Bitcoin Forum
January 27, 2022, 08:54:15 PM *
News: Latest Bitcoin Core release: 22.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 [2] 3 4 »  All
  Print  
Author Topic: Recovering deleted wallet/files from HDD  (Read 661 times)
HCP
Legendary
*
Offline Offline

Activity: 1904
Merit: 4137

<insert witty quote here>


View Profile
October 29, 2021, 10:38:00 PM
Last edit: October 29, 2021, 10:54:53 PM by HCP
Merited by fillippone (3)
 #21

Anyway, I'm going to move all my funds into new wallets, just in case, it doesn't cost me much in either time or money
*ETH Gas fees have entered the chat* Roll Eyes Roll Eyes


Based on the fact that you mentioned Metamask... you might get hammered with some serious fees depending on how many different tokens you need to move around Undecided

Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
fillippone
Legendary
*
Online Online

Activity: 1330
Merit: 7908


Merit Rascal- Filthy, mustachioed, lustful Italian


View Profile
October 29, 2021, 11:23:43 PM
 #22


Just got my laptop back, which has an integrated keylogger as well

Well, this is an interesting plot twist: has your laptop an integrated key logger? How comes that?

Also: move your coins now. You are already late.


LoyceV
Legendary
*
Online Online

Activity: 2478
Merit: 10063


Thick-Skinned Gang Leader


View Profile WWW
October 30, 2021, 07:03:12 AM
Merited by fillippone (3), ETFbitcoin (2)
 #23

I see that he hasn't snooped into Chrome at least, can never be too sure about the rest of the hard drive.
If I would want to read someone's files without them knowing about it, I would create an image of the entire drive. This can easily be done by booting a Linux LIVE OS, or by temporarily plugging the drive into another computer. You wouldn't see any of this on your file system.

Ultegra134
Sr. Member
****
Offline Offline

Activity: 728
Merit: 399



View Profile
October 30, 2021, 09:18:22 AM
 #24

Anyway, I'm going to move all my funds into new wallets, just in case, it doesn't cost me much in either time or money
*ETH Gas fees have entered the chat* Roll Eyes Roll Eyes


Based on the fact that you mentioned Metamask... you might get hammered with some serious fees depending on how many different tokens you need to move around Undecided
It's a few hundred of BUSD and a pair of stablecoins staking on Beefy.Finance, which I was planning to withdraw and deposit to another contract anyway. Despite how much it might end up costing, at least, I'll be on the safe side and not have to worry about it anymore.
I see that he hasn't snooped into Chrome at least, can never be too sure about the rest of the hard drive.
If I would want to read someone's files without them knowing about it, I would create an image of the entire drive. This can easily be done by booting a Linux LIVE OS, or by temporarily plugging the drive into another computer. You wouldn't see any of this on your file system.
Definitely, it's not a hard thing to do, if he wanted to compromise my files, then it's up to him, since I stupidly gave a stranger full permission on my computer, what was I thinking.

Just got my laptop back, which has an integrated keylogger as well

Well, this is an interesting plot twist: has your laptop an integrated key logger? How comes that?

Also: move your coins now. You are already late.


Just some kind of extension on Chrome, records every tap of the keyboard, nothing special. It just looks like Chrome has been left untouched. The whole HDD might be left untouched but it's definitely better to stand on the safe side.

