Jating (OP)
|
|
January 18, 2024, 01:01:34 PM |
|
A known malware, called Phemedrone Stealer is on the circulation right now and trying to take advantage and exploited CVE-2023-36025, the Windows Defender SmartScreen Bypass vulnerability. The targets are cryptocurrency wallets: - Armory
- Atomic
- Bytecoin
- Coinomi
- Jaxx
- Electrum
- Exodus
- Guarda
So the leverage here is that the criminals are going to hosts malicious internet shortcut files on Discord or other cloud services such as FileTransfer.io. And so once we click that shortcut files, it will connect to a controlled server by the hackers and then execute control panel item (.cpl) file. However, Microsoft Windows Defender should warn us about this shortcut url and what it will execute, but attackers also crafted a shortcut URL to evade everything. We've seen a lot of shortcut files recently, and I suggest not to click anything specially from unknown source as we might be the next victims and then this criminals draining our wallets. ( https://www.trendmicro.com/en_us/research/24/a/cve-2023-36025-exploited-for-defense-evasion-in-phemedrone-steal.html)
|
|
|
|
|
Churchillvv
|
|
January 18, 2024, 02:14:37 PM |
|
We've seen a lot of shortcut files recently, and I suggest not to click anything specially from unknown source as we might be the next victims and then this criminals draining our wallets. This is a good warning to keep us at alert but my concern is even with the known shortcut files it hard to dictate the ones that are gonna contain this malware because I have seen alot of known shortcut files that are replaced with punnycodes shortcuts making it look almost exactly the same with the known shortcut files. That's why we are advised to use airgapped devices for storing our crypto assets in order to be safe from all this malware attacks.
|
|
|
|
dkbit98
Legendary
Offline
Activity: 2422
Merit: 7577
|
Same old story about hellish combination between malware and windows os Simple solutions is to stop using windows and switch to open source Linux os (Fedora, Debian, etc), and even MacOS is better than win-nightmare. I never heard a single case of someone getting infected with crap like and lost coins while using linux... just sayin.
|
|
|
|
suzanne5223
|
|
January 18, 2024, 05:06:12 PM |
|
I never heard a single case of someone getting infected with crap like and lost coins while using linux... just sayin.
Maybe but nothing on the internet is ever secure and for the record, every operating system has its own vulnerability. Have you heard about the threat actors linked to Kinsing which exploits the Linux flaw called Looney Tunables that was disclosed last year? The best thing is to extra careful and never click or visit a well-known secure website on links using our operating system.
|
🎁 | ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ . | ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ . 375% | 200 . ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ | ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ . | 🛞 | ☆ | | ☆ | 🛞 | ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ . | ▀▀▀▀▀▀▀▀▀▀ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ . | ▀▀▀▀▀▀▀▀▀▀▀▀ .U P T O . ▄▄▄▄▄▄▄▄▄▄▄▄ | ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ .300€ + 50 . ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ | ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ .F R E E S P I N S . ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ | 🎁 | |
|
|
|
Dave1
|
|
January 18, 2024, 07:31:23 PM |
|
We've seen a lot of shortcut files recently, and I suggest not to click anything specially from unknown source as we might be the next victims and then this criminals draining our wallets. This is a good warning to keep us at alert but my concern is even with the known shortcut files it hard to dictate the ones that are gonna contain this malware because I have seen alot of known shortcut files that are replaced with punnycodes shortcuts making it look almost exactly the same with the known shortcut files. Puny codes is one of the most common attacks being used by cyber criminals. But this is the first time that I have heard that they are now exploiting URL shorteners and then take advantage of a issue on Microsoft Common Vulnerabilities and Exposures (CVE). And I think URL shorteners being a phenomenon now, even is this community I have seen others posting links with this, so now it could at least be ban? That's why we are advised to use airgapped devices for storing our crypto assets in order to be safe from all this malware attacks.
