Clicking Links Malware/Keylogger Question

[jerry0]

I heard many cases where people download wrong wallet or click links and then your wallets get hacked whether its a wallet on their computer or on their phone.  Even when i watch youtube videos, you see some ppl on comments section post links where if you click on it... you can get malware/virus.  I seen some ppl say their phone got virus because of clicking on that.



Now i have a few questions on this.



1.  If you use an iphone and not android, you can still get hacked/malware/keylogger on it?  Imagine you download an app on the app store which is not legit.  So your phone can get hacked and keylogger etc?  I heard this can happen with android with the google play but what about IOS with iphone?  So that means if you check your email, that hacker has access to your entire device?  I always heard you can't or its so hard to get malware on iphones as oppose to androids.  Is this true or false?  Obviously dont click on links like that but if you do, is any wallet you have on your iphone in jeopardy?  What about using it in general because when you log in accounts on your phone, are you screwed because of keylogger?  I heard pc... well you are screwed.



2.  Now when you click on links on your pc that uses windows... obviously same thing.  But say you want to sign up for a site... say its a gambling site whether its poker or sports or anything like that.  I know there are ppl that want to sign you up and you can then get something extra because you used an agent/affliate and you have to click on their link to get tracked to them.  Now how safe is that?  If that affliate is legit... well you dont have to worry if they have lot of players.  But couldnt they easily put keylogger/malware on it and you are screwed?  Is there a way to check if a link you will click on from someone is safe from keylogger/malware/virus before you click on it?

[Yakamoto]

I do believe this should go in another section but I'll give you my understanding of the issue anyway.

As far as I remember there are very few (if any) keyloggers for iOS in the wild. The primary risks come from Android due to the way that the OS was designed.

For example, iOS "sandboxes" or isolates a lot of their apps from each other. This makes it substantially harder for potential hackers to make their malware operate between apps. This does not apply to jailbroken iPhones, however, and they are at risk of getting Malware. I'm not sure about the technical details, unfortunately.

Now Android, on the other hand, doesn't have this sandboxing as consistently as iOS due to the variety of flavors of Android that exist and are used by manufacturers. This makes it easier for people to potentially exploit common code in the OS and add a keylogger. How I don't know, because I'm not an Android dev.

As for affiliate links, if they're from the website itself you can't really get a keylogger unless the website itself is malicious as far as I know. Don't click on shortened URLs in a vulnerable environment and make use of virtual machines if you absolutely want to access a website but are still concerned.

Take my word with a grain of salt, though, because I am not a computer scientist and I do not do dev work on mobile devices right now. My answer may change in the future as I'm currently doing some courses related to this topic.

[Vaskiy]

Make it clear, whether it's is android, iOS or windows isn't a matter. Most of the time the hacks happen through you. The small mistakes you make gives access to the hacker. For example I've come across exchange website resembling the same as one of the leading cryptocurrency exchange. Somehow I understood it is a trap, if I haven't found it I could've entered the login details. The hacker gets all data from the other end. If I haven't enabled 2FA that's enough. He'll easily get into my account and transfer the funds.

[alani123]

1. Viruses on iPhones are extremely uncommon. If it's not jailbroken the selection of apps you have access to is even more limited and vetted. Even more so, if you uninstall the offending app, it should be safe. Phones work more like a sandbox with their apps. The worst issue I could see here realistically would be to download a malicious wallet that simply steals funds. But not a full device compromise as it could happen on windows.

2. So long as you don't allow anything to run code on your machine, it's hard for anyone to install a key logger on your machine. Clicking a link isn't all that bad. Just make sure you use a new password on EVERY site you use. And additionally make sure you always are on the correct URL. For example blockchain.com is different than biockchain.com. This is what you should be most careful on in the web.

[ranochigo]

1.  If you use an iphone and not android, you can still get hacked/malware/keylogger on it?  Imagine you download an app on the app store which is not legit.  So your phone can get hacked and keylogger etc?  I heard this can happen with android with the google play but what about IOS with iphone?  So that means if you check your email, that hacker has access to your entire device?  I always heard you can't or its so hard to get malware on iphones as oppose to androids.  Is this true or false?  Obviously dont click on links like that but if you do, is any wallet you have on your iphone in jeopardy?  What about using it in general because when you log in accounts on your phone, are you screwed because of keylogger?  I heard pc... well you are screwed.

