Be careful when copy-pasting a Bitcoin address

[bL4nkcode]

Be careful when copy-pasting a Bitcoin address. Current clipboard malware tries to replace them with similar-looking addresses, that start and end with the same characters.

https://twitter.com/ElectrumWallet/status/1250774410115665922



Now, I wonder how attackers do this if its vanity address or a pre-generated address or real-time generating from a script that reads the first and ends characters but it will consume time and resources for this kind of attack.

#StaySafe

[1713906564]

1713906564

[1713906564]

1713906564

[1713906564]

1713906564

[1713906564]

1713906564

[jackg]

This can be done with a botnet if necessary to produce addresses and send them out (vanity gen allows for running with a partial key too so others can't decrypt).

Or a pregenerated list of addresses that are probably not too big. Try to remember the first 5, copy paste, then check the last five before hitting submit.

[HCP]

Always a good reminder, but I don't think that the malware using similar addresses is exactly a new development...

Now, I wonder how attackers do this if its vanity address or a pre-generated address or real-time generating from a script that reads the first and ends characters but it will consume time and resources for this kind of attack.

This article from 2018, shows how the malware is detecting addresses and then sends to a remote server to get a replacement one... most likely so they can send back a similar looking key that has been pre-generated.

As someone on the Electrum twitter thread said, it would take less that a Terabyte of storage to hold all combinations of first+last 3 chars... That's peanuts in the world of storage today. With a vanity address I guess you're more likely to notice it if your 5 character "1bL4nk" address was suddenly "1bL3z"... even my "1HCPx" address would probably be ok... But I don't see it as a problem because I usually check a lot more than 3 chars... I usually check around 5 or 6 at beginning and end and look for a distinctive pattern in the middle as well.

[pooya87]

it must be a database because i don't think it would even be possible to find a similar looking address within reasonable time that has both matching starting characters and ending characters. the amount of work for something like that increases more than just finding the match for the beginning that it requires pre-generation.

[Lucius]

Problem is in fact that most Electrum users do not use preview button before they click send button, and if this malware is replaced first and last 3 characters of BTC address to look like a legitimate address, loss is guaranteed. If this is not some new clipboard malware, then any average antivirus/antimalware would prevent such attempt very easy.

I am in crypto for 6+ years, and I was never experienced something similar to this, even though I've used Multibit and Electrum, and some other desktop wallets for years on PC with cracked Windows, with torrents and all usual stuff. But I always have top protection which stop all bad things before they even infect my PC. Today I use only hardware wallets, and they force you to check all transaction details before confirm transaction,

So I wonder if this warning is only for those using Electrum without using the brain at all - copy/paste address + send = my coins are gone?

[hugeblack]

How many characters can we say are safe if we verify them? I don't think there is a database or even an attempt to generate a similar address for the first and last 6 characters (58^12 = 1.45 * 10^21)? True.
Generally, you can increase the difficulty by taking the first 3 letters, the last 3 letters and 2 random letters from the middle.
Do such viruses affect QR scanning?
#Edit: Maybe I found an answer:

In the instance that was reported to us, only the first and last 2 characters matched. Excluding the starting '1' , that's 3 characters. Might be bruteforced locally.

[bob123]

How many characters can we say are safe if we verify them?

IMO this depends on the amount you are transferring.
For like 5$, checking just a few chars should be enough. The worst case is you lose 5$.

If you however transfer multiple thousands of $, i'd check at least 8 chars.
Generating a vanity address with 8 given chars costs around 1k$. And an attacker can't know whether you are checking the first or the last 8. Or if you maybe split it into 4 from the beginning and 4 at the end.

So, with 8 chars you should be on the safe side.

Do such viruses affect QR scanning?

Probably not.
But malware can still change QR codes to either change the address or the amount.

This exact type of malware which changes your clipping board with a similar looking address probably won't do that.
But whether THIS malware does it, shouldn't be your concern.

[o_e_l_e_o]

I honestly do not understand why we keep seeing this debate popping up again and again. It takes less than 10 seconds to check the full address. Why are people trying to cut corners of a few seconds when potential thousands of dollars are at risk? Just hold your mobile phone/hardware wallet/whatever up to your computer screen, or resize two windows on your screen, so the address you are actually sending to is right next to the address you think you are sending to. Once the two addresses are physically right beside each other, it is trivial to compare the full address and see any differences. You don't even have to memorize any characters. For example:

1Ny9qqL7qsyzCmLjfUzVRMy8ej569wGQey

1Ny9qqLNqsyzFmLtf2zVAMy2ej539wGQey

Those two addresses are more similar than any copy and paste malware by several orders of magnitude, and if you compared the first 6 and last 6 characters they would all match, but I bet you could all tell in less than 2 seconds that they were different.