It might be too complicated for average Bitcoin investors though, so maybe the will used other web wallets mentioned in the article. But we need to learn safety hygiene first so that we can avoid this kind of malware attacks.
|
| █▄ | R |
▀▀▀▀▀▀▀██████▄▄ ████████████████ ▀▀▀▀█████▀▀▀█████ ████████▌███▐████ ▄▄▄▄█████▄▄▄█████ ████████████████ ▄▄▄▄▄▄▄██████▀▀ | LLBIT | ▀█ | THE #1 SOLANA CASINO | ████████████▄ ▀▀██████▀▀███ ██▄▄▀▀▄▄█████ █████████████ █████████████ ███▀█████████ ▀▄▄██████████ █████████████ █████████████ █████████████ █████████████ █████████████ ████████████▀ | ████████████▄ ▀▀▀▀▀▀▀██████ █████████████ ▄████████████ ██▄██████████ ████▄████████ █████████████ █░▀▀█████████ ▀▀███████████ █████▄███████ ████▀▄▀██████ ▄▄▄▄▄▄▄██████ ████████████▀ | ........5,000+........ GAMES ......INSTANT...... WITHDRAWALS | ..........HUGE.......... REWARDS ............VIP............ PROGRAM | . PLAY NOW |
|
|
|
The Cryptovator
Legendary
Offline
Activity: 2394
Merit: 2226
Signature space for rent
|
|
January 18, 2024, 07:56:19 PM |
|
Those who are related to cryptocurrency should always be careful when clicking on any links and downloading any apps or software. Everything from the unknown source should be avoided at all costs. Hackers would push malware through links and software to control our devices. I don't often open any files or click on links sent by random people. I am aware of such hacking attempts. Otherwise, we should use hardware wallets to secure our funds. So even our phone or computer-affected funds will be safe.
|
Signature Space for Rent
|
|
|
jossiel
|
|
January 18, 2024, 08:53:13 PM |
|
Those who likes to click random links they see on the groups that they are will be vulnerable to this but if you're someone that don't get along with those links randomly, you're going to be fine.
Do not download as well from unofficial and random sources for the files that you need. They're all taking advantages of it, coming from giveaways, and also I remember the airdrop folks, you're prone to this stealer.
|
|
|
|
Baofeng
Legendary
Offline
Activity: 2786
Merit: 1681
|
|
January 18, 2024, 10:47:52 PM |
|
Same old story about hellish combination between malware and windows os Simple solutions is to stop using windows and switch to open source Linux os (Fedora, Debian, etc), and even MacOS is better than win-nightmare. I never heard a single case of someone getting infected with crap like and lost coins while using linux... just sayin. I think MacOS is more accessible to some users here as compare to some Linux flavors. I switch to MacOS way back 2018 and it was a good decision and investment as well. Although there is some challenges in the beginning if you are used to being a Windows users for many years. For this case, it could be advisable though that we separate things with our cryptos whether pc/laptops for daily used. And have a different machine for lets say for surfing the net and whatever things we like to do except our crypto activities. It might be costly for others, but at least you are safe from this kind of attacks. We always need to think twice being clicking any URL shorteners for sure as a result of this exploits.
|
RAZED | │ | ███████▄▄▄████▄▄▄▄ ████▄███████████████▄ ██▄██████▀▀████▀▀█████▄ ░▄███████████▄█▌████████▄ ▄█████████▄████▌█████████▄ ██████████▀███████▄███████▄ ██████████████▐█▄█▀████████ ▀████████████▌▐█▀██████████ ░▀███████████▌▀████████████ ██▀███████▄▄▄█████▄▄██████ █████████████████████████ █████▀█████████████████▀ ███████████████████████ | ▄▄███████▄▄ ▄███████████████▄ ▄███████████████████▄ ▄█████████████████████▄ ▄███████████████████████▄ █████████████████████████ █████████████████████████ █████████████████████████ ▀███████████████████████▀ ▀█████████████████████▀ ▀███████████████████▀ ▀███████████████▀ ███████████████████ | RAZED ORIGINALS SLOTS & LIVE CASINO SPORTSBOOK | | | NO KYC | | │ | RAZE THE LIMITS ►PLAY NOW |
|
|
|
nakamura12
|
|
January 18, 2024, 10:57:19 PM |
|
Same old story about hellish combination between malware and windows os Simple solutions is to stop using windows and switch to open source Linux os (Fedora, Debian, etc), and even MacOS is better than win-nightmare. I never heard a single case of someone getting infected with crap like and lost coins while using linux... just sayin. Windows indeed have a lot of problems but if that's the case then I wouldn't have used my wallet or even install a wallet in a device that is used daily or more than once a week and have to buy another device for transaction purpose only. Prevention is better than doing nothing at all or becoming a victim first especially those who downloaded softwares in an unknown source. Safety is a must if we are in crypto even for person may be an average investor or not.
|
|
|
|
tabas
|
|
January 18, 2024, 11:43:56 PM |
|
I think MacOS is more accessible to some users here as compare to some Linux flavors. I switch to MacOS way back 2018 and it was a good decision and investment as well. Although there is some challenges in the beginning if you are used to being a Windows users for many years.