        ▄▀▀▀▀▀▀   ▄▄
    ▄  ▄▄▀▀▀▀▀▀▀▀▀▄▄▀▀▄
  ▄▀▄▀▀             ▀▀▄▀
 ▄▀▄▀         ▄       ▀▄
  ▄▀         ███       ▀▄▀▄
▄ █   ▀████▄▄███▄       █ █
█ █     ▀▀▀███████▄▄▄▄  █ █
█ █       ██████████▀   █ ▀
▀▄▀▄       ▀▀█████▀    ▄▀
   ▀▄        ▐██▄     ▄▀▄▀
  ▀▄▀▄▄       ███▄  ▄▄▀▄▀
    ▀▄▄▀▀▄▄▄▄▄████▀▀ ▄▀
       ▀   ▄▄▄▄▄▄▄
.
█ █▀█ █▀█ █▀█  ▄  ▄▀▀ █   ▄▀█ ▀█▀ ▄▀▀ ▄███▄
█ █▀█ █ █ █ █ ▀█▀ ▀▀█ █   █ █  █  ▀▀█ ▀███▀
█ █▄█ █▄█ █▄█     ▄▄▀ ▀▄▄ █▄▀  █  ▄▄▀   
                                        █
████████████████████████████████████ 
███▀▀▀▀▀▀██████▀▀▀▀▀▀██████▀▀▀▀▀▀███ 
█▀▄██▀███▄▀██▀▄██▀███▄▀██▀▄██▀███▄▀████▄
█ █ ▀ ▀███ ██ █ ▀ ▀███ ██ █ ▀ ▀███ █████
█ ██    ▄█ ██ ██    ▄█ ██ ██    ▄█ █████
█▄▀██  ▀█▀▄██▄▀██  ▀█▀▄██▄▀██  ▀█▀▄████▀
███▄▄▄▄▄▄██████▄▄▄▄▄▄██████▄▄▄▄▄▄███
████████████████████████████████████
.
.
CRYPTO'S FASTEST
GROWING CASINO
       ▄▄▐█▌▄▄
      ▄███████▄
      ▀███████▀
       ▀▀▐█▌▀▀

                    ▄  ▄
   ▄            ▄█ ▀▀██▀▀ █▄
▀▄███▄▀        ▀▀██▄ ██ ▄██▀▀
▀█████▀      ▀▄▄▄ ▀██████▀ ▄▄▄▀
▀ ▀█▀ ▀       ███▀▀██▄▄██▀▀███
             ▀   ▄██▀██▀██▄   ▀
               ▀██▀  ██  ▀██▀
                 ▀ ▀█▀▀█▀  ▀
                   ██
    ██        ▄███▄▄     ██
              ████
███▄

        ▀▄ ▄  █▀▀▀███▀
       ▄▄▄
▀▀▄ █   █   ███▄
██   ▄█████
  ▀█ ▄▀▀▀ █▀██
     ▀
██▀
▀▄   ██  ▄▀ █▄▀     ██
       ▀▀▀▀▀▀██▄█▀▀▀ ▄
      ▄ ▄▀    ██▌  ▐▄▀
       ▀▀▄▄█▄▄▄█▌ ▄█▄▀  ██
     ███     ▀████▀▀▀▀▀
              ▐██▌
       ████
  ▄████▄
.
PLAY NOW
ETFbitcoin
Legendary
*
Offline Offline

Activity: 2128
Merit: 3658


NotYourKeys.org - Not Your Keys, Not Your Bitcoin


View Profile
October 30, 2021, 09:42:12 AM
 #25

Well, this is an interesting plot twist: has your laptop an integrated key logger? How comes that?

Also: move your coins now. You are already late.
Just some kind of extension on Chrome, records every tap of the keyboard, nothing special. It just looks like Chrome has been left untouched. The whole HDD might be left untouched but it's definitely better to stand on the safe side.

Excuse me for being a bit paranoid, but are you sure the extension doesn't steal your personal data or everything you type on Chrome? At very least, check what kind of permission the extension ask.

LoyceV
Legendary
*
Online Online

Activity: 2478
Merit: 10063


Thick-Skinned Gang Leader


View Profile WWW
October 30, 2021, 09:47:24 AM
Merited by fillippone (3)
 #26

Just some kind of extension on Chrome, records every tap of the keyboard, nothing special.
This sounds like a security risk, is there a reason you've installed some sort of spyware in your browser?

Ultegra134
Sr. Member
****
Offline Offline

Activity: 728
Merit: 399



View Profile
October 30, 2021, 10:47:47 AM
Merited by fillippone (3)
 #27

Well, this is an interesting plot twist: has your laptop an integrated key logger? How comes that?