Malware on mobile devices isn't uncommon. It does happen more often on Android than Apple as it is more open. There were several zero day exploits in the past that allowed remote code execution or widespread infection to take place. I wouldn't recommend using mobile wallets to hold large amounts of Bitcoin because it is not specifically designed for it. There are obvious risks to keep large amount of Bitcoins in portable devices.

2.  Now when you click on links on your pc that uses windows... obviously same thing.  But say you want to sign up for a site... say its a gambling site whether its poker or sports or anything like that.  I know there are ppl that want to sign you up and you can then get something extra because you used an agent/affliate and you have to click on their link to get tracked to them.  Now how safe is that?  If that affliate is legit... well you dont have to worry if they have lot of players.  But couldnt they easily put keylogger/malware on it and you are screwed?  Is there a way to check if a link you will click on from someone is safe from keylogger/malware/virus before you click on it?

Accessing websites shouldn't make you vulnerable to any viruses. There are cases, however, where the malware will utilise pre-existing vulnerabilities within the web browser or systems to gain access to your phone. The most obvious risks is when you're downloading stuff from malicious websites. I wouldn't recommend you to click on random ads or link for that matter.

[Wexnident]

It's still entirely possible for both Android and iOS to be infected by keyloggers/viruses. Still, it's not like there aren't signs of it being seen since it still technically uses the processing power of your phone, so if you manage to find something odd from your phone's normal performance, try performing an overall check so you can be sure. As for Emails, opening an Email doesn't let a hacker access your pc/phone. Opening links that contain malware could though, so be careful when opening such links. iOS is the safer one compared to Android, yes, but safer doesn't really mean exempt from danger, so still, exercise caution.

As for Keyloggers in windows, AFAIK, they can force you to download something BUT it still requires you to actually allow them to install it, and that's the keylogger itself. Opening links is fine and even if something was to be downloaded due to someone trying to install a keylogger, it only stops at a file, an installer, not a program for your windows. As long as you don't install it, then you're fine. Still, there are instances of setups possibly having a keylogger background app or something similar, so try to avoid installing apps as much as possible from untrustworthy sources.

[mk4]

1. Using an iPhone won't make you invincible to malware. It's just that your device is far less likely to get infected due to the iOS App Store being FAR more strict compared to the Google Play Store.

2. Simply check the links you're clicking, if they're actually the legitimate website and not some phishing link. If the link is a redirect URL(like bit.ly), you can use tools such as this to check the redirect URL[1]. Also, you can try using links like VirusTotal[2], though don't totally rely on it as it's not 100% foolproof.

[1] https://httpstatus.io/
[2] https://www.virustotal.com/

[btc_angela]

1.  If you use an iphone and not android, you can still get hacked/malware/keylogger on it?  Imagine you download an app on the app store which is not legit.  So your phone can get hacked and keylogger etc?  I heard this can happen with android with the google play but what about IOS with iphone?  So that means if you check your email, that hacker has access to your entire device?  I always heard you can't or its so hard to get malware on iphones as oppose to androids.  Is this true or false?  Obviously dont click on links like that but if you do, is any wallet you have on your iphone in jeopardy?  What about using it in general because when you log in accounts on your phone, are you screwed because of keylogger?  I heard pc... well you are screwed.

Yes, but android is more prone to malware and been targeted because for one, there are more android powered mobile phones, second android is open source, small tweaks can really make them vulnerabilities and hackers are always taking advantage of that loopholes.

2.  Now when you click on links on your pc that uses windows... obviously same thing.  But say you want to sign up for a site... say its a gambling site whether its poker or sports or anything like that.  I know there are ppl that want to sign you up and you can then get something extra because you used an agent/affliate and you have to click on their link to get tracked to them.  Now how safe is that?  If that affliate is legit... well you dont have to worry if they have lot of players.  But couldnt they easily put keylogger/malware on it and you are screwed?  Is there a way to check if a link you will click on from someone is safe from keylogger/malware/virus before you click on it?

Yes, there is a way to check the link if it is legit or not. You can have to search Google and most of the time those legit have some sort of social presence, go to their official social media platforms.

[rhomelmabini]

1. No matter what OS you have hackers has been adaptive as always to environment the want to deceive. Moreover, app submission on AppStore has far more strict compliance and we can judge that IOS apps are more safe compared to Android apps.

