Questions About Malware/Virus/Keyloggers?

[jerry0]

If you have a hardware wallet, anything that you download on a windows laptop has no impact even if you use ledger live with your hardware wallet right as long as you are careful the address you are sending to is correct right?  Thus if you try to send crypto with your nano ledger, well if it shows a different btc address than the one you copy and pasted to it, well as long as you make sure you notice the address change, you are fine right?  But if you have a laptop that has this issue, you have to use another laptop with ledger live or format your laptop in order to send correct?



Now let's say you use electrum on your windows laptop.  If you were to download a torrent that has malware or virus or keylogger, does that mean your btc in electrum is at risk?  And if so, how much at risk will it be?  I assume if you don't have a password for electrum, then that is the worst but if you have one, that is still bad but not as bad?  However, what if you download a file or exe file or torrent but never open it?  Is your laptop still safe or not?  What about electrum?  Now what if you click on a phishing link from a fake trustwallet or coinbase etc.  I read they ask you enter your seed phrase.  Now if you do not enter any seed phrase and just close the link, do you have malware or virus or keylogger?  So would an antivirus like norton or kaspersky total be enough to check if you have any malware or not 100%?  So in this situation if you accidentally clicked on a link like that, do you have to format your laptop or it's usually fine if you didn'topen an file or enter the seed?  What if say you visit streaming sites whether to watch a sports even or adult videos and stream those videos.  Since those sites have tons of ads, is there a huge risk of you getting your computer infected or not?  What if you have ublock origin?  Is that enough or not?  



Now the same can be said when there are a lot of links on youtube comments.  If you click on any of those links on youtube comments, do you risk losing crypto in your electrum or trust wallet in your windows laptop or not?  I heard mixed opinions from some people saying if you click on a link and don't enter the seed or enter any information, you are fine.  Is that true or false?  What about downloading a file and opening it?  That would mean your computer has malware and any electrum or trustwallet you have will be hacked?  Now what if it's a PDF file someone sends you and you open it?  Same thing?  But will opening that PDF file mean someone can empty your electrum or trust wallet account?  What if you don't open the PDF file but preview it?  Is that the same or not?  

[1715202655]

1715202655

[1715202655]

1715202655

[1715202655]

1715202655

[1715202655]

1715202655

[1715202655]

1715202655

[Zaguru12]

Short Answer : if your device that holds the wallet keys or seed phrase ever comes to live online then consider that wallet compromised.

 It might not be the case but it is better to avoid any potential attack because there is no sign necessarily that warns that your wallet has been compromised except that you see it at a later stage which might be late already

If you have a hardware wallet, anything that you download on a windows laptop has no impact even if you use ledger live with your hardware wallet right as long as you are careful the address you are sending to is correct right?  Thus if you try to send crypto with your nano ledger, well if it shows a different btc address than the one you copy and pasted to it, well as long as you make sure you notice the address change, you are fine right?  But if you have a laptop that has this issue, you have to use another laptop with ledger live or format your laptop in order to send correct?

Yes even if a device you connect your hardware wallet with is compromised, it wouldn’t get to the seed because basically that is what the hardware wallets are for; shielding your device from connecting to the seed phrase. Also the address or information you should trust is one showing/dsipalyed by your hardware, not the one by the computer.  But it will still be too careless of you to use a infected device

Now let's say you use electrum on your windows laptop.  If you were to download a torrent that has malware or virus or keylogger, does that mean your btc in electrum is at risk?  And if so, how much at risk will it be?  I assume if you don't have a password for electrum, then that is the worst but if you have one, that is still bad but not as bad?  However, what if you download a file or exe file or torrent but never open it?  Is your laptop still safe or not?  What about electrum?  Now what if you click on a phishing link from a fake trustwallet or coinbase etc.  I read they ask you enter your seed phrase.  Now if you do not enter any seed phrase and just close the link, do you have malware or virus or keylogger?  So would an antivirus like norton or kaspersky total be enough to check if you have any malware or not 100%?  So in this situation if you accidentally clicked on a link like that, do you have to format your laptop or it's usually fine if you didn'topen an file or enter the seed?  What if say you visit streaming sites whether to watch a sports even or adult videos and stream those videos.  Since those sites have tons of ads, is there a huge risk of you getting your computer infected or not?  What if you have ublock origin?  Is that enough or not? 