Also: move your coins now. You are already late.
Just some kind of extension on Chrome, records every tap of the keyboard, nothing special. It just looks like Chrome has been left untouched. The whole HDD might be left untouched but it's definitely better to stand on the safe side.

Excuse me for being a bit paranoid, but are you sure the extension doesn't steal your personal data or everything you type on Chrome? At very least, check what kind of permission the extension ask.
I've checked the permissions before, it only logs locally user inputs, they are not sent anywhere, it doesn't have access to anything else.

Just some kind of extension on Chrome, records every tap of the keyboard, nothing special.
This sounds like a security risk, is there a reason you've installed some sort of spyware in your browser?
Thinking back to it, I shouldn't have installed such a thing, its sole purpose was to catch someone snooping through my laptop, (I mean in the same household) and have solid proof they did it, since history could be deleted and be done with it.

From what it claims, it doesn't send any data, and it's stored locally, however, I don't see a reason to keep it anymore, nevertheless, it does look like a safety concern.

        ▄▀▀▀▀▀▀   ▄▄
    ▄  ▄▄▀▀▀▀▀▀▀▀▀▄▄▀▀▄
  ▄▀▄▀▀             ▀▀▄▀
 ▄▀▄▀         ▄       ▀▄
  ▄▀         ███       ▀▄▀▄
▄ █   ▀████▄▄███▄       █ █
█ █     ▀▀▀███████▄▄▄▄  █ █
█ █       ██████████▀   █ ▀
▀▄▀▄       ▀▀█████▀    ▄▀
   ▀▄        ▐██▄     ▄▀▄▀
  ▀▄▀▄▄       ███▄  ▄▄▀▄▀
    ▀▄▄▀▀▄▄▄▄▄████▀▀ ▄▀
       ▀   ▄▄▄▄▄▄▄
.
█ █▀█ █▀█ █▀█  ▄  ▄▀▀ █   ▄▀█ ▀█▀ ▄▀▀ ▄███▄
█ █▀█ █ █ █ █ ▀█▀ ▀▀█ █   █ █  █  ▀▀█ ▀███▀
█ █▄█ █▄█ █▄█     ▄▄▀ ▀▄▄ █▄▀  █  ▄▄▀   
                                        █
████████████████████████████████████ 
███▀▀▀▀▀▀██████▀▀▀▀▀▀██████▀▀▀▀▀▀███ 
█▀▄██▀███▄▀██▀▄██▀███▄▀██▀▄██▀███▄▀████▄
█ █ ▀ ▀███ ██ █ ▀ ▀███ ██ █ ▀ ▀███ █████
█ ██    ▄█ ██ ██    ▄█ ██ ██    ▄█ █████
█▄▀██  ▀█▀▄██▄▀██  ▀█▀▄██▄▀██  ▀█▀▄████▀
███▄▄▄▄▄▄██████▄▄▄▄▄▄██████▄▄▄▄▄▄███
████████████████████████████████████
.
.
CRYPTO'S FASTEST
GROWING CASINO
       ▄▄▐█▌▄▄
      ▄███████▄
      ▀███████▀
       ▀▀▐█▌▀▀

                    ▄  ▄
   ▄            ▄█ ▀▀██▀▀ █▄
▀▄███▄▀        ▀▀██▄ ██ ▄██▀▀
▀█████▀      ▀▄▄▄ ▀██████▀ ▄▄▄▀
▀ ▀█▀ ▀       ███▀▀██▄▄██▀▀███
             ▀   ▄██▀██▀██▄   ▀
               ▀██▀  ██  ▀██▀
                 ▀ ▀█▀▀█▀  ▀
                   ██
    ██        ▄███▄▄     ██
              ████
███▄

        ▀▄ ▄  █▀▀▀███▀
       ▄▄▄
▀▀▄ █   █   ███▄
██   ▄█████
  ▀█ ▄▀▀▀ █▀██
     ▀
██▀
▀▄   ██  ▄▀ █▄▀     ██
       ▀▀▀▀▀▀██▄█▀▀▀ ▄
      ▄ ▄▀    ██▌  ▐▄▀
       ▀▀▄▄█▄▄▄█▌ ▄█▄▀  ██
     ███     ▀████▀▀▀▀▀
              ▐██▌
       ████
  ▄████▄
.
PLAY NOW
LoyceV
Legendary
*
Online Online