2. Just avoid scammy looking websites and as always we can't say that we may not come across on them but before I jumped into a site I always check reviews and the legitimacy of it. Always on your antivirus or even for Windows Defender as long as it's updated.

[Lorence.xD]

1. No matter what OS you have hackers has been adaptive as always to environment the want to deceive. Moreover, app submission on AppStore has far more strict compliance and we can judge that IOS apps are more safe compared to Android apps.

2. Just avoid scammy looking websites and as always we can't say that we may not come across on them but before I jumped into a site I always check reviews and the legitimacy of it. Always on your antivirus or even for Windows Defender as long as it's updated.

1. How come TikTok is available in Appstore when it was clearly proven by many that it is a data collecting app, it is not a keylogger per se but the fact that it collects sensitive information on your phone is very alarming because we all know that phones are our private devices so it is a jackpot for sensitive information. I agree with the fact that Appstore is very strict regarding their application submission but there are some that will slip the cracks no matter what.

2. Scammy websites have gone a new heights right now, they are now multi-shelled company, one good example of these scammy websites are tech support scammers where they pretend to be a company wherein that said company is a shell of another shell company, the layers of deceit is never ending, this can cause people to fall for these traps, even if you know what you are doing but you do not have a good rabbit-hole exploration experience, you might still fall. This is some of the many cautionary tale I wish to impart for many because scams are parallel to technology, they are also innovating and they get complicated each time.

[nakamura12]

Google Play Store is not very strict on accepting apps and even the fake ones are in the google playstore. That is why the wallet of those victims are compromised because of the fake apps. According to mk4 reply, it is true that using iphone doesn't make you safe from viruses or suspicious link.

[UmerIdrees]

1. Viruses on iPhones are extremely uncommon. If it's not jailbroken the selection of apps you have access to is even more limited and vetted. Even more so, if you uninstall the offending app, it should be safe. Phones work more like a sandbox with their apps. The worst issue I could see here realistically would be to download a malicious wallet that simply steals funds. But not a full device compromise as it could happen on windows.

I have been using iphone for some time and never had any issue regarding virus etc but i do not keep my funds on iphone. Keeping the bitcoins on the phone can be unsafe because the phone can be stolen or lost too. Although iphone security is good one but still i prefer to keep my wallets in the PC. I don't have any hardware wallet yet.

[20kevin20]

1. How come TikTok is available in Appstore when it was clearly proven by many that it is a data collecting app, it is not a keylogger per se but the fact that it collects sensitive information on your phone is very alarming because we all know that phones are our private devices so it is a jackpot for sensitive information. I agree with the fact that Appstore is very strict regarding their application submission but there are some that will slip the cracks no matter what.

Are you browsing using Chrome? Do you have social media apps? Are you storing stuff on cloud storage? Do you use WhatsApp for chatting with your friends?

If so, then it makes no sense to question TikTok when you have all these apps (Facebook, Instagram, Chrome, WhatsApp, YouTube, Amazon etc) that collect your data anyway. Probably over 90% of the apps currently existing on the AppStore (or Play Store) are closed source and collect critical information about you. Have you ever asked yourself why and how are these apps able to be maintained and work so flawlessly without costing you any bucks?

If these are your issues, then purchase a LineageOS compatible Android phone and de-Google it. Download F-Droid and go for FOSS apps only.

[Assface16678]

1. You are now safe even you are in the IOs or with the use of the iPhone those are the same because the malware or keylogger can be activated once you make a specific click or just trigger the event on it.

Example:

• New tab trigger
• Click link
• Double clicks and etc.

2. Even you are in the window OS you are not safe and today there are a lot of people getting scared to click links and this is true but one of the best things is to avoid getting click of links too much if you are not sure about this.

It's better to have good app security on your devices because this may trigger a lot of things and immediately block and prompt an error and it depends on you if you click those links and allow those programs to your personal device.

[khaled0111]

Unlike Google Play Store, Apple App Store has strict rules and guidelines and intensively check each submitted app. This makes it hard for hackers to upload malicious applications to target iOS users.
Even if you download a malware on your iphone, the sandbox acts in a way which prevents compromising the whole device and its data. Only the data related directly to the malicious app will be affected (ex: downloading a fake wallet may result in stealing your coins but all other files will be safe).

When clicking on an affiliate link, make sure you are being redirected to the right website. Your safety depends on the reputation of the website itself so choose wisely and DYOR before registering.

