Be mindful when making transactions on PC

[JangoUnchained]

If you are using wallets on PC and you are also receiving emails and browsing the Internet on such pc make sure you watch your step very well, there is a malware out there that can swap the address you want to send coins to with a scammers address, I was so lucky to noticed this and I have the habit of cramming the last three alphabets of the receivers address after clicking on copy. May we not work for scammers to enjoy our hard work in the end.


Things are back to normal after I formatted my PC

[1715000676]

1715000676

[1715000676]

1715000676

[Maus0728]

Linking this thread created by @LoyceV in case there is someone who is new to this type of problem called "Clipboard Hijacking".

[1] How to lose your Bitcoins with CTRL-C CTRL-V

I was so lucky to noticed this and I have the habit of cramming the last three alphabets of the receivers address after clicking on copy.

Just a suggestion. Check the entire address string to see if the pasted address is the same as the source. Only checking the first/last three characters is not a good practice since the middle part can be modified, which can be tough to spot if you are not paying attention.

[Lucius]

This malware has been known for a long time, and we call it in general clipboard malware, and that's exactly what you described. The precautions that every crypto user should take should consist of trying to prevent such malware from getting into our system at all. This would include the following actions:

• Never click on suspicious links presented through e-mail and social networks, but also do not click on advertisements that can also lead to malicious content.
• Be extremely careful when downloading all media files directly or via torrent, and when visiting xxx websites - it would be best to have a separate device for such things.
• Get proper antivirus/malware protection to protect you in case you still make a mistake.
• Always check all the data in your crypto wallet before confirming the transaction by clicking on the preview option, with special emphasis on the accuracy of the address to which you are sending coins.
• However, if you are not a careful enough person and bad things often happen to you, invest in a hardware wallet that will additionally protect you by forcing you to raise security to a higher level.

[Rruchi man]

• Get proper antivirus/malware protection to protect you in case you still make a mistake.

The importance of this cannot be overstated, some persons only think in the direction and fear the possibility of virus entering their PC and not Malwares. Some malwares are as dangerous, even more dangerous than some virus. A friend of mine had a malware in his PC that was actively taking screenshots of his PC screen and sending to a source, had he not noticed it on time, it would have done a great deal of damage to him because he does all business transactions and related from his PC. Get a good malware protection because these things are real.

[Welsh]

Ideally, physically or using a operating system which supports compartmentalization, therefore isolating it from your daily activities is the best approach. I'm an advocate for Qubes OS which not only isolates each qube from another i.e instances of a operating system, it can optionally isolate your network from them too. There's also options to have a disposable sys-net, which upon rebooting resets it back to the template, so if you did get compromised it would only be for that session.

Although, even without isolation techniques, you can avoid most problems by not downloading anything that you haven't verified to be legitimate.

The importance of this cannot be overstated, some persons only think in the direction and fear the possibility of virus entering their PC and not Malwares. Some malwares are as dangerous, even more dangerous than some virus. A friend of mine had a malware in his PC that was actively taking screenshots of his PC screen and sending to a source, had he not noticed it on time, it would have done a great deal of damage to him because he does all business transactions and related from his PC. Get a good malware protection because these things are real.

I actually consider anti viruses to be worse than just following basic security protocols. They slow down your computer, they often come with bloatware, and they're intrusive via unnecessary notifications. Also, some people have claimed they falsely identify problems, just so you think they're working.

An Anti Virus is a glorified database checker, they don't use anything impressive, and they aren't effective against new attacks, until they've been found, and put in the database. This often nulls people into a false sense of security. So, are anti viruses beneficial? Probably to some people, but like I suggested above you can easily avoid most of the pitfalls by not doing risky stuff on your computer.

[Yamifoud]

• Get proper antivirus/malware protection to protect you in case you still make a mistake.

The importance of this cannot be overstated, some persons only think in the direction and fear the possibility of virus entering their PC and not Malwares. Some malwares are as dangerous, even more dangerous than some virus. A friend of mine had a malware in his PC that was actively taking screenshots of his PC screen and sending to a source, had he not noticed it on time, it would have done a great deal of damage to him because he does all business transactions and related from his PC. Get a good malware protection because these things are real.

That is the thing we suppose to do but only techy people who able to do this while others don't care about it and they mostly receive the consequences due to ignorance. Even we do much care of our PC and install blocking apps, we can't still assure that everything will be okay and totally safe as these apps couldn't give 100% safety on your PC. Some leaks could be considered especially when accidentally clinking links that contain malware or virus.
Well, the best way is not to save important information to our PC or laptop, especially when it includes private keys and bank accounts.