Activity: 2478
Merit: 10063


Thick-Skinned Gang Leader


View Profile WWW
October 30, 2021, 10:59:31 AM
 #28

its sole purpose was to catch someone snooping through my laptop, (I mean in the same household)
That's why I always lock my screen (set a shortcut if you don't have it yet) when I walk away. No matter how short, I don't get up before locking it.

figliar0
Member
**
Offline Offline

Activity: 112
Merit: 19


View Profile
October 30, 2021, 11:14:22 AM
Merited by fillippone (3)
 #29

its sole purpose was to catch someone snooping through my laptop, (I mean in the same household)
That's why I always lock my screen (set a shortcut if you don't have it yet) when I walk away. No matter how short, I don't get up before locking it.

I do the same - habit from past job where I had a little bit strange collegue. Just for the record: this is not very secure solution, some lock screen in linux environment can by bypassed, don't know about other OSes. It is good to prevent children from play with your workstation, but if someone has enough time, it won't help.

Stalker22
Hero Member
*****
Offline Offline

Activity: 672
Merit: 584



View Profile
October 30, 2021, 07:35:59 PM
 #30

Anyway, I'm going to move all my funds into new wallets, just in case, it doesn't cost me much in either time or money

I would strongly recommend it. Although you got your laptop back, your wallet can still be compromised. You cannot be absolutely sure that someone did not copy your wallet (or your entire hard drive) or exported your private keys. I wouldn't use that wallet for serious money again if I were you.

███████████████████████████
█████████▀▄▄▄▄▄██▀▀████████
█████▀▄█▀▀▄▄▄▄▄▄▄▀▀▄▄▀█████
████ █▀▄███████████▄▀██████
███▄█ ███████▀ ██████ █ ███
██▀█ ███  ▀▀█  ▀██████ █ ██
██ █ ████▄▄      ▀▀▀██ █ ██
██ █ █████▌        ▄██ ████
███▄█ █████▄▄   ▄▄███ █▀███
████▀█▄▀█████▌  ▀██▀▄█ ████
█████▄▀▀▄▄▀▀▀▀   ▄▄█▀▄█████
████████▄██▀▀▀▀▀▀██████████
███████████████████████████
.
█ █▀█ █▀█ █▀█  ▄  ▄▀▀ █   ▄▀█ ▀█▀ ▄▀▀ ▄███▄
█ █▀█ █ █ █ █ ▀█▀ ▀▀█ █   █ █  █  ▀▀█ ▀███▀
█ █▄█ █▄█ █▄█     ▄▄▀ ▀▄▄ █▄▀  █  ▄▄▀   
                                        █
████████████████████████████████████ 
███▀▀▀▀▀▀██████▀▀▀▀▀▀██████▀▀▀▀▀▀███ 
█▀▄██▀███▄▀██▀▄██▀███▄▀██▀▄██▀███▄▀████▄
█ █ ▀ ▀███ ██ █ ▀ ▀███ ██ █ ▀ ▀███ █████
█ ██    ▄█ ██ ██    ▄█ ██ ██    ▄█ █████
█▄▀██  ▀█▀▄██▄▀██  ▀█▀▄██▄▀██  ▀█▀▄████▀
███▄▄▄▄▄▄██████▄▄▄▄▄▄██████▄▄▄▄▄▄███
████████████████████████████████████
.
.
CRYPTO'S FASTEST
GROWING CASINO
       ▄▄▐█▌▄▄
      ▄███████▄
      ▀███████▀
       ▀▀▐█▌▀▀

