytpoway121
Member
**
Offline Offline

Activity: 1540
Merit: 68


View Profile
October 01, 2019, 07:46:48 PM
 #7

I do not think crypto is at risk
There are malware everywhere in all technologies and it’s not limited to crypto

Just get your pc and mobile phones protected; avoid phishing links too
rocku12345
Hero Member
*****
Offline Offline

Activity: 882
Merit: 518


View Profile
October 01, 2019, 08:27:40 PM
 #8

Just recently, many users have suffered to online miners, but today there is a new level of threats. My father recently suffered because of his carelessness in storing seed phrases. Hackers stole a large sum of crypto and I do not exclude that it was just the aforementioned virus-stealer.
Does this mean all coins will be hacked if we use Telegram's services or provide information to them?
I currently use the fluctuation notification service in the MEW wallet and currently notify when an email arrives. So can they access my wallets and my email data?
Some browser extensions may also be dangerous for your cash asset. I have removed all unnecessary from my Chrome few years ago, my calm is more important than any extra convenience  Wink Currently I use Ubuntu because it has a higher level of protection from some types of internet attacks.
leowonderful
Legendary
*
Offline Offline

Activity: 1624
Merit: 1130


Bitcoin FTW!


View Profile
October 01, 2019, 09:02:12 PM
 #9

If you're using common sense and you're not downloading suspicious applications and making sure you're getting software from the original source or a trusted source (VERY important), you'll be at minimal risk for malware getting into your computer. Some Chrome extensions occasionally get hijacked through various methods as well (or are outright scams), so for security's sake, make sure you're using as few extensions as possible if you like using Chrome. It might be more convenient to use tons of extensions, but you're also increasing the number of vectors in which your computer could be compromised through.

Might be a good idea to turn off running Javascript in Chrome or whatever browser(s) you choose to use as well.
Bananington
Sr. Member
****
Offline Offline

Activity: 1470
Merit: 428



View Profile
October 01, 2019, 09:08:46 PM
 #10

Firstly, thanks for the security alert since it's essential even though some of us are aware of this. The Masad Clipper and Stealer which is a Trojan virus is not really a big deal if you stick to your inbuilt keyboard most especially, from my findings. I'll always advise everyone to do proper crosscheck of address you are sending crypto to, in order to avoid sad stories. If you notice that the address copied is always replaced by a new one, then your device is compromised and a hard reset or formatting is advisable. Do not download strange keyboards, don't get fooled by beautiful designs of keyboard.

Vitamin_52
Sr. Member
****
Offline Offline

Activity: 854
Merit: 257


View Profile
October 01, 2019, 09:45:04 PM
 #11

the first time I hear about such a scheme. I know that with the programs for mining spreads a virus that robs wallets. but this apparently a new way to fraud as I understand
tomahawk9
Hero Member
*****
Offline Offline

Activity: 2086
Merit: 994


Cats on Mars


View Profile
October 01, 2019, 09:58:08 PM
 #12

Does this mean all coins will be hacked if we use Telegram's services or provide information to them?
This malware doesn't hack coins (wtf??), what this trojan does is infect PC's and steals all your info like passwords and all the sensitive info you have on your system, it also replaces a bunch of cryptocurrency wallets (btc, xmr, xrp, dash, and many more) from your clipboard to one from the attacker.

Best thing to do is to avoid downloading stuff from sketcky websites, also avoid downloading stuff from Telegram, and finally, update your antivirus.

.
Duelbits
            ▄████▄▄
          ▄█████████▄
        ▄█████████████▄
     ▄██████████████████▄
   ▄████▄▄▄█████████▄▄▄███▄
 ▄████▐▀▄▄▀▌████▐▀▄▄▀▌██

 ██████▀▀▀▀███████▀▀▀▀█████

▐████████████■▄▄▄■██████████▀
▐██████████████████████████▀
██████████████████████████▀
▀███████████████████████▀
  ▀███████████████████▀
    ▀███████████████▀
.
         ▄ ▄▄▀▀▀▀▄▄
         ▄▀▀▄      █
         █   ▀▄     █
       ▄█▄     ▀▄   █
      ▄▀ ▀▄      ▀█▀
    ▄▀     ▀█▄▄▄▀▀ ▀
  ▄▀  ▄▀  ▄▀

Live Games

   ▄▄▀▀▀▀▀▀▀▄▄
 ▄▀ ▄▄▀▀▀▀▀▄▄ ▀▄
▄▀ █ ▄  █  ▄ █ ▀▄
█ █   ▀   ▀   █ █  ▄▄▄
█ ▀▀▀▀▀▀▀▀▀▀▀▀▀ █ █   █
█▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀█  █▄█
█ ▀▀█  ▀▀█  ▀▀█ █  █▄█