[Welsh]

That is the thing we suppose to do but only techy people who able to do this while others don't care about it and they mostly receive the consequences due to ignorance. Even we do much care of our PC and install blocking apps, we can't still assure that everything will be okay and totally safe as these apps couldn't give 100% safety on your PC. Some leaks could be considered especially when accidentally clinking links that contain malware or virus.
Well, the best way is not to save important information to our PC or laptop, especially when it includes private keys and bank accounts.

You'll find that the more technical people will avoid anti viruses for the reasons I mentioned above. I actually see anti viruses to be more tailored towards those that don't know much about computers or using them safely. For example, and I do hate giving this an an example as it comes across as stereotypical, but it's not meant to be that way; a older generation person that hasn't had much interest in computers, will likely be more inclined to use anti virus because they don't have the knowledge to secure themselves. However, while there's nothing wrong with this approach, there's definitely a element of risk here, since that person will likely assume that they're safe from all attacks, and therefore will be more complacent, when in fact they aren't completely secure.

Some leaks could be considered especially when accidentally clinking links that contain malware or virus.
Well, the best way is not to save important information to our PC or laptop, especially when it includes private keys and bank accounts.

Your data is 100 percent going to be leaked at some point, if it hasn't already been so. This is nothing to do with your personal security (although you can mitigate it by providing fake/temporary data), but the services that you use. For example, the most popular websites in the world have been hacked, and have had their data leaked. This forum has been hacked, and user's passwords, and other information was leaked. So, avoiding leaks is impossible if you use the internet, and sign up to services.

However, like I briefly mentioned you can mitigate that risk by providing fake or temporary data that is website/service specific. Although, most people don't do this because of the issue with convenience.

[Lucius]

I actually consider anti viruses to be worse than just following basic security protocols. They slow down your computer, they often come with bloatware, and they're intrusive via unnecessary notifications. Also, some people have claimed they falsely identify problems, just so you think they're working.

As someone who has tried at least 15 or more commercial home AVs over the years, I can say that there are indeed those that are difficult to configure, have an impact on the system, and can cause inconvenience to the user. However, there are security solutions that are the opposite, and their presence on modern computers is almost invisible if we look at CPU or RAM usage.

For example, I will say something about my experience with Norton Security, which I consider almost perfect. RAM consumption is generally less than 100 MB, while CPU goes from mostly 2-5%. By comparison, Firefox with 4 open tabs consumes over 1 GB of RAM and close to 10% CPU. For a computer with 8 GB of RAM and a modern processor, no AV will be a problem with resource consumption.

I agree that protection depends on what the antivirus definition database is and how often it is updated - but also on how good heuristic analysis it has, which means that it can fight against those threats that have not yet been added to the antivirus database.

[Welsh]

As someone who has tried at least 15 or more commercial home AVs over the years, I can say that there are indeed those that are difficult to configure, have an impact on the system, and can cause inconvenience to the user. However, there are security solutions that are the opposite, and their presence on modern computers is almost invisible if we look at CPU or RAM usage.

For example, I will say something about my experience with Norton Security, which I consider almost perfect. RAM consumption is generally less than 100 MB, while CPU goes from mostly 2-5%. By comparison, Firefox with 4 open tabs consumes over 1 GB of RAM and close to 10% CPU. For a computer with 8 GB of RAM and a modern processor, no AV will be a problem with resource consumption.

I agree that protection depends on what the antivirus definition database is and how often it is updated - but also on how good heuristic analysis it has, which means that it can fight against those threats that have not yet been added to the antivirus database.

See, I've found Norton to be quite intrusive, the thing is as computers advance, so does their hardware, so the effect of the program isn't noticed as much as time goes on. Put Norton on a older system, which doesn't have the latest ram, and CPU, and you'll see an issue. Although, I can't personally claim either way if its good or not in terms of resources, since I haven't seen it personally.

Although, why I find it intrusive is because it constantly tries to push additional products onto you. For example, I have friends that use it, and I've seen that they try to push Norton's own version of a VPN. The only saving grace is that they do claim not to keep logs for their VPN's. Although, according to this they do collect some data, which is too broad to see if any of that information could be deemed invasive. However, I'm not a fan of the advertising that these services do, even if it is their own products. I believe they're enabled by default, and can be turned off through the settings.