                    ▄  ▄
   ▄            ▄█ ▀▀██▀▀ █▄
▀▄███▄▀        ▀▀██▄ ██ ▄██▀▀
▀█████▀      ▀▄▄▄ ▀██████▀ ▄▄▄▀
▀ ▀█▀ ▀       ███▀▀██▄▄██▀▀███
             ▀   ▄██▀██▀██▄   ▀
               ▀██▀  ██  ▀██▀
                 ▀ ▀█▀▀█▀  ▀
                   ██
    ██        ▄███▄▄     ██
              ████
███▄

        ▀▄ ▄  █▀▀▀███▀
       ▄▄▄
▀▀▄ █   █   ███▄
██   ▄█████
  ▀█ ▄▀▀▀ █▀██
     ▀
██▀
▀▄   ██  ▄▀ █▄▀     ██
       ▀▀▀▀▀▀██▄█▀▀▀ ▄
      ▄ ▄▀    ██▌  ▐▄▀
       ▀▀▄▄█▄▄▄█▌ ▄█▄▀  ██
     ███     ▀████▀▀▀▀▀
              ▐██▌
       ████
  ▄████▄
.
..PLAY NOW..
Lotus
Jr. Member
*
Offline Offline

Activity: 109
Merit: 7


View Profile WWW
October 31, 2021, 10:34:09 PM
 #31

Yes, someone might have cloned your content and is still working on recovering & scanning the relevant files. Safest option is not to use file-based wallets anyway if you can afford it.

Forgotten Crypt - Zero-Trust trading. Take the guesswork out of trading.
http://www.ForgottenCrypt.com
HCP
Legendary
*
Offline Offline

Activity: 1904
Merit: 4137

<insert witty quote here>


View Profile
October 31, 2021, 10:39:20 PM
 #32

Safest option is not to use file-based wallets anyway if you can afford it.
What would you recommend if not "file-based wallets"? Are you talking about hardware wallets? Huh

Lotus
Jr. Member
*
Offline Offline

Activity: 109
Merit: 7


View Profile WWW
October 31, 2021, 10:48:02 PM
 #33

Of course. In a sense, a hardware wallet still stores the content locally in its own stores, but you get the point.

Forgotten Crypt - Zero-Trust trading. Take the guesswork out of trading.
http://www.ForgottenCrypt.com
QuickAccount
Member
**
Offline Offline

Activity: 167
Merit: 43

In a world of coins, don't go straight to fiat


View Profile WWW
November 03, 2021, 06:22:10 PM
 #34

~snip

From what it claims, it doesn't send any data, and it's stored locally, however, I don't see a reason to keep it anymore, nevertheless, it does look like a safety concern.


What is the name of the extension? I would like to dump the source code of of it to see if it sends data anywhere.

Not your keys, not your coins.
Ultegra134
Sr. Member
****
Offline Offline

Activity: 728
Merit: 399



View Profile
November 03, 2021, 07:25:22 PM
 #35

~snip

From what it claims, it doesn't send any data, and it's stored locally, however, I don't see a reason to keep it anymore, nevertheless, it does look like a safety concern.


What is the name of the extension? I would like to dump the source code of of it to see if it sends data anywhere.
The name of the extension is Fea Keylogger, it mentions that it stores all data locally, or at least I hope it does. It'd be interesting to check if it's actually true or not, make sure to report back when you're done testing.

Link: https://chrome.google.com/webstore/detail/fea-keylogger/fgkghpghjcbfcflhoklkcincndlpobja?hl=en

