Black Cookies
Newbie
Offline
Activity: 6
Merit: 1
|
|
February 29, 2020, 01:43:54 PM |
|
To avoid this kind of happenings, avoid visiting malicious sites that has been blocked by google. There are some advertisements that once you clicked them, they will automatically download something in your device. Once installed, they might take over on that device. You better be careful on the things that you click on the internet.
|
|
|
|
LoyceV (OP)
Legendary
Offline
Activity: 3318
Merit: 16673
Thick-Skinned Gang Leader and Golden Feather 2021
|
|
February 29, 2020, 01:56:59 PM |
|
avoid visiting malicious sites that has been blocked by google. Don't rely on Google though, they also allow phishing sites to advertise on their search engine.
|
|
|
|
Baofeng
Legendary
Offline
Activity: 2604
Merit: 1659
|
|
April 16, 2020, 01:40:23 PM |
|
bump. https://twitter.com/ElectrumWallet/status/1250774410115665922Probably there's a new variant in the wild, so just a friendly reminder to everyone.
|
| │ | ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███▀▀▀█████████████████ ███▄▄▄█████████████████ ███████████████████████ ███████████████████████ ███████████████████████ █████████████████████ ███████████████████ ███████████████ ████████████████████████ | ███████████████████████████ ███████████████████████████ ███████████████████████████ █████████▀▀██▀██▀▀█████████ █████████████▄█████████████ ████████▄█████████▄████████ █████████████▄█████████████ █████████████▄█▄███████████ ██████████▀▀█████████████ ██████████▀█▀██████████ ▀███████████████████▀ ▀███████████████▀ █████████████████████████ | | | O F F I C I A L P A R T N E R S ▬▬▬▬▬▬▬▬▬▬ ASTON VILLA FC BURNLEY FC | | | BK8? | | | . ..PLAY NOW.. |
|
|
|
DavidPham
Newbie
Offline
Activity: 66
Merit: 0
|
|
April 18, 2020, 02:44:09 AM |
|
Usually I will look closely once the wallet address needs to be sent and compare it at least 5-6 last characters before sending ). Looking forward to changing someone's habits
|
|
|
|
skarais
Legendary
Offline
Activity: 2492
Merit: 2134
|
|
May 03, 2020, 06:42:39 PM |
|
Honestly, I am very often with Ctrl-C and Ctrl-V when sending bitcoin to exchange or vice versa from exchange to my wallet. I usually make a few small attempts before sending like the points you say (check carefully). The question is, if we scan a barcode it directly from the exchange can also be changed by malware ?
|
|
|
|
Csmiami
Copper Member
Legendary
Offline
Activity: 1596
Merit: 1323
I'm sometimes known as "miniadmin"
|
|
May 03, 2020, 06:46:24 PM |
|
--- Quoting from a recent thread.... Do such viruses affect QR scanning?
Probably not. But malware can still change QR codes to either change the address or the amount. So there is a chance of a malware changing the QR you are scanning into the hacker's one (the quoted thread is about paperclip malware, in case someone wants some context)
|
|
|
|
LoyceV (OP)
Legendary
Offline
Activity: 3318
Merit: 16673
Thick-Skinned Gang Leader and Golden Feather 2021
|
|
May 03, 2020, 07:33:32 PM Merited by JayJuanGee (1) |
|
So there is a chance of a malware changing the QR Malicious QR code readers steal a lot of money. Bitpay shows a different code instead of a Bitcoin address. I only use it for small amounts, but because it doesn't even show the actual address, I wouldn't know how to check if I pay the correct addy. From what I understand, this is meant to make it more secure and less prone to error for inexperienced users (but I can't check that).
|
|
|
|
Csmiami
Copper Member
Legendary
Offline
Activity: 1596
Merit: 1323
I'm sometimes known as "miniadmin"
|
----
So the vulmerability can come from: a)Malware changing the QR code b)Malware on the code reader (app and/or terminal) c)all of the above Copy pasting and the hand-checking the address seems "safer" if that's true....