I would say this electrum is already compromised, and it is risky to use it. Not clicking on a phishing link is not the problem but what lead your device to the phishing link already means it is not airgapped and as such is considered compromised

[DYING_S0UL]

I'll keep it short. Nothing is ever safe regardless the security if it were to exposed to online. The one and only solution to truly overcome this problem is by using an airgapped device.

I am telling this because I got infected multiple time even after having the security/defender on. It was the third time I got infected with viruses (clipboard). So I had my lessoned learned.

[Churchillvv]

I'm not too aquatinted with wallet knowledge so I tried to study more on it because of your questions.

But it seems you have ask lots of questions too in the past which I read through it has most of the answers to your questions in this thread, in this thread of yours Electrum Wallet Bitcoin Security Precautions @pooya87 and others gave some answers that might relate to the questions in this thread too.
But am still reading to find more answers.

The only thing I know right now is your advised to store your crypto assets in an offline/cold storage system or airgapped computer that must not connect to the internet in order to be safe, that's what I have learnt from my research. And you too should start doing more research

[jerry0]

What about those phishing emails that you get from a fake coinbase or ledger email and they tell you to click on something or connect to something?  If you click on the link but do not type in your seed, is there still malware on your computer?  Would any virus program like kaspersky total or bitdefender or similar be able to confirm if there is any virus or malware or keylogger?


The reason is well if you have malware, anything you type in an email or online banking can be viewed correct?  And say you use a software wallet like electrum or trust wallet or exodus on your laptop.  Isn't there risk if you ever click on one of those links?  Now if you ever enter your seed phrase for electrum or trust wallet or exodus, isn't there a big risk?  The thing is I still didn't get an answer from people on if this is a yes or no.  Most people say as long as you don't type in the seed in the link... you are fine?  But couldn't your software wallet get drained in your software account though?  Seems like im getting mixed answers so which is true then?  If you click on a coinbase or ledger or binance phishing email link but don't do anything on it, is your computer still safe or not?

[MysteryMiner]

Learn how to use computers, guys! You cannot become infected without pilot error from your part! Or You must run misconfigured AND vulnerable system for it to happen without user interaction.

Telling I got infected despite running Defender is like saying I got raped despite having condoms in my pocket. First, to get raped it is Your fault to get drunk and then pass out near active gay pride. Second, to get Your computer infected it requires equally stupid action from Your input.

Do NOT run any executable on Your computer without verifying it is 1. Legit software, 2. the file checksum or cryptographic signatures is correct.
Do NOT give remote access to computer. Do not use proprietary remote desktop solutions, ever!

Generally it is safe to open links in scam e-mails with fully updated and securely configured system. Just to see them for amusement.
Also it is safe to run malware and unknown software inside isolated virtual machines. Just be aware that software can act differently under virtual environment versus real computer.

The lack of grasp on how things work in this discussion is evident. The hardware security devices will not protect your bitcoins if You run stuff downloaded from internet and have no clue what it does. Fool and his money will inevitably be separated sooner than later. I suggest one of two actions:
1. Hang around internet forums and learn how computers and hacking works in reality
or
2. Since You will lose your money anyway, why not make some benefit out of this fact and send the bitcoins to address in my signature rather than lose them at inappropriate moments to some subhuman scammer.

[jrrsparkles]

What about those phishing emails that you get from a fake coinbase or ledger email and they tell you to click on something or connect to something?  If you click on the link but do not type in your seed, is there still malware on your computer?  Would any virus program like kaspersky total or bitdefender or similar be able to confirm if there is any virus or malware or keylogger?

As long as you don't enter any credentials, your security is not compromised and you need to understand about the internet security to get better picture and the fact is no matter which anti virus you installed and how safe you surf still there are ways that your security can be compromised as long as you are connected to the internet. So keeping bigger amounts in device which connects to internet is always risky.