|
Dave1 (OP)
|
A new malware in the wild was spotted by trend micro. It leverage what we call runas.exe function, so they take advantage of it and can run the propagation with administrative privileges. By using the runas.exe command, users can run programs as an administrator or any other user account with appropriate privileges, provide a more secure environment for running critical applications, or perform system-level tasks. This utility is particularly useful in situations where the current user account does not have sufficient privileges to execute a specific command or program. In the case of Bandit Stealer, this is done with the following command line: The Bandit malware was so intelligent that it will check for several environment first, and alter itself depending on where it is running. What's scary is that it targets the following wallets:   So the principle hasn't change, they are dropping their dropper on emails and those who are looking for crack softwares. It could also spread and carry out in Youtube wherein there is a link that supposedly download a free softwares. https://www.trendmicro.com/en_us/research/23/e/new-info-stealer-bandit-stealer-targets-browsers-wallets.html |
| R |
▀▀▀▀▀▀▀██████▄▄
████████████████
▀▀▀▀█████▀▀▀█████
████████▌███▐████
▄▄▄▄█████▄▄▄█████
████████████████
▄▄▄▄▄▄▄██████▀▀ | LLBIT | │ | CRYPTO
FUTURES | | | | | | | │ | 1,000x
LEVERAGE | │ | COMPETITIVE
FEES | │ | INSTANT
EXECUTION | │ | .
TRADE NOW |
|
|
|
|
|
|
"In a nutshell, the network works like a distributed
timestamp server, stamping the first transaction to spend a coin. It
takes advantage of the nature of information being easy to spread but
hard to stifle." -- Satoshi
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
un_rank
|
 |
June 01, 2023, 06:06:32 AM |
|
So the principle hasn't change, they are dropping their dropper on emails and those who are looking for crack softwares. It could also spread and carry out in Youtube wherein there is a link that supposedly download a free softwares. Another reminder not to click on random links or to react to unsolicited messages regardless of the source. Importantly, protect your personal information in order not to be a target of hackers if your email falls into their hands. - Jay - |
| .SHUFFLE.COM.. | ███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████ | ███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████ | .
...Next Generation Crypto Casino... |
|
|
|
NotATether
Legendary
 Offline
Activity: 1582
Merit: 6680
bitcoincleanup.com / bitmixlist.org
|
|
June 01, 2023, 08:17:45 AM |
|
Perhaps to thwart these stealing attempts by malware, the wallet software could have an option to change the directory used to store wallet files. Malware can't possibly list the files and folders on the entire hard disk, so changing it seems like a good "security by obscurity" option.
It would only work with application software though, not browser extensions (with which you should not be storing your money in the first place).
|
.
.BLACKJACK ♠ FUN. | | | ███▄██████
██████████████▀
████████████
█████████████████
████████████████▄▄
░█████████████▀░▀▀
██████████████████
░██████████████
█████████████████▄
░██████████████▀
████████████
███████████████░██
██████████ | | CRYPTO CASINO &
SPORTS BETTING | | │ | | │ | ▄▄███████▄▄
▄███████████████▄
███████████████████
█████████████████████
███████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████████████
█████████████████████
███████████████████
▀███████████████▀
███████████████████ | | .
|
|
|
|
|
TravelMug
|
|
June 01, 2023, 09:04:21 AM |
|
So the principle hasn't change, they are dropping their dropper on emails and those who are looking for crack softwares. It could also spread and carry out in Youtube wherein there is a link that supposedly download a free softwares. Another reminder not to click on random links or to react to unsolicited messages regardless of the source. Importantly, protect your personal information in order not to be a target of hackers if your email falls into their hands. - Jay - Yeah, that's the basic of it all, no clicking on random clicks, even on those originator that we know, we shouldn't just trust but to verify everything. As for crack software? Again, this is one practice that if we get involves ourselves in crypto, you should get rid of it. It's better to get all your software with license. If you can save and HODL thousands of dollars of worth of crypto, then it's good if you could buy a genuine OS or whatever apps you need. |
| R |
▀▀▀▀▀▀▀██████▄▄
████████████████
▀▀▀▀█████▀▀▀█████
████████▌███▐████
▄▄▄▄█████▄▄▄█████
████████████████
▄▄▄▄▄▄▄██████▀▀ | LLBIT | │ | CRYPTO
FUTURES | | | | | | | │ | 1,000x
LEVERAGE | │ | COMPETITIVE
FEES | │ | INSTANT
EXECUTION | │ | .