I've been using windows for so long and planning to do some upgrades and about to get into MacOS soon. And that's one reason of it, the attacks that have been happening there is rarely heard but that's my scare on how I'll adopt the surface and new theme of it but I'll get there and deal with it once I already own one. For this case, it could be advisable though that we separate things with our cryptos whether pc/laptops for daily used. And have a different machine for lets say for surfing the net and whatever things we like to do except our crypto activities. It might be costly for others, but at least you are safe from this kind of attacks. We always need to think twice being clicking any URL shorteners for sure as a result of this exploits.
Yeah, that's one cons of it that it's going to be costly. So to those that have this problem that they can't have additional or extra devices/laptops/PCs, you'll have to be more careful and start with yourself of getting educated on how you're going to avoid these link attackers, malware, etc. Just don't be a random guy that's too curious in knowing what's the link behind those shortcut URL links and a good suggestion about checking them through shortlink checkers.
|
|
|
|
dzungmobile
Sr. Member
Offline
Activity: 896
Merit: 453
Playbet.io - Crypto Casino and Sportsbook
|
|
January 19, 2024, 02:22:56 AM |
|
We can use another tip to detect full url from shortened url by adding +1 at the end of a shortened url (applicable for most types of shortened url) or Preview at beginning of tinyurl links. Shortened URL SecurityBefore You Click, Reveal Full URLsUse the shortening service preview feature. Type the shortened URL in the address bar of your web browser and add the characters described below to see a preview of the full URL: - tinyurl.com. Between the "http://" and the "tinyurl," type preview.
- bit.ly. At the end of the URL, type a +.
- goo.gl. At the end of the URL, type a +.
|
|
|
|
Jating (OP)
|
|
January 19, 2024, 02:33:30 AM |
|
Same old story about hellish combination between malware and windows os Simple solutions is to stop using windows and switch to open source Linux os (Fedora, Debian, etc), and even MacOS is better than win-nightmare. I never heard a single case of someone getting infected with crap like and lost coins while using linux... just sayin. I myself uses MacOS, but there were times I will switch to Windows operating system. And I tip of my hats to those who uses Linux OS like the one mentioned, I haven't try it though, but I have experienced using Unix OS way before when I was still working and I love the ease of use of it. But it's not for everyone. Good list to look at URL shortener links as they could be used by attackers as well.
|
|
|
|
lovesmayfamilis
Legendary
Offline
Activity: 2282
Merit: 4543
✿♥‿♥✿
|
|
January 19, 2024, 04:27:58 AM |
|
I think MacOS is more accessible to some users here as compare to some Linux flavors.
There are several Linux distributions with an interface similar to Windows. You just need to try it, and you will see how convenient Linux systems are to use. Yes, everyone thinks that working with Linux requires knowledge of the command line, but developers create it so simply that some systems work right out of the box. It’s safe to say that anyone who has figured it out and understood all the advantages of Linux systems will return to Windows just for the sake of toys. For everything else, Windows is a bad system. Try installing these systems on VirtualBox for practice and analysis. https://zorin.com/os/https://www.linuxfx.org/https://linuxmint.com/
|
|
|
|
Luffygroove
Member
Offline
Activity: 966
Merit: 25
Ton Together | Save Smart & Win Big
|
|
January 19, 2024, 04:31:57 AM |
|
I'm truly appreciative of those who generously share their knowledge, preventing others from falling into traps. This information is invaluable. Given the constant growth in technology, there's a parallel rise in methods used by ill-intentioned individuals to steal money. Keeping up with daily tech news can be cumbersome, but stumbling upon these crucial insights while engaging in forums simplifies the process. It's like discovering vital knowledge naturally amidst meaningful discussions. In a world where technology evolves every day, being part of such forums not only fosters community but also ensures we stay informed about emerging threats without the need for intentional searches.
|
|
|
|
TravelMug
|
|
January 19, 2024, 09:09:06 PM |
|
I think MacOS is more accessible to some users here as compare to some Linux flavors. I switch to MacOS way back 2018 and it was a good decision and investment as well. Although there is some challenges in the beginning if you are used to being a Windows users for many years.
