Bitcoin Forum
December 08, 2019, 06:48:09 PM *
News: Latest Bitcoin Core release: 0.19.0.1 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1] 2 3 4 »  All
  Print  
Author Topic: How to lose your Bitcoins with CTRL-C CTRL-V  (Read 998 times)
This is a self-moderated topic. If you do not want to be moderated by the person who started this topic, create a new topic. (7 posts by 7 users deleted.)
LoyceV
Legendary
*
Online Online

Activity: 1694
Merit: 5316


ArtIst > AI rtst


View Profile WWW
October 07, 2019, 02:10:36 PM
Last edit: October 07, 2019, 08:37:39 PM by LoyceV
Merited by Cyrus (5), chimk (5), tranthidung (4), malevolent (1), Mahanton (1), Baofeng (1), DeadCoin (1), DroomieChikito (1), o_e_l_e_o (1), GreatArkansas (1), madnessteat (1), Laskoo (1), 3dOOm (1)
 #1

I just saw another victim of clipboard hijacker malware.

How it works
1. You select a Bitcoin address, and press CTRL-C.
2. The malware changes the address to an address owned by the hacker/scammer.
3. You press CTRL-V and lose any funds you send.
Even if you check part of the pasted Bitcoin address, chances are the first few characters are the same, and you still won't notice the address was changed.

How to prevent this
1. Don't use Windows, but we both know you're not going to change that.
2. Check the entire address after copy/pasting, and not just the first few (or last few) characters. Check some in the middle too. That's a lot of work, so chances are you won't do that either.
3. I came up with something else: don't copy the entire Bitcoin address, copy only a part, and manually type the last few characters. Even if the malware exchanges the incomplete Bitcoin address by their own, your wallet won't accept the (invalid) address if you've typed a few more characters by yourself.
You'll still need to follow Step 2 after this: check the address!
4. Use copy/paste to verify part of your address. Suppose you want to send funds to address 1PjpEgknyKxQKXtMcYFDym8odkfohFGkui. After copy/pasting, select "yKxQKXtMc" from the pasted address, then press CTRL-C. Then, use CTRL-F followed by CTRL-V to see if the partial address matches the original source of the address. And make sure the source is authentic: email can be spoofed too!
5. I'll add o_e_l_e_o's suggestion here:
Any time I am sending coins from any wallet I physically place the address I know is correct directly from the source, right next to the address I have entered to send to. That usually means either holding my hardware wallet or phone up next to my computer screen, or resizing two windows on my phone or computer to put the two address physically right next to each other. Once you have two addresses which are less than inch apart, its very easy to check the entire address and not just a few characters at the start or end.

Stay vigilant
Check, double check and tripple check before sending funds!


No spam please
I said please Cheesy
I'll remove excessive quotes.

1575830889
Hero Member
*
Offline Offline

Posts: 1575830889

View Profile Personal Message (Offline)

Ignore
1575830889
Reply with quote  #2

1575830889
Report to moderator
1575830889
Hero Member
*
Offline Offline

Posts: 1575830889

View Profile Personal Message (Offline)

Ignore
1575830889
Reply with quote  #2

1575830889
Report to moderator
1575830889
Hero Member
*
Offline Offline

Posts: 1575830889

View Profile Personal Message (Offline)

Ignore
1575830889
Reply with quote  #2

1575830889
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1575830889
Hero Member
*
Offline Offline

Posts: 1575830889

View Profile Personal Message (Offline)

Ignore
1575830889
Reply with quote  #2

1575830889
Report to moderator
1575830889
Hero Member
*
Offline Offline

Posts: 1575830889

View Profile Personal Message (Offline)

Ignore
1575830889
Reply with quote  #2

1575830889
Report to moderator
1575830889
Hero Member
*
Offline Offline

Posts: 1575830889

View Profile Personal Message (Offline)

Ignore
1575830889
Reply with quote  #2

1575830889
Report to moderator
evgenia_volkova
Member
**
Offline Offline

Activity: 72
Merit: 14


View Profile
October 07, 2019, 02:18:25 PM
 #2

I was a victim year ago and I would like to add one more think to your post.

If you see that your address are being changed that means your system is affected by the malware. To resolve it permanently please change the hard-disk of your system and install Ubuntu. This is what I was advice to do. And how to be aware is already addressed by OP.

It is better not to download or browser random stuff on the system which you use for trading or storing your funds. Definitely not a good exercise to store funds in desktop wallets but if you have store then be aware.

Mahanton
Hero Member
*****
Offline Offline

Activity: 1092
Merit: 523

CryptoTalk.Org - Get Paid for every Post!


View Profile
October 07, 2019, 02:20:21 PM
 #3


How to prevent this
1. Don't use Windows, but we both know you're not going to change that.

Now im getting worried with that Windows 10 Cortana and currently been tweaking out its privacy settings.Is this really a keylogger?. So far i havent experienced any clipboard malwares but i do have that behavior on double-triple checking address before sending out  some coins.