TRADE NOW |
|
|
|
|
Dunamisx
|
|
June 01, 2023, 09:17:34 AM |
|
So the principle hasn't change, they are dropping their dropper on emails and those who are looking for crack softwares. It could also spread and carry out in Youtube wherein there is a link that supposedly download a free softwares. Another reminder not to click on random links or to react to unsolicited messages regardless of the source. Importantly, protect your personal information in order not to be a target of hackers if your email falls into their hands. - Jay - Each time they keep advancing in their stealing technology to introduce malwares to users by any available means they see can quickly lead to instant penetration on their target, we have to be very careful in dealing with our personal informations, sensitive informations, the websites visited, emails and links we click and the kind of downloads we also make, those are some of the entry routes they take to penetrate in to us. |
|
|
|
|
Yamane_Keto
|
|
June 01, 2023, 10:12:45 AM |
|
I did not understand the extent of the danger here. Suppose the hackers were able to call runas.exe, obtain administrative privileges, was able to search for a path and find the appropriate path like all what will get is the wallet file. In most wallets, that file is encrypted with a password. Hacker still needs to know the appropriate password to access your coins to brute force it, or did I miss something? to call runas.exe, it needs to download the program, meaning that random clicking alone is not enough to endanger your device. Whatever the reason, storing a lot of bitcoin in a hot wallet is behavior that may lead you to lose them, no matter how careful you are. |
|
|
|
WayneBunbury
Newbie
Offline
Activity: 21
Merit: 0
|
|
June 01, 2023, 10:23:51 AM |
|
Genral Rule of thumb Never use hotwallets wather thare trusted or not Thay Can be Hackted Save your self the Warry and By a Hardware/ColdWallet FRom Ledger Or tazor Ledger has been proven to be Unhackabel Since it hsas no online connection only time it does is if your updateing the firmware or transfuring some accets to leger live
|
|
|
|
|
Lucius
Legendary
Offline
Activity: 3220
Merit: 5628
Blackjack.fun-Free Raffle-Join&Win $50🎲
|
|
June 01, 2023, 10:23:58 AM |
|
To me, this seems more like PR for the company in question, because from the attached screen samples it is obvious that they do not know the difference between wallet and cryptocurrency. Table 3 says "cryptocurrencies stolen", but they mixed up cryptocurrencies and wallets, and in the second table they even add a CEX as a wallet.
There are probably hundreds of such malicious programs, and all of them have in common that they enter the system through the carelessness of the user, and AV companies just want to tell you that you will be safe if you use their protection. This is only partially true, because the first level of protection against such malicious programs is each user for himself.
|
.
.BLACKJACK ♠ FUN. | | | ███▄██████
██████████████▀
████████████
█████████████████
████████████████▄▄
░█████████████▀░▀▀
██████████████████
░██████████████
█████████████████▄
░██████████████▀
████████████
███████████████░██
██████████ | | CRYPTO CASINO &
SPORTS BETTING | | │ | | │ | ▄▄███████▄▄
▄███████████████▄
███████████████████
█████████████████████
███████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████████████
█████████████████████
███████████████████
▀███████████████▀
███████████████████ | | .
|
|
|
|
|
Taskford
|
|
June 01, 2023, 10:29:25 AM |
|
So the principle hasn't change, they are dropping their dropper on emails and those who are looking for crack softwares. It could also spread and carry out in Youtube wherein there is a link that supposedly download a free softwares. Another reminder not to click on random links or to react to unsolicited messages regardless of the source. Importantly, protect your personal information in order not to be a target of hackers if your email falls into their hands. - Jay - Yeah, that's the basic of it all, no clicking on random clicks, even on those originator that we know, we shouldn't just trust but to verify everything. As for crack software? Again, this is one practice that if we get involves ourselves in crypto, you should get rid of it. It's better to get all your software with license. If you can save and HODL thousands of dollars of worth of crypto, then it's good if you could buy a genuine OS or whatever apps you need. To many risk upon clicking those unwanted links that's why its not advisable to do that actions since we might gonna step those malwares without us knowing. Also its important to have license software especially when we are dealing with crypto on our computers by this way we can assure that we get the legitimate one and not those crack software which we don't know if there's hidden malware attached to it and to bad for us if we download it since for sure we will be compromised by hacking issues or by malwares just like what OP posted. |
| .
