How to lose your Bitcoins with CTRL-C CTRL-V

[Black Cookies]

To avoid this kind of happenings, avoid visiting malicious sites that has been blocked by google. There are some advertisements that once you clicked them, they will automatically download something in your device. Once installed, they might take over on that device. You better be careful on the things that you click on the internet.

[LoyceV]

avoid visiting malicious sites that has been blocked by google.

Don't rely on Google though, they also allow phishing sites to advertise on their search engine.

[Baofeng]

bump.



https://twitter.com/ElectrumWallet/status/1250774410115665922

Probably there's a new variant in the wild, so just a friendly reminder to everyone.

[DavidPham]

Usually I will look closely once the wallet address needs to be sent and compare it at least 5-6 last characters before sending ). Looking forward to changing someone's habits

[skarais]

Honestly, I am very often with Ctrl-C and Ctrl-V when sending bitcoin to exchange or vice versa from exchange to my wallet. I usually make a few small attempts before sending like the points you say (check carefully).
The question is, if we scan a barcode it directly from the exchange can also be changed by malware ?

[Csmiami]

---

Quoting from a recent thread....

Do such viruses affect QR scanning?

Probably not.
But malware can still change QR codes to either change the address or the amount.

So there is a chance of a malware changing the QR you are scanning into the hacker's one (the quoted thread is about paperclip malware, in case someone wants some context)

[LoyceV]

So there is a chance of a malware changing the QR

Malicious QR code readers steal a lot of money.

Bitpay shows a different code instead of a Bitcoin address. I only use it for small amounts, but because it doesn't even show the actual address, I wouldn't know how to check if I pay the correct addy. From what I understand, this is meant to make it more secure and less prone to error for inexperienced users (but I can't check that).

[Csmiami]

----

So the vulmerability can come from:

a)Malware changing the QR code
b)Malware on the code reader (app and/or terminal)
c)all of the above

Copy pasting and the hand-checking the address seems "safer" if that's true....

[PrimeNumber7]

----

So the vulmerability can come from:

a)Malware changing the QR code
b)Malware on the code reader (app and/or terminal)
c)all of the above

Copy pasting and the hand-checking the address seems "safer" if that's true....

It is also possible the malware will change what is displayed on your computer. So your computer would display 3_correct_address, however in reality, the malware is actually sending coin to 3_maleware_creator_address. Or malware could not touch anything you input, and simply grab your private keys once you decrypt your wallet, and send all your coin to 3_maleware_creator_address.

[skarais]

~~~

Thank you for answering my question. The wallet application that I use has a QR code scanning feature when we want to send bitcoin to an exchange address or to another wallet and so far the address generated by this scanner has not changed even though I have to check it several times before clicking to send.
I didnt use another scanner application to get the bitcoin address because maybe it would be far more dangerous than the original wallet feature.

I hope this will be a good and safe solution for me and others. Thank you LoyceV.

~~~
2. Check the entire address after copy/pasting, and not just the first few (or last few) characters. Check some in the middle too. That's a lot of work, so chances are you won't do that either.
~~~

[Devawnm367]

I always double check, triple check and evwn QUAD check. Lol But I never thought about a scammer changing through copy paste! Thanks for the heads up! I will triple, double, quintriple check from here forward!

+1 merit IF I had SENDABLE Merits! Lol

[Lordhermes]

I have never thought of this and I don't think I will do such until I come across your post op, this brings about latest hack information and how to avoid it.  People might have fallen victim of this scam setting, any scam road place there must be safe ways too. Thank you LoyceV for the information. Already seen you bumped and that's straight up.

[pixie85]

Isn't it enough to check just the fist 4-5 and last 4-5 characters?

It's probably enough, but I prefer a higher degree of certainty than just "probably".

I had that malware on my laptop once and the first three checked out.

Some sites allow you to only see first part of the address before you copy it. The rest is covered by the "copy" button. Coinbase does it like that as well as many mobile wallets.

I've noticed that it that first 3 and last 3 never match. The malware or at least the one that I had focuses on matching the first 2 or 3 characters and that's it.
It's unable to match both first and last characters so it tries to math as many first characters as it can hoping the victim will not notice.

[LoyceV]

I've noticed that it that first 3 and last 3 never match. The malware or at least the one that I had focuses on matching the first 2 or 3 characters and that's it.
It's unable to match both first and last characters so it tries to math as many first characters as it can hoping the victim will not notice.

Matching the first and last 3 characters gives 38 billion combinations (58^6). Times 3 if you add all different address types (starting with 1.., 3.. and bc1q..). That means a 4 TB database is enough to accomplish this. And for 25% chance to find a match, just 1 TB is enough.
Existing malware may not do this yet, but I'm pretty sure it will happen eventually. So you can just as well get used to doing a much more thorough check before sending your coins.

[Bitfort]

Hilarious topic title

Since I first heard about this virus I get used to always check the first and last 3 characters.
Sometimes there is eye catching part in the middle easy to check as well (double or tripple letters, whole word etc.). 

[Crypto Bright]

These post has made me to remember my past experience when i was a new into bitcoin payment, without double check the wallet address before sending the fund, that lead me to loose. while hopefully my CTRL-C Picked the addressed without changing effect, mean why, i trust my CTRL-V key to pest without me knowing address change speedily as soon as possible that lead me to double payment.

Since then, I learn my lesson for any given transaction to send fund on a hurry.  

[bitcoin talk]

Yes. Windows 10 has a built in keylogger, and it sends everything you type to Microsoft for "analysis".

Does Windows 8.1 do that too?

[bob123]

Does Windows 8.1 do that too?

I wouldn't bet against it.

In the end, you'll never know what your OS is doing.
If you want to keep sensitive information private, you'd be better off using a different OS.

[oHnK]

My suspicions have been answered, so far when transferring Btc or similar transactions, I have never even been confident with just one click ctrl + c and ctrl + v then I just send it.  Before making a transaction I sometimes even check the link many times at least 3 times before I actually send it.  It turns out that my intuition is very useful to protect me from cases like this.

[Smartvirus]

I wonder how I've not been a victim to this because, I don't. Do non of these things and isn't sure I would be doing that either.  Won't it have been more easier to know the specific malwares to watch out for that effects these change of addresses so as to note and clean them up in one anti- whatever swipe...

Again, comparing addresses is more like you trying it manually over again. Like IASENKO said, considering a few characters isn't enough. Although,  o_e_l_e_o suggestion would be effective since from indications, the changes is down within the time frame between when the address is copied and being pasted. So, a duplicate screen for typing manually instead of mare comparing alone and typing more accurately could be the best form of skepticism. Though, you'll still need to confirm before sending.