Thanks for the reminders and this isnt a spam.  Kiss

 
                                . ██████████.
                              .████████████████.
                           .██████████████████████.
                        -█████████████████████████████
                     .██████████████████████████████████.
                  -█████████████████████████████████████████
               -███████████████████████████████████████████████
           .-█████████████████████████████████████████████████████.
        .████████████████████████████████████████████████████████████
       .██████████████████████████████████████████████████████████████.
       .██████████████████████████████████████████████████████████████.
       ..████████████████████████████████████████████████████████████..
       .   .██████████████████████████████████████████████████████.
       .      .████████████████████████████████████████████████.

       .       .██████████████████████████████████████████████
       .    ██████████████████████████████████████████████████████
       .█████████████████████████████████████████████████████████████.
        .███████████████████████████████████████████████████████████
           .█████████████████████████████████████████████████████
              .████████████████████████████████████████████████
                   ████████████████████████████████████████
                      ██████████████████████████████████
                          ██████████████████████████
                             ████████████████████
                               ████████████████
                                   █████████
.CryptoTalk.org.|.MAKE POSTS AND EARN BTC!.🏆
Royse777
Hero Member
*****
Offline Offline

Activity: 868
Merit: 1077


Exchange Bitcoin quickly-https://blockchain.com.do


View Profile WWW
October 07, 2019, 02:20:55 PM
 #4

Pity that it never happened with me :-P

Well on a serious note, staying a bit careful before downloading or clicking any link solves the problem more that 50% I would say. The rest is coming with the external device like USB sticks we use. If we are not sure about the device status (whether it's clean or not), we should not inject them in our USB port.

I hope it was not spam? :-P

Edit: By the way, how about using a multiSig address? If your device is compromised and the address has changed you can see it once you load the tx file in the other device before final sing and broadcasting.

.Have Your Ad Here!.
████
████
████
████
████
████
████
████
████
████
████
████
████
████
████
████
  
GreatArkansas
Hero Member
*****
Offline Offline

Activity: 700
Merit: 741


Natural8.com - Making Poker Fun Again


View Profile WWW
October 07, 2019, 02:26:23 PM
 #5

How to prevent this
1. Don't use Windows, but we both know you're not going to change that.
 Grin.
I also found this article : First Android Clipboard Hijacking Crypto Malware Found On Google Play Store.
Android seems vulnerable too and it was found on Google Play Store, it this already found, for sure there are already some android app spreading with this kind of malware.

As stated on the article, most of the android app that has like this kind of malware are those impersonating android app fake android app, just like bitcoin wallet.
Since that is also about cryptocurrency.
Quote
To do this, attackers first tricked users into installing the malicious app that impersonated a legitimate cryptocurrency service called MetaMask, claiming to let users run Ethereum decentralized apps in their web browsers without having to run a full Ethereum node

8
♠  ────  BONUSES & PROMOTIONS  ────  ♠
.$500k.RUSH & CASH
MONTHLY
.200%.FIRST
DEPOSIT
.$150k.SHORT DECK
HOLD'EM
███
███
███
███
███
███
███
███

███

███

███

███

███
     MAKING POKER FUN AGAIN     
.
FACEBOOK   ● TWITTER
DOWNLOAD THE APP HERE
███
███
███
███
███
███
███
███

███

███

███

███

███
yazher
Sr. Member
****
Offline Offline

Activity: 574
Merit: 385



View Profile
October 07, 2019, 02:41:46 PM
 #6

I may post this on my Daily news on our local board. thanks for the info bro. Cause I often use this feature in windows when I'm sending some BTC to my exchanges address. thankfully I double-check the addresses before I send it. therefore every time we send some BTC we don't need to rush for it it is always better to see the address if it is right or else you will get nothing even after a hundred confirmation in the transactions.  Grin Grin

smartmixer.io▀  ▀  ▀  ▀  ▀
▄  ▄  ▄  ▄  ▄

▀  ▀  ▀  ▀  ▀
▄  ▄  ▄  ▄  ▄

▀  ▀  ▀  ▀  ▀
▄  ▄  ▄  ▄  ▄

▀  ▀  ▀  ▀  ▀
▄  ▄  ▄  ▄  ▄

▀  ▀  ▀  ▀  ▀
Make your Cryptos untraceable!
(( ███████ ((    TELEGRAM    )) ███████ ))
▄▄███████▄▄
▄███████▀███████▄
▄███▀▀▀ ▄▄▄ ▀▀▀███▄
▄███ ▄▀▀▀   ▀▀▀▄ ███▄
████ █  ▄   ▄█ █ ████
████▌▐▌ ▀█▄█▀ ▐▌▐████
▀████ ▀▄  ▀  ▄▀ ████▀
▀████▄ ▀▄▄▄▀ ▄████▀
▀█████▄▄ ▄▄█████▀
▀▀███████▀▀
.

NO LOGS
▄▄███████▄▄
▄██████▀▀▀██████▄
▄█████▀ ▄▄▄ ▀█████▄
▄██████ ▀   █ ██████▄
███████   █▀  ███████
████████▄ ▄ ▄████████
▀████▀         ▀████▀
▀███   ▄   ▄   ███▀
▀███████████████▀
▀▀███████▀▀
.