[bL4nkcode]

But I don't see it as a problem because I usually check a lot more than 3 chars... I usually check around 5 or 6 at beginning and end and look for a distinctive pattern in the middle as well.

Well, I usually check 3-4 chars start and end, but I think that's the most recommended thing even there are installed anti-virus or whatever, checking from start and end of the address with 5-8 characters, no less.

[pooya87]

1Ny9qqL7qsyzCmLjfUzVRMy8ej569wGQey
1Ny9qqLNqsyzFmLtf2zVAMy2ej539wGQey

the problem is finding a valid address that has a private key. the second one is not valid and there is no way to find an address that has so many similar characters from a private key since it would take until the end of time! the malwares do the former.
otherwise, to by annoying, you could easily find a collision to an address without a private key. here is my tiny attempt:
1Ny9qqL7qsyzCmLjfUzVRMyBS3HmoWGQey
1Ny9qqL7qsyzCmLjfUzVRMxopVwyQrGQey
1Ny9qqL7qxb1tYX2XmPY2Run9tVJgCGQey
1Ny9qqL7r1XpRjeevXJQfeTEFfLyndGQey
1Ny9qqL7qsmxZSauMYSrr6PHGEfasNGQey
1Ny9qqL7qzL46Tfd8U5AV2h2fonMuoGQey

[o_e_l_e_o]

the problem is finding a valid address that has a private key. the second one is not valid and there is no way to find an address that has so many similar characters from a private key since it would take until the end of time!

But that's exactly my point. Even with two addresses which are more similar than anything malware can achieve, or indeed, which are more similar than is even possible, it is absolutely trivial to immediately spot the differences when you just physically put them next to each other.

I've never understood the arguments about checking 5 characters, or maybe it should be 6, or maybe 8, or maybe 5 at the start and 5 at the end, or maybe 3 is ok if you also check some in the middle, etc. My method is both quicker and more secure than reading x characters, alt-tabbing to a new window, checking the x characters, reading x more characters, alt-tabbing back, checking those x characters, and so on. Even if you think my method takes a few seconds longer, then surely it's worth it for your security? We are talking literal seconds. The average person wastes over 2 hours per day on social media.

[HCP]

Even if you think my method takes a few seconds longer, then surely it's worth it for your security? We are talking literal seconds. The average person wastes over 2 hours per day on social media.

Sadly, I think you're tilting at windows o_e_l_e_o

People are lazy... and I suspect that because of the volatile nature of bitcoin (in $$$ terms) and the fact that you can't really spend bitcoin on anything, a lot of users struggle with how much bitcoin is "worth"... until it all gets "stolen" due to their own laziness and failure to "Be their own Bank's security department".

This is why we constantly see threads pop up where users have fallen victim to copy/paste malware... or simply copy/pasted the wrong address from another app/program... or not written down their seed mnemonic on paper and just copy/pasted it into an email/txt document or taken a screenshot...

I've had instances where I thought I had copied the correct address and then pasted it, but when checking the transaction details before sending, I discovered that I had actually pasted in a previously copied address that had already been on the clipboard (not malware, I just hadn't ctrl-c'd properly).

So, I totally agree with you. It isn't hard to check a full address... and like you say, if the value is any more than $5 you can be sure I'm double checking my work at a minimum!

[BitMaxz]

That's why I keep my Electrum wallet disconnected to any nodes/server and always use the https://coinb.in/#verify before I broadcast the transaction. So that I can check my transaction first if the address and the amount are correct before I broadcast it on Coinb.in and Viabtc.

It is best practices for me compared to just pasting the BTC address and send that you don't know if you sent it to the correct address or sent the wrong amount of BTC.

And I think it's the best to use segwit address because I don't heard any segwit users experienced copy-paste malware what do you think?

[Russlenat]

It is best practices for me compared to just pasting the BTC address and send that you don't know if you sent it to the correct address or sent the wrong amount of BTC.