As for their capabilities in protecting its users, I'd have to see some compelling data to change my mind on it. Heuristic_analysis generally is very limited, and more often than not identifies false positives. I've had code I've written been flagged by anti virus systems, so I know they're definitely flagging up false positives. Most operating systems have built in systems these days, Windows has Windows Defender, which practically does the same thing, a part from a few variations. Obviously, Linux can differ per its distribution. Mac OS I'm not entirely sure how that works, as I've never touched one of them for long enough to take a look. If you have a built in system that you can't disable (Windows Defender), then you are effectively adding another similar application to the current usage of that application too. So, that should be factored in.

I'm going to sound like a broken record here once again, but if you truly care about security, and internet security there's no better operating system than Qubes OS. I've recommended this so many times, I almsot feel like a personal sales agent for them, but it's completely free, and uses virtualisation technology to separate instances known as Qubes, which means even if one of them was compromised, it's unlikely to be able to infect others, which reduces your risk massively.

For example, you could have a dedicated Bitcoin wallet qube which you plug your hardware wallet into, sys-net the qube that handles the network supplies the connection to that qube. If sys-net gets compromised, it doesn't mean that the qube will, and you could potentially set sys-net as disposable so upon reboot it resets to the default, and effectively gets rid of any threat. The best anti virus to me, is compartmentalizing your system by default, so if you're compromised it doesn't compromise you entirely. Anti Virus's do attempt to isolate the threat before it does any damage, but there are no guarantees of that.  I'm not going to go into this rabbit hole as I'm afraid it'll go too off topic. However, while I agree with the OP's statement that you should be careful, the only way you can truly be sure, is via isolation, even then there are definitely risks, but it's the most secure way other than not using the internet at all. Obviously, I'd recommend against using hot wallets when not necessary anyhow, and strictly use cold storage.

This all obviously depends on your threat model. Most viruses aren't very sophisticated, and they don't need to be, because they aren't meant to be attacking high profile people. Instead, they often try to advertise or collect data.

[JangoUnchained]

I actually consider antiviruses to be worse than just following basic security protocols. They slow down your computer, they often come with bloatware, and they're intrusive via unnecessary notifications. Also, some people have claimed they falsely identify problems, just so you think they're working.

As someone who has tried at least 15 or more commercial home AVs over the years, I can say that there are indeed those that are difficult to configure, have an impact on the system, and can cause inconvenience to the user. However, there are security solutions that are the opposite, and their presence on modern computers is almost invisible if we look at CPU or RAM usage.

For example, I will say something about my experience with Norton Security, which I consider almost perfect. RAM consumption is generally less than 100 MB, while CPU goes from mostly 2-5%. By comparison, Firefox with 4 open tabs consumes over 1 GB of RAM and close to 10% CPU. For a computer with 8 GB of RAM and a modern processor, no AV will be a problem with resource consumption.

I agree that protection depends on what the antivirus definition database is and how often it is updated - but also on how good heuristic analysis it has, which means that it can fight against those threats that have not yet been added to the antivirus database.

Good recommendation welsh I will give Norton antivirus a try, maybe if I have a strong antivirus installed in the first place maybe none of this wouldn't have happened, thank you.

[BernyJB]

For example, and I do hate giving this an an example as it comes across as stereotypical, but it's not meant to be that way; a older generation person that hasn't had much interest in computers, will likely be more inclined to use anti virus because they don't have the knowledge to secure themselves. However, while there's nothing wrong with this approach, there's definitely a element of risk here, since that person will likely assume that they're safe from all attacks, and therefore will be more complacent, when in fact they aren't completely secure.

Well, I am 56 years "young" (no offense taken though), so you could say I'm an "older generation person", but I have been very interested in computers since I was little, yet I don't feel I have the knowledge to effectively protect myself. I find there are so many different classes of attacks, it's overwhelming.
Incidentally I switched to Linux more than a decade ago, and felt somehow secure because of it, but since I started on cryptocurrencies I wouldn't bet on it.

So, avoiding leaks is impossible if you use the internet, and sign up to services.

Nothing is impossible. It just takes work, and, like you said, it may be inconvenient at times, but it can be done, and it has been done. Now they say web 3.0 will be more focused on personal security and privacy. We'll see...

For example, I will say something about my experience with Norton Security, which I consider almost perfect.

I used Norton once in 2005, on a computer I knew, for a fact, was infected. It didn't find anything, even when running it in "safe mode". Then I did a google search and found Spybot S&D. on the first run, it found about 1800 viruses. On a second run on "safe mode", it found another 300. I never used Norton again.

[Welsh]

Don't get me wrong, if you don't consider yourself up to the standards to protect yourself online, then by all means install a anti virus, but definitely keep in mind that it doesn't protect you fully, and therefore there's a chance that you could become complacent, and neglect security advice that you wouldn't if you didn't have the anti virus.