NO SIGN-UP
▄▄███████▄▄
▄███████████████▄
▄███████▀   ▀█████▄
▄████▀  ▀      █████▄
████     ▄▀▄  ▀ ▀████
███    ▄▀▄ ▄▀▄    ███
▀███▄▄  ▀█ █▀   ▄███▀
▀████████ ████████▀
▀███████████████▀
▀▀███████▀▀
.

70% COMSN
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
MIX NOW!
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀  ▀  ▀  ▀  ▀
▄  ▄  ▄  ▄  ▄

▀  ▀  ▀  ▀  ▀
▄  ▄  ▄  ▄  ▄

▀  ▀  ▀  ▀  ▀
▄  ▄  ▄  ▄  ▄

▀  ▀  ▀  ▀  ▀
▄  ▄  ▄  ▄  ▄

▀  ▀  ▀  ▀  ▀
Theb
Sr. Member
****
Online Online

Activity: 1134
Merit: 460



View Profile
October 07, 2019, 04:41:08 PM
 #7

From what I personally notice with the clipboard/copy and paste virus it only gives you a similar address only to the first few characters of your own address sometimes also the last few characters at the end of your address are also similar as well. But if you look at the middle part you will see that there is no similarity at all in fact they are completely different. For people that has known and used their address for a long time now you can immediately spot the differences. I do recommend people trying it out on there Windows pc if they have the clipboard virus by just simply trying to copy/paste the address you have so that you are always aware that your pc is clean from that malware.
 

      ▄ ▄█▄ ▄█ ▄
     ▄▐██▀▀▀▀▀▀
      ▀▄▄████▄ █▄
   ▄ ██▄█▀▀   ▀▀ ▀
  ▄██▄██▄ ▀██▄▀ ▀█▄
 ▀███████▄▄▄▄▄█▄▄▄██
▐███████████▀▀  ▀█▀ █
█▀███████████  ▄▄█▄ ██
 ▐█████████████▀   ███
  ████▀██████████▄███
  ▐█▀  ████████████ ▀
   ▀  ▐███████████
     ▄██████▀▀ █▀
.
JACKMATE'S
MAJESTIC

  ███████████████████
 ███████████████████
███████████████████
         █████████
        █████████
       █████████
      █████████
     █████████
    █████████
   █████████
  █████████
 █████████
████████
██
██
██
██
██
██
██
██
██
██
██
████████
██████████████████████████████████████████████████████████████████████████████████████████████     ███
.
WIN 1 BITCOIN ON EVERY PREMIER LEAGUE MATCHDAY
.
███     ██████████████████████████████████████████████████████████████████████████████████████████████
████████
██
██
██
██
██
██
██
██
██
██
██
████████
████████████████████████████████
████████████▀█▀ ▀█▀█▀███████████
███████████▄ ▄▄▄▄▄▄▄████████████
███████████▀▀▄▄▄▄▄▄▄▄███████████
█████████▀▄ ██▀▄▄▄ ▀ ▄▀█████████
███████▀ ▀█████▄▄▄█▄▄▄██████████
███████▀▄████████▀  ▀█ █▐███████
███████ ▀█████████▄█▀▀██ ███████
████████ ███▀██████ ▄ ██ ███████
████████▌▐▀▄ ██████████ ▄███████
█████████▄██▌▐█████▀██ █████████
████████████▄▀▀▀▀▀▄ ▀▄██████████
████████████████████████████████
██████
██
██
██
██
██
██
██
██
██
██
██
██████
.
JOIN US - IT'S FREE!
██████
██
██
██
██
██
██
██
██
██
██
██
██████
TalkStar
Copper Member
Sr. Member
****
Online Online

Activity: 490
Merit: 394


Natural8.com - Making Poker Fun Again


View Profile
October 07, 2019, 06:30:21 PM
Last edit: October 08, 2019, 05:24:34 PM by TalkStar
 #8

Its really a matter of concern that in every single second these hackers are trying to discover new ways for stealing fund from our wallet. Basically most of us like to complete copy-paste by using our keyboard option and these hackers wisely targeted that area to make users fool. To keep us secure from this kinda keyboard malware sender should be much careful during completing transactions from one address to another.

▪︎ Please double check the receiver address before clicking the final confirmation button.
▪︎ After pasting the address please check similarities between both address part by part. Don't give priority to few first charecters only where its necessary to check middle and last part too.
▪︎ You can take the help of notepad to match both addresses easily.


8
♠  ────  BONUSES & PROMOTIONS  ────  ♠
$500kRUSH & CASH
MONTHLY
200%FIRST
DEPOSIT
$150kSHORT DECK
HOLD'EM
███
███
███
███
███
███
███
███

███

███

███

███

███
     MAKING POKER FUN AGAIN     
.
FACEBOOK   ● TWITTER
DOWNLOAD THE APP HERE
███
███
███
███
███
███
███
███

███

███

███

███

███
ETFbitcoin
Legendary
*
Offline Offline

Activity: 1848
Merit: 2122

Use SegWit and enjoy lower fees.