Slots
.
        ▄▀▀▀▀▀▀▀▀▀▀▀▀▀▄
        █         ▄▄  █
▄▀▀▀▀▀▀▀▀▀▀▀▀▀▄       █
█  ▄▄         █       █
█             █       █
█   ▄▀▀▄▀▀▄   █       █
█   ▀▄   ▄▀   █       █

Blackjack
|█▀▀▀▀▀█▄▄▄
       ▀████▄▄
         ██████▄
▄▄▄▄▄▄▄▄█▀    ▀▀█
████████▄        █
█████████▄        █
██████████▄     ▄██
█████████▀▀▀█▄▄████
▀▀███▀▀       ████
   █          ███
   █          █▀
▄█████▄▄▄ ▄▄▀▀
███████▀▀▀
.
                 NEW!                  
SPORTS BETTING 
|||
[ Đ ][ Ł ]
AVAILABLE NOW
Bonwin
Member
**
Offline Offline

Activity: 798
Merit: 38


View Profile
October 01, 2019, 10:27:55 PM
 #13

It is predominantly sent to telegram groups, however, I believe that a lot of people are already aware of it, except fro the newbies who probably have not been pretty well exposed to cryptocurrency.
Sometimes, they are also sent to email addresses as phishing sites.
There is no cause for panic even if this is sent to you, except you click on it.
Iyeman
Sr. Member
****
Offline Offline

Activity: 1183
Merit: 251



View Profile
October 01, 2019, 10:33:05 PM
 #14

the first time I hear about such a scheme. I know that with the programs for mining spreads a virus that robs wallets. but this apparently a new way to fraud as I understand

A new to fraud? What the fuck are you saying? It caused by you are never trying to watch or at least get the latest information from internet through using your connection.
You don't even wanna read the comments above you that clearly said this hack already exist from a long time ago and this can be considered as an old category of the hacking method.
The new one is not using this kind of cheap tricks to steal the funds.

▄████████████▄▄▄▄▄▄▄▄
 ████▀▀▀▀▀▀▀▀▀▀▀████████▄▄
█████                 ▀▀███▄
█████▄                   ▀██▄
███▀███▄                  ███
███  ▀████▄▄▄▄▄▄▄▄▄       ███
███     ▀▀▀▀▀███████████▄▄██▀
███                   ▀▀████
███      ▄▄▄▄▄▄▄▄▄▄██████▀▄█▄
███   ▄███████▀▀▀▀▀▀▀▀▀   ▀██
███ ▄██▀▀                  ██
██████                    ██▀
█████                   ▄██▀
▀████▄       ▄▄▄▄▄▄▄▄████▀
 ▀
█████████████▀▀▀▀▀▀▀▀
.
billionair
A TOKEN POWERED RAFFLE PLATFORM
IN THE BSC ECOSYSTEM
▄█████████████████████▄
███████████████████████
████▀███████▀   ▀▀▀▄███
███▌  ▀▀███▌       ▄███
███▀               ████
███▄              █████
████▄            ██████
█████▄▄        ▄███████
████▄       ▄██████████
███████████████████████
▀█████████████████████▀
▄█████████████████████▄
███████████████████████
████████████████▀▀█████
███████████▀▀▀    █████
██████▀▀▀   ▄▀   ██████
███▄     ▄█▀     ██████
██████▄ █▀      ███████
███████▌▐       ███████
████████ ▄██▄  ████████
██████████████▄████████
▀█████████████████████▀
▄█████████████████████▄
█████▀▀▀▀▀▀▀▀▀▀▀▀██████
███▀ ████████████ ▀████
██  ██████▀▀▀██  █  ███
██  ████▀ ███ ▀███  ███
██  ███▀ █████ ▀██  ███
██  ███▄ █████ ▄██  ███
██  █████ ▀▀▀ ████  ███
██  ██████████████  ███
███▄ ████████████ ▄████
▀████▄▄▄▄▄▄▄▄▄▄▄▄█████▀
▄███████▀▀▀▀████████▀▀▀▀█████████▄
█████▀  ▄▄██▀▀▀▀▀▀▀▀██▄▄  ▀███████
█████  ▀▀▀              ▀▀▀  █████
███                            ███
██                              ██
██        ████      ████        ██
█        ██████    ██████        █
█         ████      ████         █
█                                █
█      ▀▄▄              ▄▄▀      █
██▄      ▀▀█▄▄▄▄▄▄▄▄▄▄█▀▀      ▄██
███▄▄      ██████████      ▄▄█████
███████▄▄▄████████████▄▄▄█████████
▀████████████████████████████████▀
.
JOIN AIRDROP
jacafbiz
Hero Member
*****
Offline Offline

Activity: 2128
Merit: 530


PredX - AI-Powered Prediction Market


View Profile
October 01, 2019, 10:51:08 PM
 #15

I have said before here that anything hack-able will be hacked it is just a matter of time, event like this help to build better security mechanism to project our asset, people need to know that it is not just hackers that is doing this some Government are doing this and the better we start looking for better ways to protect our Crypto assets

Bountyhonter
Member
**
Offline Offline

Activity: 406
Merit: 10


View Profile WWW
October 01, 2019, 11:18:46 PM
 #16

It's probably just a malware that replaces copied addresses with that of the hacker, you can avoid this by turning off auto-download on telegram and by not downloading unknown files/softwares and don't forget to double check the addressees before clicking send.