        ▄▀▀▀▀▀▀   ▄▄
    ▄  ▄▄▀▀▀▀▀▀▀▀▀▄▄▀▀▄
  ▄▀▄▀▀             ▀▀▄▀
 ▄▀▄▀         ▄       ▀▄
  ▄▀         ███       ▀▄▀▄
▄ █   ▀████▄▄███▄       █ █
█ █     ▀▀▀███████▄▄▄▄  █ █
█ █       ██████████▀   █ ▀
▀▄▀▄       ▀▀█████▀    ▄▀
   ▀▄        ▐██▄     ▄▀▄▀
  ▀▄▀▄▄       ███▄  ▄▄▀▄▀
    ▀▄▄▀▀▄▄▄▄▄████▀▀ ▄▀
       ▀   ▄▄▄▄▄▄▄
.
█ █▀█ █▀█ █▀█  ▄  ▄▀▀ █   ▄▀█ ▀█▀ ▄▀▀ ▄███▄
█ █▀█ █ █ █ █ ▀█▀ ▀▀█ █   █ █  █  ▀▀█ ▀███▀
█ █▄█ █▄█ █▄█     ▄▄▀ ▀▄▄ █▄▀  █  ▄▄▀   
                                        █
████████████████████████████████████ 
███▀▀▀▀▀▀██████▀▀▀▀▀▀██████▀▀▀▀▀▀███ 
█▀▄██▀███▄▀██▀▄██▀███▄▀██▀▄██▀███▄▀████▄
█ █ ▀ ▀███ ██ █ ▀ ▀███ ██ █ ▀ ▀███ █████
█ ██    ▄█ ██ ██    ▄█ ██ ██    ▄█ █████
█▄▀██  ▀█▀▄██▄▀██  ▀█▀▄██▄▀██  ▀█▀▄████▀
███▄▄▄▄▄▄██████▄▄▄▄▄▄██████▄▄▄▄▄▄███
████████████████████████████████████
.
.
CRYPTO'S FASTEST
GROWING CASINO
       ▄▄▐█▌▄▄
      ▄███████▄
      ▀███████▀
       ▀▀▐█▌▀▀

                    ▄  ▄
   ▄            ▄█ ▀▀██▀▀ █▄
▀▄███▄▀        ▀▀██▄ ██ ▄██▀▀
▀█████▀      ▀▄▄▄ ▀██████▀ ▄▄▄▀
▀ ▀█▀ ▀       ███▀▀██▄▄██▀▀███
             ▀   ▄██▀██▀██▄   ▀
               ▀██▀  ██  ▀██▀
                 ▀ ▀█▀▀█▀  ▀
                   ██
    ██        ▄███▄▄     ██
              ████
███▄

        ▀▄ ▄  █▀▀▀███▀
       ▄▄▄
▀▀▄ █   █   ███▄
██   ▄█████
  ▀█ ▄▀▀▀ █▀██
     ▀
██▀
▀▄   ██  ▄▀ █▄▀     ██
       ▀▀▀▀▀▀██▄█▀▀▀ ▄
      ▄ ▄▀    ██▌  ▐▄▀
       ▀▀▄▄█▄▄▄█▌ ▄█▄▀  ██
     ███     ▀████▀▀▀▀▀
              ▐██▌
       ████
  ▄████▄
.
PLAY NOW
QuickAccount
Member
**
Offline Offline

Activity: 167
Merit: 43

In a world of coins, don't go straight to fiat


View Profile WWW
November 03, 2021, 08:09:32 PM
Merited by vapourminer (3), ETFbitcoin (1)
 #36

~snip

From what it claims, it doesn't send any data, and it's stored locally, however, I don't see a reason to keep it anymore, nevertheless, it does look like a safety concern.


What is the name of the extension? I would like to dump the source code of of it to see if it sends data anywhere.
The name of the extension is Fea Keylogger, it mentions that it stores all data locally, or at least I hope it does. It'd be interesting to check if it's actually true or not, make sure to report back when you're done testing.

Link: https://chrome.google.com/webstore/detail/fea-keylogger/fgkghpghjcbfcflhoklkcincndlpobja?hl=en

I installed the extension on a Virtual Machine, found a few issues right off the bat.

The extension communicates with the internet, something that "Only saves data locally" shouldn't connect to the internet. They're is also another issue with the extension, it logs specifically logins, not just web pages visited and such. After further analysis, the data that it saves isn't even hashed, meaning that all of your logins are compromised if someone gets the data from your local storage of the extension.

My advice would be to uninstall the extension, reinstall chrome, then change all of your passwords.