[Asuspawer09]

I heard many cases where people download wrong wallet or click links and then your wallets get hacked whether its a wallet on their computer or on their phone.  Even when i watch youtube videos, you see some ppl on comments section post links where if you click on it... you can get malware/virus.  I seen some ppl say their phone got virus because of clicking on that.



Now i have a few questions on this.



1.  If you use an iphone and not android, you can still get hacked/malware/keylogger on it?  Imagine you download an app on the app store which is not legit.  So your phone can get hacked and keylogger etc?  I heard this can happen with android with the google play but what about IOS with iphone?  So that means if you check your email, that hacker has access to your entire device?  I always heard you can't or its so hard to get malware on iphones as oppose to androids.  Is this true or false?  Obviously dont click on links like that but if you do, is any wallet you have on your iphone in jeopardy?  What about using it in general because when you log in accounts on your phone, are you screwed because of keylogger?  I heard pc... well you are screwed.



2.  Now when you click on links on your pc that uses windows... obviously same thing.  But say you want to sign up for a site... say its a gambling site whether its poker or sports or anything like that.  I know there are ppl that want to sign you up and you can then get something extra because you used an agent/affliate and you have to click on their link to get tracked to them.  Now how safe is that?  If that affliate is legit... well you dont have to worry if they have lot of players.  But couldnt they easily put keylogger/malware on it and you are screwed?  Is there a way to check if a link you will click on from someone is safe from keylogger/malware/virus before you click on it?

'

I guess iPhone could still be a hack but compared to android it is less vulnerable since it is not open source most of the applications in the iPhone are already filtered and probably you cant install applications from its storage that came from the internet.

I guess it is easy to get some malware or virus in a PC window since there are so many malicious links that you are exposed to, also when a virus application is already install in your computer it could pretty much run in the background of the computer like keylogger.

[taufik123]

a device with various operating systems such as iOS, android and windows is definitely likely to be infected with malware. Say iOS has better security compared to Android. iOS still has the potential to be attacked by malware depending on how alert the user is. at App Store it is very strict to verify secure applications. But some users sometimes download applications not on the official App Store, but instead download on blackmarket with a variety of applications that do not know safe or not for users' iOS devices. Keyloggers, malware, ransomware will be a threat.

For Android it more vulnerable than iOS. Because in Google Playstore itself there are several applications that contain malware that can pass the verification of Google Playstore protect. I found several fake wallet applications that contain phishing links that will steal the private key of the phishing wallet application user.

 For Desktop or PC devices with Windows operating systems, install with recommended antivirus. I use Kaspersky Internet Security as my second antivirus after Windows Defender which is the main Antivirus on Windows 10.

 Now for links that are recommended or referral links obtained from other people. You need to check it yourself. Make sure it's not a phishing website. Using virustotal will help investigate what is on the website, but it will not be entirely correct. need deeper research.

[Findingnemo]

Both IOS and Android are capable of getting infected with malware if you download from untrusted sources, and its more common in android because even I had the experience of an unknown application installed in my app which runs on the background but you can't really find that app installed on your menu because it doesn't have any logo on it so it will be an invincible app so you need to check the app manager of your smartphone regularly to make sure is there any app with no name and logo is installed there which normally happens when you click a malware link on somewhere while surfing.

[hd49728]

Unlike Google Play Store, Apple App Store has strict rules and guidelines and intensively check each submitted app. This makes it hard for hackers to upload malicious applications to target iOS users.

Strict or not, I don't care. It is their responsibility to manage their stores but as a user I don't want to put my destiny on their hands and their responsibility.

It is my fund and I have to be responsible for what I do and should control my destination as best as possible.

Don't trust, verify wallets and apps before using them. In crypto space where private keys, passwords are important and data leaks or hacks are terrible, something like nightmare. Verify before begin to use anything.

[BrewMaster]

Unlike Google Play Store, Apple App Store has strict rules and guidelines and intensively check each submitted app. This makes it hard for hackers to upload malicious applications to target iOS users.

Strict or not, I don't care. It is their responsibility to manage their stores but as a user I don't want to put my destiny on their hands and their responsibility.

another problem is that the wallets found on these places such as Google play don't have to contain any malware or keyloggers in traditional meaning of the word to be malicious.
for example the wallet can simply be sending your seeds to the scammers server so that in best case scenario they can only track you and worst case to steal your money. and this can never be detected by these sites because they don't exhibit any suspicious acitivity.