▂▂▂▂▂▂▂▂▂▂▂▂▂▃▅▆█ L E A D █▆▅▃▂▂▂▂▂▂▂▂▂▂▂▂
World's Simplest and Safest Decentralized Cryptocurrency Wallet!
▬▬▬▬▬▬▬ • STORE • SEND • SPEND • SWAP • STAKE • ▬▬▬▬▬▬
jmigdlc99
Sr. Member
****
Offline Offline

Activity: 784
Merit: 282


View Profile WWW
October 01, 2019, 11:30:51 PM
 #17


The Juniper Threat Labs group says “Masad Stealer sends the majority of the data it gathers [through] a Telegram bot constrained by the risk on-screen character.” This new malware targets Bitcoin, Monero (XMR), Cardano (ADA), Ether (ETH), (DASH), XRP, Litecoin (LTC) and such different cryptographic forms of cryptocurrencies.

So as to comprehend the gravity of the risk, process this reality: A location associated with ‘Masad Clipper and Stealer’ has gathered Bitcoin worth more than $9000 till date. The malware is being promoted on hacking discussions. It is really being sold through a layered methodology. It begins with a free form and it tends to be moved up to one with all highlights for $85.

News Source: TheCoinRepublic

But this is old news. As far as i know "threats" like these (copy + paste address swap and the like) have already been addressed by more recent updates of the major anti virus companies, esp. McAfee, AVG, etc.

If anything, people should be more aware of clicking links randomly posted on the internet.

0xacBBa937A57ecE1298B5d350f40C0Eb16eC5fA4B
boltz
Legendary
*
Offline Offline

Activity: 3360
Merit: 1203



View Profile
October 01, 2019, 11:39:16 PM
 #18

Even if this is an old trick I'm glad that someone made another thread with this so new members will be aware of this malware. I remember how big Telegram was during the glory days of ICO's and now they don't have those big numbers but they still have some massive traffic so no wonder why this old malware started to surface again.

Everyone just make sure you double or even triple check your deposit addresses before you make a payment or simply uninstall Telegram if you don't really need it and replace it with the old whats app because there you won't get PM's from all kind of people and furthermore you won't wake up with new invites into groups that you don't know about them.

Also I think you deserve my merit. Make sure you keep up the good work.

███▄▀██▄▄
░░▄████▄▀████ ▄▄▄
░░████▄▄▄▄░░█▀▀
███ ██████▄▄▀█▌
░▄░░███▀████
░▐█░░███░██▄▄
░░▄▀░████▄▄▄▀█
░█░▄███▀████ ▐█
▀▄▄███▀▄██▄
░░▄██▌░░██▀
░▐█▀████ ▀██
░░█▌██████ ▀▀██▄
░░▀███
▄▄██▀▄███
▄▄▄████▀▄████▄░░
▀▀█░░▄▄▄▄████░░
▐█▀▄▄█████████
████▀███░░▄░
▄▄██░███░░█▌░
█▀▄▄▄████░▀▄░░
█▌████▀███▄░█░
▄██▄▀███▄▄▀
▀██░░▐██▄░░
██▀████▀█▌░
▄██▀▀██████▐█░░
███▀░░
Text
Hero Member
*****
Offline Offline

Activity: 2562
Merit: 608



View Profile
October 01, 2019, 11:58:51 PM
 #19

Installed anti virus will not keep your computer safe at all times, it should be updated. Security is very important to protect your assests. Always check the URL address before visiting the website. They are right, double checking is a must, its better to be safe than sorry.
I rarely use Telegram cause of bots. Scammers are everywhere so be careful. Only using it when needed.

Eugenar
Sr. Member
****
Offline Offline

Activity: 1274
Merit: 278



View Profile
October 02, 2019, 12:45:08 AM
 #20

This like things have been ongoing. It is actually nothing new, and not so much to be worried about. Just be careful, and you might need to install an antivirus as well. Also always ensure you check at least twice your address, before making any transaction. We can never be too security conscious. This is very key in this field, to avoid being scammed, or making losses.

basically, for security purposes, it is not advisable to send copy paste your wallet address on medium like telegram, those that has a third party servers, what you can do is store it to a text editor and directly copy it to your other devices. We aren't sure what the future malwares can do, there are no safe system as well. Our best security is just our responsibility so, we should always take note of that.
Pages: [1] 2 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!