|
|
|
|
PrimeNumber7
Copper Member
Legendary
Offline
Activity: 1624
Merit: 1899
Amazon Prime Member #7
|
|
May 03, 2020, 08:38:11 PM Merited by JayJuanGee (1) |
|
----
So the vulmerability can come from: a)Malware changing the QR code b)Malware on the code reader (app and/or terminal) c)all of the above Copy pasting and the hand-checking the address seems "safer" if that's true.... It is also possible the malware will change what is displayed on your computer. So your computer would display 3_correct_address, however in reality, the malware is actually sending coin to 3_maleware_creator_address. Or malware could not touch anything you input, and simply grab your private keys once you decrypt your wallet, and send all your coin to 3_maleware_creator_address.
|
|
|
|
skarais
Legendary
Offline
Activity: 2492
Merit: 2134
|
|
May 04, 2020, 03:36:01 PM |
|
~~~
Thank you for answering my question. The wallet application that I use has a QR code scanning feature when we want to send bitcoin to an exchange address or to another wallet and so far the address generated by this scanner has not changed even though I have to check it several times before clicking to send. I didnt use another scanner application to get the bitcoin address because maybe it would be far more dangerous than the original wallet feature. I hope this will be a good and safe solution for me and others. Thank you LoyceV. ~~~ 2. Check the entire address after copy/pasting, and not just the first few (or last few) characters. Check some in the middle too. That's a lot of work, so chances are you won't do that either. ~~~
|
|
|
|
Devawnm367
Full Member
Offline
Activity: 1036
Merit: 144
Penguin Party 🐟
|
|
May 05, 2020, 02:14:51 AM |
|
I always double check, triple check and evwn QUAD check. Lol But I never thought about a scammer changing through copy paste! Thanks for the heads up! I will triple, double, quintriple check from here forward!
+1 merit IF I had SENDABLE Merits! Lol
|
𝕻𝖊𝖓𝖌𝖚𝖎𝖓 𝕾𝖜𝛼𝖕PENGUIN PARTY BAITSHOP! Swap, Pool, Stake, or Vote
|
|
|
Lordhermes
|
|
July 02, 2020, 09:39:33 PM |
|
I have never thought of this and I don't think I will do such until I come across your post op, this brings about latest hack information and how to avoid it. People might have fallen victim of this scam setting, any scam road place there must be safe ways too. Thank you LoyceV for the information. Already seen you bumped and that's straight up.
|
|
|
|
pixie85
|
Isn't it enough to check just the fist 4-5 and last 4-5 characters? It's probably enough, but I prefer a higher degree of certainty than just "probably". I had that malware on my laptop once and the first three checked out. Some sites allow you to only see first part of the address before you copy it. The rest is covered by the "copy" button. Coinbase does it like that as well as many mobile wallets. I've noticed that it that first 3 and last 3 never match. The malware or at least the one that I had focuses on matching the first 2 or 3 characters and that's it. It's unable to match both first and last characters so it tries to math as many first characters as it can hoping the victim will not notice.
|
|
|
|
LoyceV (OP)
Legendary
Offline
Activity: 3318
Merit: 16673
Thick-Skinned Gang Leader and Golden Feather 2021
|
I've noticed that it that first 3 and last 3 never match. The malware or at least the one that I had focuses on matching the first 2 or 3 characters and that's it. It's unable to match both first and last characters so it tries to math as many first characters as it can hoping the victim will not notice. Matching the first and last 3 characters gives 38 billion combinations (58^6). Times 3 if you add all different address types (starting with 1.., 3.. and bc1q..). That means a 4 TB database is enough to accomplish this. And for 25% chance to find a match, just 1 TB is enough. Existing malware may not do this yet, but I'm pretty sure it will happen eventually. So you can just as well get used to doing a much more thorough check before sending your coins.
|
|
|
|
Bitfort
Sr. Member
Offline
Activity: 952
Merit: 339
invest trade and gamble wisely
|
|
August 01, 2020, 07:24:17 AM |
|
Hilarious topic title Since I first heard about this virus I get used to always check the first and last 3 characters. Sometimes there is eye catching part in the middle easy to check as well (double or tripple letters, whole word etc.).