.Duelbits. | │ | | │ | ▄▄█▄▄░░▄▄█▄▄░░▄▄█▄▄
███░░░░███░░░░███
▀░░░▀░░▀░░░▀░░▀░░░▀
▄░░░░░░░░░░░░
▀██████████
░░░░░███░░░░▀
░░█░░░███▄█░░░█
░░██▌░░███░▀░░██▌
░█░██░░███░░░█░██
░█▀▀▀█▌░███░░█▀▀▀█▌
▄█▄░░░██▄███▄█▄░░▄██▄
▄███▄
░░░░▀██▄▀ | .
REGIONAL
SPONSOR | | ███▀██▀███▀█▀▀▀▀██▀▀▀██
██░▀░██░█░███░▀██░███▄█
█▄███▄██▄████▄████▄▄▄██
██▀ ▀███▀▀░▀██▀▀▀██████
███▄███░▄▀██████▀█▀█▀▀█
████▀▀██▄▀█████▄█▀███▄█
███▄▄▄████████▄█▄▀█████
███▀▀▀████████████▄▀███
███▄░▄█▀▀▀██████▀▀▀▄███
███████▄██▄▌████▀▀█████
▀██▄███▀██▄█▄▄▄██▄████▀
▀▀██████████▄▄███▀▀
▀▀▀▀█▀▀▀▀ | .
EUROPEAN
BETTING
PARTNER | |
|
|
|
|
Merit.s
|
|
June 01, 2023, 10:33:26 AM |
|
So the principle hasn't change, they are dropping their dropper on emails and those who are looking for crack softwares. It could also spread and carry out in Youtube wherein there is a link that supposedly download a free softwares. Another reminder not to click on random links or to react to unsolicited messages regardless of the source. Importantly, protect your personal information in order not to be a target of hackers if your email falls into their hands. - Jay - Each time they keep advancing in their stealing technology to introduce malwares to users by any available means they see can quickly lead to instant penetration on their target, we have to be very careful in dealing with our personal informations, sensitive informations, the websites visited, emails and links we click and the kind of downloads we also make, those are some of the entry routes they take to penetrate in to us. This is a reminder that these hackers don't get tired of looking for an alternative way to hack into investors wallet to steal their assets. We should always be cautious of clicking of links sent to us via email or online to avoid falling for their traps. Also you should download whatever you want to download from the right website because these hackers operates through malware sent to their victim for easy accessibility of your information on your PC. This is even worst because they have the crpytocurrency and wallets that they target. |
|
|
|
|
|
nakamura12
|
|
June 01, 2023, 10:39:46 AM |
|
This is why we should be very careful of clicking links because some malware are hiding in plain sight where we think there's no malware when the truth is there's a malware that gathers information and then sent to the malware creator or the one who spread it. Finding cracks for the application you downloaded that needs activation could also result in your wallet data being stolen. Being careful is what makes us safe from hackers who wants to steal crypto.
|
| | | | | | | ███▄▀██▄▄
░░▄████▄▀████ ▄▄▄
░░████▄▄▄▄░░█▀▀
███ ██████▄▄▀█▌
░▄░░███▀████
░▐█░░███░██▄▄
░░▄▀░████▄▄▄▀█
░█░▄███▀████ ▐█
▀▄▄███▀▄██▄
░░▄██▌░░██▀
░▐█▀████ ▀██
░░█▌██████ ▀▀██▄
░░▀███ | | ▄▄██▀▄███
▄▄▄████▀▄████▄░░
▀▀█░░▄▄▄▄████░░
▐█▀▄▄█████████
████▀███░░▄░
▄▄██░███░░█▌░
█▀▄▄▄████░▀▄░░
█▌████▀███▄░█░
▄██▄▀███▄▄▀
▀██░░▐██▄░░
██▀████▀█▌░
▄██▀▀██████▐█░░
███▀░░ | | | | |
|
|
|
dkbit98
Legendary
Offline
Activity: 2212
Merit: 7068
Cashback 15%
|
|
June 01, 2023, 11:49:19 AM |
|
A new malware in the wild was spotted by trend micro. It leverage what we call runas.exe function, so they take advantage of it and can run the propagation with administrative privileges.
This malware again targets only devices with wind0ws operating system, that means that using linux would be perfect protections against this attack. I am long time advocate for doing this switch from windows to linux, not only because of security benefits but because of better privacy and open source code. Fedora, Debian or Linux Mint are one of the best choices and they are generally better for anything related with Bitcoin. |
.
.HUGE. | | | | | | █▀▀▀▀
█
█
█
█
█
█
█
█
█
█
█
█▄▄▄▄ | ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
.
CASINO & SPORTSBOOK
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ | ▀▀▀▀█
█
█
█
█
█
█
█
█
█
█
█
▄▄▄▄█ | | |
|
|
|
|