View Profile WWW
October 07, 2019, 06:41:24 PM
 #9

How to prevent this
1. Don't use Windows, but we both know you're not going to change that.
 Grin.
I also found this article : First Android Clipboard Hijacking Crypto Malware Found On Google Play Store.
Android seems vulnerable too and it was found on Google Play Store, it this already found, for sure there are already some android app spreading with this kind of malware.

The risks of Clipboard Hijacking is exist on any OS, but most of the times happens because user download and install/run application from unknown/untrusted source.

I understand almost all people would assume application/game on Google Play Store, App Store or other popular digital application distribution are safe, but it wouldn't hurt to avoid application with low download count or search it on google first.

dothebeats
Legendary
*
Offline Offline

Activity: 2030
Merit: 1146


Crypto Exchange - Secure & Anonymous


View Profile
October 07, 2019, 07:17:38 PM
 #10

This also happens in Android OS more frequently, I believe, as there are random apps capable of snooping data up to system-level and change some of the configurations and voila! Your Android phone is infected! We also know that there are still a lot of people downloading apps that are not from official releases and from the official Playstore in order to get some cracked APKs for their games, apps etc and that is alarming. I almost became a victim of the clipboard hijack thingy just a couple months back by downloading this file manager from a XDA-Developers post (which has since been removed thankfully).

I also found this article : First Android Clipboard Hijacking Crypto Malware Found On Google Play Store.
Android seems vulnerable too and it was found on Google Play Store, it this already found, for sure there are already some android app spreading with this kind of malware.

Knowing how Google Play checks every app on their store before getting it live, it's really rare for a malware-infected app to get through. This might be the first one recorded, but I'm pretty sure that there are tons existing out there in the wild.

█▀▀▀











█▄▄▄
|
▄▄█████▄▄
▄███████████▄
▄███████████████▄
▄██▀███████████▀██▄
▄█████▀███████▀█████▄
████████▀███▀████████
██████████████████
████████▄███▄████████
▀▀▀▀██████▄██████▀▀▀▀
█████████
▀███████████████▀
▀███████████▀
▀▀█████▀▀
▄▄█████▄▄
▄███████████▄
▄███████████████▄
▄█████████████████▄
▄████████████████▀██▄
██████████████▄██████
█████████████████████
████████████▀████████
▀█████████████▄█████▀
▀█████████████████▀
▀███████████████▀
▀███████████▀
▀▀█████▀▀
.
Trusted by ✔
MONERO
& DASH
|◆  OVER 115 COINS
◆  FIXED RATE
◆  NO REGISTRATION 
▀▀▀█











▄▄▄█
unsoindovo
Legendary
*
Offline Offline

Activity: 1764
Merit: 1025

CryptoTalk.Org - Get Paid for every Post!


View Profile
October 07, 2019, 07:55:19 PM
 #11

I just saw another victim of clipboard hijacker malware.

How it works
1. You select a Bitcoin address, and press CTRL-C.
2. The malware changes the address to an address owned by the hacker/scammer.
3. You press CTRL-V and lose any funds you send.
Even if you check part of the pasted Bitcoin address, chances are the first few characters are the same, and you still won't notice the address was changed.

How to prevent this
1. Don't use Windows, but we both know you're not going to change that.
2. Check the entire address after copy/pasting, and not just the first few (or last few) characters. Check some in the middle too. That's a lot of work, so chances are you won't do that either.
3. I came up with something else: don't copy the entire Bitcoin address, copy only a part, and manually type the last few characters. Even if the malware exchanges the incomplete Bitcoin address by their own, your wallet won't accept the (invalid) address if you've typed a few more characters by yourself.
You'll still need to follow Step 2 after this: check the address!
4. Use copy/paste to verify part of your address. Suppose you want to send funds to address 1PjpEgknyKxQKXtMcYFDym8odkfohFGkui. After copy/pasting, select "yKxQKXtMc" from the pasted address, then press CTRL-V. Then, use CTRL-F followed by CTRL-V to see if the partial address matches the original source of the address. And make sure the source is authentic: email can be spoofed too!

Stay vigilant
Check, double check and tripple check before sending funds!


No spam please
I said please Cheesy
I'll remove excessive quotes.

If I can suggest a simple work around to avoid this kind of theft, I can suggest a easy virtual machine installation
I use it for my home banking and Crypto transfers.
An USB, 128gb or more to get acceptable performance
All the address saved in the task bar to avoid fake site found by googling
Linux lubuntu, a lighted and fast version of Linux.
When I need to use home baking or Crypto wallet I use this USB. I called it bank box.
Not sure at 100, but for sure more Than home pc.
If I'm forced to use it from my home pc, I usually check the first and last 3 or for address chars.