I've been using windows for so long and planning to do some upgrades and about to get into MacOS soon. And that's one reason of it, the attacks that have been happening there is rarely heard but that's my scare on how I'll adopt the surface and new theme of it but I'll get there and deal with it once I already own one. For this case, it could be advisable though that we separate things with our cryptos whether pc/laptops for daily used. And have a different machine for lets say for surfing the net and whatever things we like to do except our crypto activities. It might be costly for others, but at least you are safe from this kind of attacks. We always need to think twice being clicking any URL shorteners for sure as a result of this exploits.
Yeah, that's one cons of it that it's going to be costly. So to those that have this problem that they can't have additional or extra devices/laptops/PCs, you'll have to be more careful and start with yourself of getting educated on how you're going to avoid these link attackers, malware, etc. Just don't be a random guy that's too curious in knowing what's the link behind those shortcut URL links and a good suggestion about checking them through shortlink checkers. Laptop though are getting cheaper, maybe if we can get a second hand and then we do all the thing like formatting and reinstalling everything, if might do good for us in the long run. But this shorteners though, they are now exposed as a big problem because we really don't know the content of the links until it's too late. So it's not wise to just click on them even if the source is someone that we can trust as we don't know if they've been hack or something and then hackers using their account to spread the malware to anyone. So prevention is the key here and obviously we should learn this very tips or revisit threads from time to time, sort of refresher on security.
|
| █▄ | R |
▀▀▀▀▀▀▀██████▄▄ ████████████████ ▀▀▀▀█████▀▀▀█████ ████████▌███▐████ ▄▄▄▄█████▄▄▄█████ ████████████████ ▄▄▄▄▄▄▄██████▀▀ | LLBIT | ▀█ | THE #1 SOLANA CASINO | ████████████▄ ▀▀██████▀▀███ ██▄▄▀▀▄▄█████ █████████████ █████████████ ███▀█████████ ▀▄▄██████████ █████████████ █████████████ █████████████ █████████████ █████████████ ████████████▀ | ████████████▄ ▀▀▀▀▀▀▀██████ █████████████ ▄████████████ ██▄██████████ ████▄████████ █████████████ █░▀▀█████████ ▀▀███████████ █████▄███████ ████▀▄▀██████ ▄▄▄▄▄▄▄██████ ████████████▀ | ........5,000+........ GAMES ......INSTANT...... WITHDRAWALS | ..........HUGE.......... REWARDS ............VIP............ PROGRAM | . PLAY NOW |
|
|
|
Sandra_hakeem
|
|
January 19, 2024, 09:48:11 PM |
|
As long as these fraudsters ain't quitting their act just yet, do well to secure your funds by avoiding any form of hostage, promotional/invitational links, shortcut links etc.. I can see they ain't relinquishing; why? Cus some dummies still fall for their trick and get drained...how would they keep being innovative if this ain't paying them at the end?? So in all, information is KEY... I like the fact that you made this clear to everyone.