I'm aware of this malware as I also got victim of this in the past, lucky it's just a certain amount that I could easily move one and learn.
Now, this is new, they are going for a similar address and I think I like your tip as normally when I verify the address, I just look at the last 3 chars.

And I think it's the best to use segwit address because I don't heard any segwit users experienced copy-paste malware what do you think?

If only our local exchange supported Segwit then I'd certainly use segwit instead of legacy address.


@bL4nkcode thanks for the warning... got electrum accounts but I don't put all my btc in different wallets.

[o_e_l_e_o]

a lot of users struggle with how much bitcoin is "worth".

It's ridiculous really. If you were moving $10,000 between bank accounts, or transferring to someone else, or paying off a bill, etc., then almost everyone is going to double check the details on the paperwork or the online form. But when it comes to moving a bitcoin or two around, suddenly cutting corners and only checking three or four characters is the norm.

Can you imagine if your fiat bank called you up and said "Sorry, we lost your money because we didn't double check the account number we were sending it to". You'd be up in arms, taking legal action, definitely moving to a different bank. Why should bitcoin be any different?

As you say, unfortunately some people aren't responsible enough to be their own bank.

[20kevin20]

Problem is in fact that most Electrum users do not use preview button before they click send button
~

I haven't used Electrum for sending BTC, is preview non-mandatory? If so, then it should be mandatory to avoid this issue from occuring, just like verifying the address is mandatory on Ledgers. Although it doesn't avoid the issue completely as one can simply ignore the preview window, it does pop up to subconsciously remind you "hey, check the address again!".

Same thing goes for seed backup upon wallet creation. All wallets should impose a mandatory seed backup and verification without the possibility of taking a screenshot of the seed or copying it to the clipboard for extra protection. I have seen too many wallets letting their users skip the process. It's a crucial step for any of us, not only for newbies. I have ignored the seed backup step many times recently although I am aware of how important of a step it is!

Now that I'm using HWs only, it feels pretty scary to think about using a wallet without having to confirm a tx by pushing the buttons of an external device

[o_e_l_e_o]

I haven't used Electrum for sending BTC, is preview non-mandatory?

Correct. There are separate buttons for "Send" and "Preview", and only clicking the latter will give you a preview of the addresses you are sending to. Clicking the former gives you a confirmation of the amount and the fee only (and asks for your password if you have one), but not the addresses.

I only use Electrum either in conjunction with a hardware wallet or on a permanently airgapped machine, so I am always forced to confirm my transactions prior to them being broadcast. I would agree that if you are using Electrum as a hot wallet, it would be a good idea to always show the preview window prior to signing.

[Pmalek]

just like verifying the address is mandatory on Ledgers.

It actually isn't mandatory. I thought it was in the past as well. But you can open up your Ledger Live software and generate a new receiving address without checking and verifying it on your hardware device. You'll see a warning that the address has not been verified and no hardware wallet is connected, but it is still possible to do.

Regarding the clipboard virus. +1 for the way Nano S handles this. Each address is divided into 3 parts because of the screen size of Nano S. It makes it even easier to check the address.   

[HCP]

Correct. There are separate buttons for "Send" and "Preview", and only clicking the latter will give you a preview of the addresses you are sending to. Clicking the former gives you a confirmation of the amount and the fee only (and asks for your password if you have one), but not the addresses.

I would agree that if you are using Electrum as a hot wallet, it would be a good idea to always show the preview window prior to signing.

Looks as though you're going to get your wish, as the workflow looks like it is being changed in the upcoming v4 release of Electrum...
No, I'm just a moron that forgot about ticking boxes in the prefences... thanks nc50lc! - See next post!


Now on the initial "send" tab, there is just a "Pay" button:



Once you click on that, you are presented with the "Create Transaction" window that lets you set the fee, RBF (and even LockTime! ) and shows all the relevant details, such as the inputs and outputs etc:



Once you click "Finalize", you then see the final transaction size and details and can export, save, combine, sign+broadcast etc:

[nc50lc]

Once you click on that, you are presented with the "Create Transaction" window that lets you set the fee, RBF (and even LockTime! ) and shows all the relevant details, such as the inputs and outputs etc:

That will only show directly of you enabled it in the settings (Tools->Preferences->'Transactions' tab->Advanced preview).


Otherwise, it will only show a fee-slider, 'advanced' button (same as preview) and 'send' button.