How can I get over clip board malware attack?

[Luzin]

So far I've experienced windows. It's purely my fault, downloading free apps and installing them on my computer from unofficial websites. That's as far as I'm concerned because I don't have enough money to pay for a paid app to get a full license. Don't do stupid things like me.

How do I know this? yes because I always check the wallet address if I want to Deposit or Withdraw. That precision made me safer, because I didn't confirm it right away. It turned out that the virus was in the chrome  add-on, even I had deleted it but it always appeared when my computer turned it back on. The last resort is that I have to clean up my Windows reinstallation. So far for Android I still feel safe.

[jerry0]

Is there a way to test if the clipboard malware attack exist on your pc?


I remember i saw a video where a guy would just copy and paste a btc address from notepad to somewhere else as a test and noticed when he did that... it changed.  Of course the first few letters of the btc address was the same so it seems this malware is smart in that it would find the starting letter of the btc address to be similar before it makes the change.


But as long as you copy an address that looks like a btc address to say another part on the computer, whether its an address in an exchange, notepad or even google search, as long as it doesn't change it... your computer do not have that clipboard malware? 

[Husna QA]

Is there a way to test if the clipboard malware attack exist on your pc?

For Windows OS users (Windows 10 and above), use the shortcut Windows key + V to view the Clipboard. In the list that appears on the Clipboard, you can first check whether the BTC address previously copied is correct or not.

But as long as you copy an address that looks like a btc address to say another part on the computer, whether its an address in an exchange, notepad or even google search, as long as it doesn't change it... your computer do not have that clipboard malware? 

Yes, because if a computer has clipboard malware, the pasted data is different from the copied data.

[Daodex]

1. Don't visit website with http link which is not a secured connection, a secured one should be in https format.

2. Don't make crypto transactions on your PC I find phone to be less prone to malwares

I've stopped running wallets on windows OS pc the risks you go through every day by day is high.

[DdmrDdmr]

1. Don't visit website with http link which is not a secured connection, a secured one should be in https format. <…>

That’s really an often stated misconception. The "s" (secure) part will imply that the data you transmit to and from the site will be encrypted, but it does nothing else but give a false sense of security when it comes to the likeliness of dealing with a site that can provide malware through some kind of download, or else other malware or intent in wrongdoing. An SSL certificate is pretty cheap to obtain, and there are multiple scam, phishing, you name it type sites that resort to it, simply because of the wrong sense of security it bears.

[jerry0]

So is it possible for you to copy and paste a btc address ready to send and the cliipboard malware changes it... but if you copy and paste a btc address to say notepad or address bar on chrome ... and it doesn't change it?


Also what if it looks like a btc address but it has much less characters or more characters?   Could the clipboard malware recognize it such as okay this is over 80 characters long... this is not a btc address?


Also I keep hearing about only btc and eth when it comes to the clip board malware attack.  But what about other coins though?  Imagine you had some coin that is worth little and most people haven't even heard of.  What happens there?

[PrimeNumber7]

Is there a way to test if the clipboard malware attack exist on your pc?

You can try sending a large amount of coin via copying an address and see if the transaction goes to the right place.

It is really not possible to know if you have been infected with malware with absolute certainty.

But as long as you copy an address that looks like a btc address to say another part on the computer, whether its an address in an exchange, notepad or even google search, as long as it doesn't change it... your computer do not have that clipboard malware? 

No. if you are infected with malware, you cannot trust any output that your computer produces. This includes any displayed information. There is the risk that malware will change what is on your clipboard and will continue to display the address on your monitor but will change what is transmitted to any website.

[o_e_l_e_o]

1. Don't visit website with http link which is not a secured connection, a secured one should be in https format.

There is absolutely no good reason to not have HTTPS Everywhere installed in your browser and running at all times. If you are using Firefox or Tor (which you should be), then you can also just go to Settings -> Privacy & Security and check the box for "Enable HTTPS-Only Mode in all windows". But as DdmrDdmr says, this encrypts your communications with your destination, protecting again interception and man in the middle attacks. It the destination you are connecting to is malicious, then your communication with that malicious site will be encrypted, which offers absolutely no protection to you as the end user. So in short, you should always use HTTPS, but it doesn't guarantee security by any means.

2. Don't make crypto transactions on your PC I find phone to be less prone to malwares

I've stopped running wallets on windows OS pc the risks you go through every day by day is high.

Well, your issue with PCs is a Windows problem rather than a PC problem.

So is it possible for you to copy and paste a btc address ready to send and the cliipboard malware changes it... but if you copy and paste a btc address to say notepad or address bar on chrome ... and it doesn't change it?

There's no inherent reason that malware couldn't detect where you are pasting the address and selectively change it based on this informaiton.

Also what if it looks like a btc address but it has much less characters or more characters?   Could the clipboard malware recognize it such as okay this is over 80 characters long... this is not a btc address?

Absolutely.

Also I keep hearing about only btc and eth when it comes to the clip board malware attack.  But what about other coins though?  Imagine you had some coin that is worth little and most people haven't even heard of.  What happens there?

There's nothing stopping someone creating clipboard malware for any coin in existence.

[jerry0]

Would a hacker really use their time to create clipboard malware for something like greencoin or bluecoin?  How long would that even take?  So owning certain coins would prevent you from clipboard malware then?

[o_e_l_e_o]

Would a hacker really use their time to create clipboard malware for something like greencoin or bluecoin?

No one can profess to know the motivation of every person in the world responsible for coding malware, but if there is potential profit to be had, then someone is likely to attempt it. Bear in mind the most shitcoins are just tokens on another blockchain, though, so a piece of malware which swaps Ethereum addresses for example will be able to steal thousands of useless tokens too.

How long would that even take?

Take existing malware, swap out BTC address detection for *insert coin* address detection, swap out BTC address insertion for *insert coin* address insertion, done. Probably under 2 minutes.

So owning certain coins would prevent you from clipboard malware then?

No, checking your addresses properly and having good browsing habits which prevent you from being infected by malware in the first place will protect you from clipboard malware.

[HeRetiK]

How long would that even take?

Take existing malware, swap out BTC address detection for *insert coin* address detection, swap out BTC address insertion for *insert coin* address insertion, done. Probably under 2 minutes.

At this point I'd assume that your run-off-the-mill clipboard malware comes with multi-coin support. Once a victim is compromised there's no reason not to check against multiple address formats for whatever coins may be profitable.

[PrimeNumber7]

Would a hacker really use their time to create clipboard malware for something like greencoin or bluecoin?  How long would that even take?  So owning certain coins would prevent you from clipboard malware then?

A good developer will make any software they create very flexible. So it should be trivial to adjust any malware that is well-written if some new coin became popular.

It is also possible that malware is written in a way such that it does not specifically look for "bitcoin" private keys, but rather looks for what resembles private keys (this might not be specifically relevant to clipboard malware).

I would also make the general statement that if a coin is not popular enough for people to write malware to try to steal, there is a good chance that coin is not very valuable.