 
                                . ██████████.
                              .████████████████.
                           .██████████████████████.
                        -█████████████████████████████
                     .██████████████████████████████████.
                  -█████████████████████████████████████████
               -███████████████████████████████████████████████
           .-█████████████████████████████████████████████████████.
        .████████████████████████████████████████████████████████████
       .██████████████████████████████████████████████████████████████.
       .██████████████████████████████████████████████████████████████.
       ..████████████████████████████████████████████████████████████..
       .   .██████████████████████████████████████████████████████.
       .      .████████████████████████████████████████████████.

       .       .██████████████████████████████████████████████
       .    ██████████████████████████████████████████████████████
       .█████████████████████████████████████████████████████████████.
        .███████████████████████████████████████████████████████████
           .█████████████████████████████████████████████████████
              .████████████████████████████████████████████████
                   ████████████████████████████████████████
                      ██████████████████████████████████
                          ██████████████████████████
                             ████████████████████
                               ████████████████
                                   █████████
.CryptoTalk.org.|.MAKE POSTS AND EARN BTC!.🏆
GSpgh
Sr. Member
****
Offline Offline

Activity: 501
Merit: 290



View Profile
October 07, 2019, 08:08:28 PM
 #12

Does anyone else find the SegWit bech32 (bc1...) addresses harder to verify visually? I don't know if it's the long prefix or the all lowercase format but it's just so unwieldy.

But even since before SegWit I got used to Ctrl-C + Ctrl-F re-verification - it's quick and works well. Speaking of that - I think this is an error:

After copy/pasting, select "yKxQKXtMc" from the pasted address, then press CTRL-V. Then, use CTRL-F followed by CTRL-V to see if the partial address matches the original source of the address.

I think it should be Ctrl-C, then Ctrl-F, then Ctrl-V.

          ▄▄████▄▄
      ▄▄███▀    ▀███▄▄
   ▄████████▄▄▄▄████████▄
  ▀██████████████████████▀
▐█▄▄ ▀▀████▀    ▀████▀▀ ▄▄██
▐█████▄▄ ▀██▄▄▄▄██▀ ▄▄██▀  █
▐██ ▀████▄▄ ▀██▀ ▄▄████  ▄██
▐██  ███████▄  ▄████████████
▐██  █▌▐█ ▀██  ██████▀  ████
▐██  █▌▐█  ██  █████  ▄█████
 ███▄ ▌▐█  ██  ████████████▀
  ▀▀████▄ ▄██  ██▀  ████▀▀
      ▀▀█████  █  ▄██▀▀
         ▀▀██  ██▀▀
WINDICE████
██
██
██
██
██
██
██
██
██
██
██
██
████
      ▄████████▀
     ▄████████
    ▄███████▀
   ▄███████▀
  ▄█████████████
 ▄████████████▀
▄███████████▀
     █████▀
    ████▀
   ████
  ███▀
 ██▀
█▀

██
██
██
██
██
██
██
██
██
██
██
██
     ▄▄█████▄   ▄▄▄▄
    ██████████▄███████▄
  ▄████████████████████▌
 ████████████████████████
▐████████████████████████▌
 ▀██████████████████████▀
     ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
     ▄█     ▄█     ▄█
   ▄██▌   ▄██▌   ▄██▌
   ▀▀▀    ▀▀▀    ▀▀▀
       ▄█     ▄█
     ▄██▌   ▄██▌
     ▀▀▀    ▀▀▀

██
██
██
██
██
██
██
██
██
██
██
██
                   ▄█▄
                 ▄█████▄
                █████████▄
       ▄       ██ ████████▌
     ▄███▄    ▐█▌▐█████████
   ▄███████▄   ██ ▀███████▀
 ▄███████████▄  ▀██▄▄████▀
▐█ ▄███████████    ▀▀▀▀
█ █████████████▌      ▄
█▄▀████████████▌    ▄███▄
▐█▄▀███████████    ▐█▐███▌
 ▀██▄▄▀▀█████▀      ▀█▄█▀
   ▀▀▀███▀▀▀
████
  ██
  ██
  ██
  ██
  ██
  ██
  ██
  ██
  ██
  ██
  ██
  ██
████


▄▄████████▄▄
▄████████████████▄
▄████████████████████▄
███████████████▀▀  █████
████████████▀▀      ██████
▐████████▀▀   ▄▄     ██████▌
▐████▀▀    ▄█▀▀     ███████▌
▐████████ █▀        ███████▌
████████ █ ▄███▄   ███████
████████████████▄▄██████
▀████████████████████▀
▀████████████████▀
▀▀████████▀▀
██████
██████
███
███
███
███
███
███
███
███
███
███
██████
██████
.Play Now.██████
██████
   ███
   ███
   ███
   ███
   ███
   ███
   ███
   ███
   ███
   ███
██████
██████
o_e_l_e_o
Hero Member
*****
Offline Offline

Activity: 770
Merit: 3047


Decent


View Profile
October 07, 2019, 08:23:32 PM
Merited by Mahanton (1), DroomieChikito (1)
 #13