Not your keys, not your coins.
Ultegra134
Sr. Member
****
Offline Offline

Activity: 728
Merit: 399



View Profile
November 03, 2021, 08:17:21 PM
 #37

~snip

From what it claims, it doesn't send any data, and it's stored locally, however, I don't see a reason to keep it anymore, nevertheless, it does look like a safety concern.


What is the name of the extension? I would like to dump the source code of of it to see if it sends data anywhere.
The name of the extension is Fea Keylogger, it mentions that it stores all data locally, or at least I hope it does. It'd be interesting to check if it's actually true or not, make sure to report back when you're done testing.

Link: https://chrome.google.com/webstore/detail/fea-keylogger/fgkghpghjcbfcflhoklkcincndlpobja?hl=en

I installed the extension on a Virtual Machine, found a few issues right off the bat.

The extension communicates with the internet, something that "Only saves data locally" shouldn't connect to the internet. They're is also another issue with the extension, it logs specifically logins, not just web pages visited and such. After further analysis, the data that it saves isn't even hashed, meaning that all of your logins are compromised if someone gets the data from your local storage of the extension.

My advice would be to uninstall the extension, reinstall chrome, then change all of your passwords.
Interesting, I remember looking it up to find anything suspicious but couldn't, anyway, good detective work. It logs any kind of text input, it often saved my posts here. Anyway, I've now uninstalled it, since I do not need it anymore and due to the suspicion of it being a security hazard.

On the other hand, do you know any kind of similar software that is safe to use?

        ▄▀▀▀▀▀▀   ▄▄
    ▄  ▄▄▀▀▀▀▀▀▀▀▀▄▄▀▀▄
  ▄▀▄▀▀             ▀▀▄▀
 ▄▀▄▀         ▄       ▀▄
  ▄▀         ███       ▀▄▀▄
▄ █   ▀████▄▄███▄       █ █
█ █     ▀▀▀███████▄▄▄▄  █ █
█ █       ██████████▀   █ ▀
▀▄▀▄       ▀▀█████▀    ▄▀
   ▀▄        ▐██▄     ▄▀▄▀
  ▀▄▀▄▄       ███▄  ▄▄▀▄▀
    ▀▄▄▀▀▄▄▄▄▄████▀▀ ▄▀
       ▀   ▄▄▄▄▄▄▄
.
█ █▀█ █▀█ █▀█  ▄  ▄▀▀ █   ▄▀█ ▀█▀ ▄▀▀ ▄███▄
█ █▀█ █ █ █ █ ▀█▀ ▀▀█ █   █ █  █  ▀▀█ ▀███▀
█ █▄█ █▄█ █▄█     ▄▄▀ ▀▄▄ █▄▀  █  ▄▄▀   
                                        █
████████████████████████████████████ 
███▀▀▀▀▀▀██████▀▀▀▀▀▀██████▀▀▀▀▀▀███ 
█▀▄██▀███▄▀██▀▄██▀███▄▀██▀▄██▀███▄▀████▄
█ █ ▀ ▀███ ██ █ ▀ ▀███ ██ █ ▀ ▀███ █████
█ ██    ▄█ ██ ██    ▄█ ██ ██    ▄█ █████
█▄▀██  ▀█▀▄██▄▀██  ▀█▀▄██▄▀██  ▀█▀▄████▀
███▄▄▄▄▄▄██████▄▄▄▄▄▄██████▄▄▄▄▄▄███
████████████████████████████████████
.
.
CRYPTO'S FASTEST
GROWING CASINO
       ▄▄▐█▌▄▄
      ▄███████▄
      ▀███████▀
       ▀▀▐█▌▀▀

                    ▄  ▄
   ▄            ▄█ ▀▀██▀▀ █▄
▀▄███▄▀        ▀▀██▄ ██ ▄██▀▀
▀█████▀      ▀▄▄▄ ▀██████▀ ▄▄▄▀
▀ ▀█▀ ▀       ███▀▀██▄▄██▀▀███
             ▀   ▄██▀██▀██▄   ▀
               ▀██▀  ██  ▀██▀
                 ▀ ▀█▀▀█▀  ▀
                   ██
    ██        ▄███▄▄     ██
              ████
███▄