If your anti virus doesn't collect data on you, doesn't advertise crap, and doesn't use too much of your resources, then there isn't too much of a problem. Although, you can absolutely mitigate the risk without a anti virus, like I said by downloading only from trusted sources, having scripts turned off by default on your browser, flash, and other media turned off by default, and by verifying signatures even if you trust the website your downloading from, since you want to be absolutely sure that website hasn't been compromised.

Well, I am 56 years "young" (no offense taken though), so you could say I'm an "older generation person", but I have been very interested in computers since I was little, yet I don't feel I have the knowledge to effectively protect myself. I find there are so many different classes of attacks, it's overwhelming.
Incidentally I switched to Linux more than a decade ago, and felt somehow secure because of it, but since I started on cryptocurrencies I wouldn't bet on it.

Yeah, it's definitely not meant to offend. I just thought that's the easiest way of explaining it that some people will be able to relate too. It's a fact that some older generation people are more up to scratch with security than younger, in fact this isn't always down to having more knowledge about their computer, but fear of using it if that makes sense.

Security is very complex, like seriously it's very complex to the point that I doubt anyone follows all the recommended steps, that's when anti viruses do offer some protection, but as stated the complacency that could introduce shouldn't be underestimated.

Linux has some benefits to it, like for example root permission often has to be elevated, although it entirely depends on the setup that the individual has. Although, Linux definitely does have some built in protection just by how it usually ships, and the fact that most viruses will be adapted to those running the most popular operating system, which is currently Windows I believe.

Running a Linux system doesn't mean you're automatically secure though.

Nothing is impossible. It just takes work, and, like you said, it may be inconvenient at times, but it can be done, and it has been done. Now they say web 3.0 will be more focused on personal security and privacy. We'll see...

I'd go as far to say that inconvenience along with complacency is the leading cause to infection. I can't prove that, but that's my gut feeling.

Things are back to normal after I formatted my PC

The bare minimum for me when using conventional operating systems (i.e not Qubes) is complete reinstall of the operating system infected, and a full reset of the router. This will prevent most non sophisticated attacks. Although, it's possible to survive formats, router resets, and bios infection, however this usually isn't the case for the vast majority of infections.

[Mpamaegbu]

I was so lucky to noticed this and I have the habit of cramming the last three alphabets of the receivers address after clicking on copy. May we not work for scammers to enjoy our hard work in the end.

One can never be too careful to the point of paranoia. I also make it a point of duty to check the first three or four alphabets in the address I'm sending to, then the middle and end alphabets. I try as much as I can never to be in a hurry while on a financial transaction. With cryptos, I triple check. No hurry in life. Going forward, I think people should restrict links they click for a lot of these malware come from sites we visit, especially porn sites.

This malware has been known for a long time, and we call it in general clipboard malware, and that's exactly what you described.

I'm curious why we don't have such with mobile phones since we also have clipboards with phones.

[Welsh]

One can never be too careful to the point of paranoia. I also make it a point of duty to check the first three or four alphabets in the address I'm sending to, then the middle and end alphabets. I try as much as I can never to be in a hurry while on a financial transaction. With cryptos, I triple check. No hurry in life. Going forward, I think people should restrict links they click for a lot of these malware come from sites we visit, especially porn sites.

I tend to agree, but really it should be balanced. I've had this issue myself where I tend to look at things from a paranoid perspective, but then it isn't always rational to look at things that way. It usually means you're doing additional steps when it really isn't needed.

Personally, I recommend everyone picks a certain threat model (i.e personally defined strictness), and stick to it strictly.

I'm curious why we don't have such with mobile phones since we also have clipboards with phones.

I find it mind boggling that Android hasn't implemented a permission based system for accessing the clipboard, because it already has the fundamentals there. Especially, when a clipboard could be considered on of the biggest security flaws that users will fall victim too.

[LostEcho]

One can never be too careful to the point of paranoia. I also make it a point of duty to check the first three or four alphabets in the address I'm sending to, then the middle and end alphabets. I try as much as I can never to be in a hurry while on a financial transaction. With cryptos, I triple check. No hurry in life. Going forward, I think people should restrict links they click for a lot of these malware come from sites we visit, especially porn sites.

I tend to agree, but really it should be balanced. I've had this issue myself where I tend to look at things from a paranoid perspective, but then it isn't always rational to look at things that way. It usually means you're doing additional steps when it really isn't needed.

Personally, I recommend everyone picks a certain threat model (i.e personally defined strictness), and stick to it strictly.

I'm curious why we don't have such with mobile phones since we also have clipboards with phones.