Now im getting worried with that Windows 10 Cortana and currently been tweaking out its privacy settings.Is this really a keylogger?.
Yes. Windows 10 has a built in keylogger, and it sends everything you type to Microsoft for "analysis". See the following links:

https://www.pcworld.com/article/2974057/how-to-turn-off-windows-10s-keylogger-yes-it-still-has-one.html
https://www.technorms.com/45807/turn-windows-10-keylogger-improved-data-privacy
https://www.techadvisor.co.uk/how-to/windows/how-disable-hidden-keylogger-in-windows-10-3639643/

But on a much wider scale, Windows 10 is a privacy nightmare. It collects everything from your keystrokes and voice input to your contacts, emails, browsing history, location history, etc., etc. Turning off all the telemetry and turning all the privacy settings to max doesn't help. Have a read of these reports if you want to be really worried:

https://arstechnica.com/information-technology/2015/08/even-when-told-not-to-windows-10-just-cant-stop-talking-to-microsoft/
https://thehackernews.com/2016/02/microsoft-windows10-privacy.html

Even with these features disabled via group policies, Cortana is still sending your search history to Microsoft, and OneDrive is phoning home for unknown reasons, for example. Even with all telemetry features disabled, Windows 10 still made a staggering 5,500 connections to almost 100 different IP address in only 8 hours.

As LoyceV says, don't use Windows.



Any time I am sending coins from any wallet I physically place the address I know is correct directly from the source, right next to the address I have entered to send to. That usually means either holding my hardware wallet or phone up next to my computer screen, or resizing two windows on my phone or computer to put the two address physically right next to each other. Once you have two addresses which are less than inch apart, its very easy to check the entire address and not just a few characters at the start or end.

masulum
Hero Member
*****
Offline Offline

Activity: 616
Merit: 632


coming soon - cryptoblog.my.id


View Profile WWW
October 08, 2019, 12:24:22 AM
 #14


I think it should be Ctrl-C, then Ctrl-F, then Ctrl-V.

Nothing wrong with that tutorial, Why CTRL+V, then CTRL+F, then CTRL-V, After you have copied wallet address, you need to paste clipboard. It means we need the first CTRL+V, After we are pasted wallet address, we need to check wallet address from clipboard results, then we need CTRL+F.  The last CTRL+V is for a paste wallet address on the search form.

So, for complete process is CTRL+C > CTRL+V > CTRL+F > CTRL+V, like LoyceV says.

smartmixer.io▀  ▀  ▀  ▀  ▀
▄  ▄  ▄  ▄  ▄

▀  ▀  ▀  ▀  ▀
▄  ▄  ▄  ▄  ▄

▀  ▀  ▀  ▀  ▀
▄  ▄  ▄  ▄  ▄

▀  ▀  ▀  ▀  ▀
▄  ▄  ▄  ▄  ▄

▀  ▀  ▀  ▀  ▀
.Make your Cryptos untraceable!.
(( ███████ ((    TELEGRAM    )) ███████ ))
▄▄███████▄▄
▄███████▀███████▄
▄███▀▀▀ ▄▄▄ ▀▀▀███▄
▄███ ▄▀▀▀   ▀▀▀▄ ███▄
████ █  ▄   ▄█ █ ████
████▌▐▌ ▀█▄█▀ ▐▌▐████
▀████ ▀▄  ▀  ▄▀ ████▀
▀████▄ ▀▄▄▄▀ ▄████▀
▀█████▄▄ ▄▄█████▀
▀▀███████▀▀
.
NO LOGS
▄▄███████▄▄
▄██████▀▀▀██████▄
▄█████▀ ▄▄▄ ▀█████▄
▄██████ ▀   █ ██████▄
███████   █▀  ███████
████████▄ ▄ ▄████████
▀████▀         ▀████▀
▀███   ▄   ▄   ███▀
▀███████████████▀
▀▀███████▀▀
.
NO SIGN-UP
▄▄███████▄▄
▄███████████████▄
▄███████▀   ▀█████▄
▄████▀  ▀      █████▄
████     ▄▀▄  ▀ ▀████
███    ▄▀▄ ▄▀▄    ███
▀███▄▄  ▀█ █▀   ▄███▀
▀████████ ████████▀
▀███████████████▀
▀▀███████▀▀
.

70% COMSN
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
MIX NOW!
.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀  ▀  ▀  ▀  ▀
▄  ▄  ▄  ▄  ▄

▀  ▀  ▀  ▀  ▀
▄  ▄  ▄  ▄  ▄

▀  ▀  ▀  ▀  ▀
▄  ▄  ▄  ▄  ▄

▀  ▀  ▀  ▀  ▀
▄  ▄  ▄  ▄  ▄

▀  ▀  ▀  ▀  ▀
prix
Hero Member
*****
Offline Offline

Activity: 752
Merit: 510


View Profile
October 08, 2019, 03:09:33 AM
 #15

If I can suggest a simple work around to avoid this kind of theft, I can suggest a easy virtual machine installation
I use it for my home banking and Crypto transfers.
An USB, 128gb or more to get acceptable performance
All the address saved in the task bar to avoid fake site found by googling
Linux lubuntu, a lighted and fast version of Linux.
When I need to use home baking or Crypto wallet I use this USB. I called it bank box.
Not sure at 100, but for sure more Than home pc.
If I'm forced to use it from my home pc, I usually check the first and last 3 or for address chars.