        ▀▄ ▄  █▀▀▀███▀
       ▄▄▄
▀▀▄ █   █   ███▄
██   ▄█████
  ▀█ ▄▀▀▀ █▀██
     ▀
██▀
▀▄   ██  ▄▀ █▄▀     ██
       ▀▀▀▀▀▀██▄█▀▀▀ ▄
      ▄ ▄▀    ██▌  ▐▄▀
       ▀▀▄▄█▄▄▄█▌ ▄█▄▀  ██
     ███     ▀████▀▀▀▀▀
              ▐██▌
       ████
  ▄████▄
.
PLAY NOW
QuickAccount
Member
**
Offline Offline

Activity: 167
Merit: 43

In a world of coins, don't go straight to fiat


View Profile WWW
November 03, 2021, 09:24:50 PM
Merited by Ultegra134 (2)
 #38

~snip

From what it claims, it doesn't send any data, and it's stored locally, however, I don't see a reason to keep it anymore, nevertheless, it does look like a safety concern.


What is the name of the extension? I would like to dump the source code of of it to see if it sends data anywhere.
The name of the extension is Fea Keylogger, it mentions that it stores all data locally, or at least I hope it does. It'd be interesting to check if it's actually true or not, make sure to report back when you're done testing.

Link: https://chrome.google.com/webstore/detail/fea-keylogger/fgkghpghjcbfcflhoklkcincndlpobja?hl=en

I installed the extension on a Virtual Machine, found a few issues right off the bat.

The extension communicates with the internet, something that "Only saves data locally" shouldn't connect to the internet. They're is also another issue with the extension, it logs specifically logins, not just web pages visited and such. After further analysis, the data that it saves isn't even hashed, meaning that all of your logins are compromised if someone gets the data from your local storage of the extension.

My advice would be to uninstall the extension, reinstall chrome, then change all of your passwords.
Interesting, I remember looking it up to find anything suspicious but couldn't, anyway, good detective work. It logs any kind of text input, it often saved my posts here. Anyway, I've now uninstalled it, since I do not need it anymore and due to the suspicion of it being a security hazard.

On the other hand, do you know any kind of similar software that is safe to use?

I couldn't really recommend any monitoring software for your own machine, but I think you'll be safe enough by pressing WIN + L when you get up to lock your screen, or encrypt your computer files when you leave for a long period of time.

Not your keys, not your coins.
ETFbitcoin
Legendary
*
Offline Offline

Activity: 2128
Merit: 3658


NotYourKeys.org - Not Your Keys, Not Your Bitcoin


View Profile
November 04, 2021, 10:54:00 AM
Merited by vapourminer (2)
 #39

On the other hand, do you know any kind of similar software that is safe to use?

There are open source version of such software, but i wouldn't recommend it unless you bother audit/test it properly. Besides there's saying "Prevention is better than cure". If you haven't done any action, you could start from enabling 2FA on your online account and using stronger password.

or encrypt your computer files when you leave for a long period of time.

It's not practical if you also want to secure your cryptocurrency wallet or browser data, where the file could be scattered on different folder. You could use full disk encryption (such as BitLocker for Windows and LUKS for Linux), but usually you need to enter password/PIN every time you turn on your laptop and recovery process is harder (if the disk is corrupted).

danuker
Newbie
*
Offline Offline

Activity: 18
Merit: 1


View Profile
November 04, 2021, 12:28:33 PM
 #40

I see that he hasn't snooped into Chrome at least

It would be trivial to mount a drive without touching the files on it (such as Chrome history). Any Linux live USB offers read-only mount support.

Yeah, I'll move everything to new wallets just in case, you can never be safe enough. On top of that, if we suppose that he has snooped through my files, he could potentially try to compromise the wallets at a much later date. That way, no accusation can actually be directed to him.

Absolutely. If I were you, I would definitely pay the transaction fee to move the coins to a new wallet.
Pages: « 1 [2] 3 4 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!