I find it mind boggling that Android hasn't implemented a permission based system for accessing the clipboard, because it already has the fundamentals there. Especially, when a clipboard could be considered on of the biggest security flaws that users will fall victim to.

I think such malicious trick is possible on mobile phones by downloading a third-party keyboard, they always ask for some access that you don't want to accept, I find such keyboards unsafe to use.

[Mpamaegbu]

but then it isn't always rational to look at things that way. It usually means you're doing additional steps when it really isn't needed.

Better safe than sorry, I would say. Those who overlook security measures often pay dearly for that. I rather be thought paranoid than being called a victim. But I get your drift.

I find such keyboards unsafe to use.

Anything third party, not just keyboards, seeking permission to certain files on my phone scares me. I usually abort the process once I get that warning, no matter what I'm trying to work on. So, I can say Android does warn users too.

[hatshepsut93]

Reinstalling Windows won't help you in the long run if you don't change your habits. Clipboard malware is pretty tame compared to worst cases - full control over your PC, keylogging your passwords, stealing private keys from memory, etc. You need to have your wallet in an isolated environment - a cold storage or a hardware wallet or a system like Qubes OS, and you need to stop getting your offline machine infected - use open source alternatives instead of pirating software or downloading it from shady links and don't download anything from unverified sources at all.

[DdmrDdmr]

<…>

Besides formatting your PC, I figure you’re being extra careful and selective when reinstalling software back on to it. Often, these situations occur after installing some unknown or hacked software, and reinstalling some given (rouge) software could lead to reiterating the issue.

Out of curiosity, have you managed to pinpoint or narrow down what software installation could have been the root cause of your problem?

[Lucius]

I used Norton once in 2005, on a computer I knew, for a fact, was infected. It didn't find anything, even when running it in "safe mode". Then I did a google search and found Spybot S&D. on the first run, it found about 1800 viruses. On a second run on "safe mode", it found another 300. I never used Norton again.

Norton was then just an antivirus program, without detecting adware, spyware, or malware - and that's exactly what a specialized program for such things discovered - I know that because I used Spybot at the same time. In everything that that program found on your computer, most of it was probably pretty harmless, and I'm sure it wasn't viruses. It's like comparing Malwarebytes to any AV program today, this first one is synonymous when it comes to fighting malware.

Although, why I find it intrusive is because it constantly tries to push additional products onto you... I believe they're enabled by default, and can be turned off through the settings.

Just a few minutes is enough to personalize the program, which includes this option - and I have it turned on and get 1-2 notifications in a week, sometimes not even one. I understand that there are much better ways to protect, especially if the computer has anything to do with cryptocurrencies - but as for me personally, I do not deal with any risky things, I have a hardware wallet and protection with antivirus + premium Malwarebytes and regular system updates are quite enough for me - and they do not burden the system to the extent that it would bother me. At this point, it’s the level of protection I can live with and feel safe with.

[Welsh]

Better safe than sorry, I would say. Those who overlook security measures often pay dearly for that. I rather be thought paranoid than being called a victim. But I get your drift.

Yeah, when your responsible for your own money or anyone else's for that matter I tend to be a lot more paranoid, which is a good way of looking at it from that point of view because you are less susceptible to complacency, which has I've suggested I believe is one of the leading factors to people getting infected, and losing money.  

Anything third party, not just keyboards, seeking permission to certain files on my phone scares me. I usually abort the process once I get that warning, no matter what I'm trying to work on. So, I can say Android does warn users too.

Yeah, Android at least has a decent permission system, although I do think it could be improved with slight additions. However, if your downloading questionable third party applications in the first place, that permission system might already be compromised, depending on their level of sophistication. Of course, most aren't that sophisticated like previously suggested, however when you're responsible for your money, being extra careful is likely the better route.

I understand that there are much better ways to protect, especially if the computer has anything to do with cryptocurrencies - but as for me personally, I do not deal with any risky things, I have a hardware wallet and protection with antivirus + premium Malwarebytes and regular system updates are quite enough for me - and they do not burden the system to the extent that it would bother me. At this point, it’s the level of protection I can live with and feel safe with.

Yeah, I guess my point is anti viruses can introduce complacency, and as long as you're aware of that you can mitigate it. Although, an anti viruses can also be a waste of money, if you aren't downloading untrustworthy stuff from the internet, and aren't surfing the web unprotected (noscript etc) then you're pretty much good to go.

Anything that can be verified should be verified, and anything that doesn't offer signatures to verify should be considered not worth the risk of downloading in my opinion. I know it can be tedious at times, but that's exactly why complacency creeps in.