It seems I got hacked. How to protect?

[Cryptomint9]

I propose in this topic to collect well-known methods of stealing personal data, followed by the theft of a crypt.  I'll start by myself and will supplement the post with your "examples".
 One common example:
 Phishing
 A phishing site aims to obtain a password and username for an account.  A site with the same design is being created, but the name of the site (name) may differ by 1 letter, and it will not be noticeable at a glance - you entered the login password and you can expect trouble.

 Do not google the address of the exchange, remember the address

 If you can't remember, add to bookmarks

 Do not use the same and simple passwords: add characters, and also use different registers.

 Use 2FA

 In the exchange settings, set the confirmation for the withdrawal of funds

 If you are logged out, check the site address carefully

 Mailing list - a letter may also come with a request to confirm the data with a request to send a username and password
 Social media - can distribute links to phishing sites, forms, and the like.
 Viruses
 I got caught in the open that I use the ctrl + c keys to copy the wallet, and when you insert ctrl + v, your address is replaced with the address of the scammers.
 There are tips that for trading it is better to use a separate computer, laptop ... which are not used for spending time on the Internet in order to reduce the risk of catching a virus.

 I think there are many more ways, throw tips.
 PS.  I just noticed a slightly similar topic in the section - Exchanges, I really did not see it.  But it seems that there is only about the acc on the exchange.  If something goes wrong, you can remove it.

[jackg]

I'd change virus to the more broader term "malware" which can also include downloading a wallet from an unofficial source.

I think there have been versions of fake electrum websites that have electrum+[a crypto related word] as their domain.

Rather than having a cold wallet/system setup you could use a hardware wallet instead for a resembled level of security.

2FA is more secure when done using a "secret key" such as Google authenticator. On top of that there may be possibilities of using 3fa (something you have - password, something you can generate - a 2fa key, something you are - normally biometrics but you might be able to limit an exchange to only accept withdrawals to one address unless you do kyc or something).

You might want to clarify on "registers" do you mean use special characters and uppercase and lowercase on passwords?

[bob123]

PS.  I just noticed a slightly similar topic in the section - Exchanges, I really did not see it.  But it seems that there is only about the acc on the exchange.

There are already quite a few threads with good suggestions on how to secure against several attack vectors.
In contrast to yours, they include more than "just" checking the URL, 2FA and using an own device for just crypto operations.

I mean, your suggestions are not bad and definitely not wrong. But they aren't complete in such a way that it would be helpful for other people.

[Upgrade00]

Your topic title gave the impression that you'll be suggesting tips that would help when one suspects they've already been hacked or some of their details have been compromised. On that topic;

If your device has been compromised by a malware any information you enter could potentially be stolen, so disable your internet connection, ensure you have backups for sensitive files on your device and then wipe it clean (especially if you're unsure the extent of the breach).
There's very little you can do it someone already accessed your private keys as they can easily move out funds in it, you can attempt to be faster and send all your funds out to a new wallet if you suspect the previous one is compromised. In the off chance that this works, you should also consider mixing or coinjoining your coins after they have been moved to a safe location to maintain your anonymity.

In the case of a secondary breach, like a hacked email, you should check all accounts linked to that address and switch them to a new one. It's bad practice to reuse passwords or use similar collection of characters, so you should not fear that your other accounts would be brute forced using the leaked details.

[Welsh]

If your device has been compromised by a malware any information you enter could potentially be stolen, so disable your internet connection, ensure you have backups for sensitive files on your device and then wipe it clean (especially if you're unsure the extent of the breach).
There's very little you can do it someone already accessed your private keys as they can easily move out funds in it, you can attempt to be faster and send all your funds out to a new wallet if you suspect the previous one is compromised. In the off chance that this works, you should also consider mixing or coinjoining your coins after they have been moved to a safe location to maintain your anonymity.

If you truly are compromised, then you have to assume that its a pretty sophisticated piece of software that you have been compromised, although the reality is that most malicious software is minor, and recycled among "script kiddies". However, the only real safe way of uncompromising yourself would be to nuke everything you have, and don't use it again. Obviously, most of us aren't going to go to that extreme, but nuking the hard drive, or simply replacing it might be the better option. Sometimes its worth booting into qubes os, and plugging in the hard drive, and trying to recover some of the files using a compartmentalized system to prevent it leaking elsewhere. This is usually extreme too, but when it involves private keys, or any sensitive data then its worth taking the precautions.

Most malicious software doesn't touch anything other than the operating system, so most of the time replacing the hard drive, so there's nothing left on it is the best option. Of course, you could write 0's to it, and probably be fairly confident its fine, but its up to the individual if they want to take that risk.

However, disconnecting the internet after finding out your already compromised means its probably already too late, and has spread via the network if it has that capability (which most don't). That's why I'm always an advocate to using compartmentalization software to protect from spreading anything to other areas.

[khaled0111]

The tppic title is a bit misleading! When I read it, I thought you really got hacked and looking for help or want to share your experience with us.

I got caught in the open that I use the ctrl + c keys to copy the wallet, and when you insert ctrl + v, your address is replaced with the address of the scammers.

This must be the clipboard hijacker malware. To prevent this particular kind of attacks, always double/triple check the first and last characters of the address you're copying.

To add to the tips you shared on how to secure you exchange account, you should whitelist few withdrawal addresses. This way, even if your acount gets hacked, the hacker won't be able to withdraw to his own address.

[libert19]

Regarding password suggestion, just use password manager they make your life much secure and easier.

[Jawhead999]

Regarding password suggestion, just use password manager they make your life much secure and easier.

Right, but don't use online and closed source password manager or chrome (chrome has several problem with privacy and personal information) both Keepass [1] or Bitwarden [2]

[1] https://keepass.info/
[2] https://bitwarden.com/

[libert19]

Regarding password suggestion, just use password manager they make your life much secure and easier.

Right, but don't use online and closed source password manager or chrome (chrome has several problem with privacy and personal information) both Keepass [1] or Bitwarden [2]

[1] https://keepass.info/
[2] https://bitwarden.com/

I don't use extensions yes but I do use lastpass which is online and closed source [Reasons?: On reddit]

[ranochigo]

Right, but don't use online and closed source password manager or chrome (chrome has several problem with privacy and personal information) both Keepass [1] or Bitwarden [2]

[1] https://keepass.info/
[2] https://bitwarden.com/

Password managers has financial incentives to protect you and it's literally their business model. I agree open source stuff is good but it can only be beneficial if you choose to run your own server with your desktop client AND the code is also validated thoroughly. Otherwise, it'll be the same as Lastpass as it'll still send the encrypted information to the server and you have no idea what the server is doing.

Setting up your own server and maintaining it with sufficient security is a difficult task for most. Sure, use an open source password manager but remember to build and validate it by downloading from github.

[nakamura12]

It seems that you are a victim of a clipboard hijacking where you copy something and paste different what you have copied. Bookmark can also be manipulated, instead of opening the real site it will only open the fake site that looks just like the real one. You should use a password manager and if you really want to be safe just change your password many times.

[Oshosondy]

Regarding password suggestion, just use password manager they make your life much secure and easier.

I will suggest password manager too for easy access of passwords, but there are some password manager than can sychronize your passwords online, I will not suggest such. But most password manager that I know are offline, they are the best in managing password securely. But it will be good to also backup the password offline, write them carefully on paper will be good for more means of easy password recovery.

[Brindez_kromo]

Very interesting your advice and very useful for others,,
I think the development of data thieves has been very sophisticated even they do various ways to hack,,
2FA is very useful as well as private security but when it comes to security, does anyone guarantee 100% security to be safe from hackers?