I also used a virtual machine for some time and it was with lubuntu too.
But still, this method, although safer, also has drawbacks if a trojan settles on the main computer.
Therefore, over time, I moved to an old dedicated laptop.

I hope did you turn off access to the host clipboard in the guest isolation settings?

I also think that 3+3 characters is not enough. It is possible to do hijacker that will pick up a larger number of characters.
unsoindovo
Legendary
*
Offline Offline

Activity: 1764
Merit: 1025

CryptoTalk.Org - Get Paid for every Post!


View Profile
October 08, 2019, 06:02:32 AM
 #16

If I can suggest a simple work around to avoid this kind of theft, I can suggest a easy virtual machine installation
I use it for my home banking and Crypto transfers.
An USB, 128gb or more to get acceptable performance
All the address saved in the task bar to avoid fake site found by googling
Linux lubuntu, a lighted and fast version of Linux.
When I need to use home baking or Crypto wallet I use this USB. I called it bank box.
Not sure at 100, but for sure more Than home pc.
If I'm forced to use it from my home pc, I usually check the first and last 3 or for address chars.

I also used a virtual machine for some time and it was with lubuntu too.
But still, this method, although safer, also has drawbacks if a trojan settles on the main computer.
Therefore, over time, I moved to an old dedicated laptop.

I hope did you turn off access to the host clipboard in the guest isolation settings?

I also think that 3+3 characters is not enough. It is possible to do hijacker that will pick up a larger number of characters.

OK for the keyboard host settings.
But I think vm remain one of the most secure and safe behavior against theft.
But this is true, if you just use this virtual machine for that task.
Never navigate on internet fron bank box, neve read email from there.
Do just bank/Crypto transfert from saved Link.

 
                                . ██████████.
                              .████████████████.
                           .██████████████████████.
                        -█████████████████████████████
                     .██████████████████████████████████.
                  -█████████████████████████████████████████
               -███████████████████████████████████████████████
           .-█████████████████████████████████████████████████████.
        .████████████████████████████████████████████████████████████
       .██████████████████████████████████████████████████████████████.
       .██████████████████████████████████████████████████████████████.
       ..████████████████████████████████████████████████████████████..
       .   .██████████████████████████████████████████████████████.
       .      .████████████████████████████████████████████████.

       .       .██████████████████████████████████████████████
       .    ██████████████████████████████████████████████████████
       .█████████████████████████████████████████████████████████████.
        .███████████████████████████████████████████████████████████
           .█████████████████████████████████████████████████████
              .████████████████████████████████████████████████
                   ████████████████████████████████████████
                      ██████████████████████████████████
                          ██████████████████████████
                             ████████████████████
                               ████████████████
                                   █████████
.CryptoTalk.org.|.MAKE POSTS AND EARN BTC!.🏆
GSpgh
Sr. Member
****
Offline Offline

Activity: 501
Merit: 290



View Profile
October 08, 2019, 02:50:13 PM
 #17


I think it should be Ctrl-C, then Ctrl-F, then Ctrl-V.

Nothing wrong with that tutorial, Why CTRL+V, then CTRL+F, then CTRL-V, After you have copied wallet address, you need to paste clipboard. It means we need the first CTRL+V, After we are pasted wallet address, we need to check wallet address from clipboard results, then we need CTRL+F.  The last CTRL+V is for a paste wallet address on the search form.

So, for complete process is CTRL+C > CTRL+V > CTRL+F > CTRL+V, like LoyceV says.

No, the post says to select a part of the pasted address, I assume to avoid triggering the clipboard malware. It wouldn't make sense to do Ctrl-V immediately after selecting a piece of text. Anyway, it's been fixed so not an issue anymore.

Your method works too but only if malware doesn't do reverse substitution.


          ▄▄████▄▄
      ▄▄███▀    ▀███▄▄
   ▄████████▄▄▄▄████████▄
  ▀██████████████████████▀
▐█▄▄ ▀▀████▀    ▀████▀▀ ▄▄██
▐█████▄▄ ▀██▄▄▄▄██▀ ▄▄██▀  █
▐██ ▀████▄▄ ▀██▀ ▄▄████  ▄██
▐██  ███████▄  ▄████████████
▐██  █▌▐█ ▀██  ██████▀  ████
▐██  █▌▐█  ██  █████  ▄█████
 ███▄ ▌▐█  ██  ████████████▀
  ▀▀████▄ ▄██  ██▀  ████▀▀
      ▀▀█████  █  ▄██▀▀
         ▀▀██  ██▀▀
WINDICE████
██
██
██
██
██
██
██
██
██
██
██
██
████
      ▄████████▀
     ▄████████
    ▄███████▀
   ▄███████▀
  ▄█████████████
 ▄████████████▀
▄███████████▀
     █████▀
    ████▀
   ████
  ███▀
 ██▀
█▀