|
MY HINTs ◄M► MINING ◄G► GAMBLING ◄E► EXCHANGE
| ◄E► (KCS) Kucoin-Staking, Auto-Lending, Trading-Bot ◄E► (BNB) Binance-Staking, Savings, 10% RefBack ◄E► (TRX) Poloniex-Staking, Lending, Fee Discount ◄E► (LEO) Bitfinex-Staking, Auto-Lending
| ◄G► Betfury-Faucet, Dividend Earnings (BFG holders, mine BFG by playing) ◄G► Bitvest - Faucet, Bankroll Invest ◄G► CryptoGames-Faucet, Lotto ◄G► PrimeDice-Faucet
| ◄M► Prohashing (Multipool)-Payout in any coin, get 0.50% bonus for 30 days ◄M► MiningRigRentals (Marketplace)-buy hashrate or rent your miners ◄M► Viabtc (Pool)-payout to Coinex (exchnage) without fees
|
|
|
|
Crypto Bright
Newbie
Offline
Activity: 252
Merit: 0
|
|
December 29, 2020, 11:53:13 AM |
|
These post has made me to remember my past experience when i was a new into bitcoin payment, without double check the wallet address before sending the fund, that lead me to loose. while hopefully my CTRL-C Picked the addressed without changing effect, mean why, i trust my CTRL-V key to pest without me knowing address change speedily as soon as possible that lead me to double payment.
Since then, I learn my lesson for any given transaction to send fund on a hurry.
|
|
|
|
bitcoin talk
Member
Offline
Activity: 249
Merit: 12
Join us at slack https://bitcoin-talkers.slack.com
|
|
December 30, 2020, 08:15:32 AM |
|
Yes. Windows 10 has a built in keylogger, and it sends everything you type to Microsoft for "analysis".
Does Windows 8.1 do that too?
|
|
|
|
bob123
Legendary
Offline
Activity: 1624
Merit: 2481
|
|
December 30, 2020, 02:11:49 PM |
|
Does Windows 8.1 do that too? I wouldn't bet against it. In the end, you'll never know what your OS is doing. If you want to keep sensitive information private, you'd be better off using a different OS.
|
|
|
|
oHnK
|
|
December 30, 2020, 03:30:38 PM |
|
My suspicions have been answered, so far when transferring Btc or similar transactions, I have never even been confident with just one click ctrl + c and ctrl + v then I just send it. Before making a transaction I sometimes even check the link many times at least 3 times before I actually send it. It turns out that my intuition is very useful to protect me from cases like this.
|
|
|
|
Smartvirus
Legendary
Offline
Activity: 1442
Merit: 1113
|
|
January 10, 2021, 12:01:13 PM |
|
I wonder how I've not been a victim to this because, I don't. Do non of these things and isn't sure I would be doing that either. Won't it have been more easier to know the specific malwares to watch out for that effects these change of addresses so as to note and clean them up in one anti- whatever swipe... Again, comparing addresses is more like you trying it manually over again. Like IASENKO said, considering a few characters isn't enough. Although, o_e_l_e_o suggestion would be effective since from indications, the changes is down within the time frame between when the address is copied and being pasted. So, a duplicate screen for typing manually instead of mare comparing alone and typing more accurately could be the best form of skepticism. Though, you'll still need to confirm before sending.
|
R |
▀▀▀▀▀▀▀██████▄▄ ████████████████ ▀▀▀▀█████▀▀▀█████ ████████▌███▐████ ▄▄▄▄█████▄▄▄█████ ████████████████ ▄▄▄▄▄▄▄██████▀▀ | LLBIT | │ | CRYPTO FUTURES | | | | | | | │ | 1,000x LEVERAGE | │ | COMPETITIVE FEES | │ | INSTANT EXECUTION | │ | . TRADE NOW |
|
|
|
|