██
██
██
██
██
██
██
██
██
██
██
██
     ▄▄█████▄   ▄▄▄▄
    ██████████▄███████▄
  ▄████████████████████▌
 ████████████████████████
▐████████████████████████▌
 ▀██████████████████████▀
     ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
     ▄█     ▄█     ▄█
   ▄██▌   ▄██▌   ▄██▌
   ▀▀▀    ▀▀▀    ▀▀▀
       ▄█     ▄█
     ▄██▌   ▄██▌
     ▀▀▀    ▀▀▀

██
██
██
██
██
██
██
██
██
██
██
██
                   ▄█▄
                 ▄█████▄
                █████████▄
       ▄       ██ ████████▌
     ▄███▄    ▐█▌▐█████████
   ▄███████▄   ██ ▀███████▀
 ▄███████████▄  ▀██▄▄████▀
▐█ ▄███████████    ▀▀▀▀
█ █████████████▌      ▄
█▄▀████████████▌    ▄███▄
▐█▄▀███████████    ▐█▐███▌
 ▀██▄▄▀▀█████▀      ▀█▄█▀
   ▀▀▀███▀▀▀
████
  ██
  ██
  ██
  ██
  ██
  ██
  ██
  ██
  ██
  ██
  ██
  ██
████


▄▄████████▄▄
▄████████████████▄
▄████████████████████▄
███████████████▀▀  █████
████████████▀▀      ██████
▐████████▀▀   ▄▄     ██████▌
▐████▀▀    ▄█▀▀     ███████▌
▐████████ █▀        ███████▌
████████ █ ▄███▄   ███████
████████████████▄▄██████
▀████████████████████▀
▀████████████████▀
▀▀████████▀▀
██████
██████
███
███
███
███
███
███
███
███
███
███
██████
██████
.Play Now.██████
██████
   ███
   ███
   ███
   ███
   ███
   ███
   ███
   ███
   ███
   ███
██████
██████
robelneo
Legendary
*
Offline Offline

Activity: 1624
Merit: 1011


CryptoTalk.Org - Get Paid for every Post!


View Profile
October 08, 2019, 04:16:04 PM
Last edit: October 08, 2019, 04:31:54 PM by robelneo
 #18

I become aware of that two years ago it was big news back then, that was one of the reasons I add another anti-malware on my computer I also develop a habit where I will wait 30 seconds before sending the funds I will look on the first three character and the last three character to make sure I'm sending to the right address, if you're aware on something like this you will develop a precautionary measure so that it will not happen to you.

 
                                . ██████████.
                              .████████████████.
                           .██████████████████████.
                        -█████████████████████████████
                     .██████████████████████████████████.
                  -█████████████████████████████████████████
               -███████████████████████████████████████████████
           .-█████████████████████████████████████████████████████.
        .████████████████████████████████████████████████████████████
       .██████████████████████████████████████████████████████████████.
       .██████████████████████████████████████████████████████████████.
       ..████████████████████████████████████████████████████████████..
       .   .██████████████████████████████████████████████████████.
       .      .████████████████████████████████████████████████.

       .       .██████████████████████████████████████████████
       .    ██████████████████████████████████████████████████████
       .█████████████████████████████████████████████████████████████.
        .███████████████████████████████████████████████████████████
           .█████████████████████████████████████████████████████
              .████████████████████████████████████████████████
                   ████████████████████████████████████████
                      ██████████████████████████████████
                          ██████████████████████████
                             ████████████████████
                               ████████████████
                                   █████████
.CryptoTalk.org.|.MAKE POSTS AND EARN BTC!.🏆
ETFbitcoin
Legendary
*
Offline Offline

Activity: 1848
Merit: 2122

Use SegWit and enjoy lower fees.


View Profile WWW
October 08, 2019, 06:02:31 PM
 #19

Does anyone else find the SegWit bech32 (bc1...) addresses harder to verify visually? I don't know if it's the long prefix or the all lowercase format but it's just so unwieldy.

Bech32 is longer, but IMO it should be easier to verify since it uses less character (only 32 character) and all of them either lower character/number which is easier to see the difference

I also think that 3+3 characters is not enough. It is possible to do hijacker that will pick up a larger number of characters.

Unless the malware prepare list of address in advance, i doubt the malware can create address with 3 + 3 characters on short interval between Ctrl-C and Ctrl-V.

stompix
Legendary
*
Offline Offline

Activity: 1274
Merit: 1217



View Profile
October 09, 2019, 07:33:40 AM
Merited by bob123 (2)
 #20

Was wondering the same, how many checked characters would make the process safe?
I read that vanity gen is able to do 50mils keys per second, let's keep this number, multiply by 10 seconds and at this point, I still believe checking the first and last 4-5 characters is enough.
And without having a clue I doubt the malware would store billions of addresses in text files and filling up the HDD with those.


Pages: [1] 2 3 4 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!