I'll also add that - most people would always wanna avoid this ill-omen.. nobody wants to get robbed off their cash, but some lack technical knowledge and that's Thier(hacker's) bypass.. cus for everytime you mess up, you get hit
Sandra 🧑🦰
|
..Stake.com.. | | | ▄████████████████████████████████████▄ ██ ▄▄▄▄▄▄▄▄▄▄ ▄▄▄▄▄▄▄▄▄▄ ██ ▄████▄ ██ ▀▀▀▀▀▀▀▀▀▀ ██████████ ▀▀▀▀▀▀▀▀▀▀ ██ ██████ ██ ██████████ ██ ██ ██████████ ██ ▀██▀ ██ ██ ██ ██████ ██ ██ ██ ██ ██ ██ ██████ ██ █████ ███ ██████ ██ ████▄ ██ ██ █████ ███ ████ ████ █████ ███ ████████ ██ ████ ████ ██████████ ████ ████ ████▀ ██ ██████████ ▄▄▄▄▄▄▄▄▄▄ ██████████ ██ ██ ▀▀▀▀▀▀▀▀▀▀ ██ ▀█████████▀ ▄████████████▄ ▀█████████▀ ▄▄▄▄▄▄▄▄▄▄▄▄███ ██ ██ ███▄▄▄▄▄▄▄▄▄▄▄▄ ██████████████████████████████████████████ | | | | | | ▄▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄ █ ▄▀▄ █▀▀█▀▄▄ █ █▀█ █ ▐ ▐▌ █ ▄██▄ █ ▌ █ █ ▄██████▄ █ ▌ ▐▌ █ ██████████ █ ▐ █ █ ▐██████████▌ █ ▐ ▐▌ █ ▀▀██████▀▀ █ ▌ █ █ ▄▄▄██▄▄▄ █ ▌▐▌ █ █▐ █ █ █▐▐▌ █ █▐█ ▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀█ | | | | | | ▄▄█████████▄▄ ▄██▀▀▀▀█████▀▀▀▀██▄ ▄█▀ ▐█▌ ▀█▄ ██ ▐█▌ ██ ████▄ ▄█████▄ ▄████ ████████▄███████████▄████████ ███▀ █████████████ ▀███ ██ ███████████ ██ ▀█▄ █████████ ▄█▀ ▀█▄ ▄██▀▀▀▀▀▀▀██▄ ▄▄▄█▀ ▀███████ ███████▀ ▀█████▄ ▄█████▀ ▀▀▀███▄▄▄███▀▀▀ | | | ..PLAY NOW.. |
|
|
|
PrivacyG
Legendary
Offline
Activity: 980
Merit: 2004
Crypto Swap Exchange
|
|
January 19, 2024, 10:50:55 PM |
|
Be aware of links you click on Bitcoin Talk too. Make sure you hover your mouse over the link and check if it truly leads to the link it should. You can easily be attacked by a very simple trick. www.bitcointalk.org will direct you to Evil Google instead of Bitcoin Talk. It is a very basic BB Code any body can use. How this may affect you, you ask? One such possibility is the one described by OP. Another possibility is you can be redirected to fake websites where you can input real information. The information then goes in the wrong hands and you will ultimately become a victim. On a side note. Is Coinomi not a mobile only Wallet? How is it affected by this virus?
|
|
|
|
Baofeng
Legendary
Offline
Activity: 2786
Merit: 1681
|
|
January 19, 2024, 11:23:13 PM |
|
On a side note. Is Coinomi not a mobile only Wallet? How is it affected by this virus?
No Coinomi has a desktop version too, https://www.coinomi.com/en/But I do agree, everything right now is being abused by this cyber groups, Clicking on this links without us knowing what is really inside is very dangerous as they can stuff it with legitimate looking websites but it could be that those are fake and just trying to trick us by either entering our info or in this case, downloading malware on your computer.
|
RAZED | │ | ███████▄▄▄████▄▄▄▄ ████▄███████████████▄ ██▄██████▀▀████▀▀█████▄ ░▄███████████▄█▌████████▄ ▄█████████▄████▌█████████▄ ██████████▀███████▄███████▄ ██████████████▐█▄█▀████████ ▀████████████▌▐█▀██████████ ░▀███████████▌▀████████████ ██▀███████▄▄▄█████▄▄██████ █████████████████████████ █████▀█████████████████▀ ███████████████████████ | ▄▄███████▄▄ ▄███████████████▄ ▄███████████████████▄ ▄█████████████████████▄ ▄███████████████████████▄ █████████████████████████ █████████████████████████ █████████████████████████ ▀███████████████████████▀ ▀█████████████████████▀ ▀███████████████████▀ ▀███████████████▀ ███████████████████ | RAZED ORIGINALS SLOTS & LIVE CASINO SPORTSBOOK | | | NO KYC | | │ | RAZE THE LIMITS ►PLAY NOW |
|
|
|
tabas
|
|
January 20, 2024, 12:49:02 PM |
|
~snip~
Laptop though are getting cheaper, maybe if we can get a second hand and then we do all the thing like formatting and reinstalling everything, if might do good for us in the long run. If you don't really have a budge to get a brand new one, then that's it if you are in need to own a laptop through second hand. But I'd say that don't settle for it when you're going to use it for your wallets. It's much better that you still save for a brand new. But this shorteners though, they are now exposed as a big problem because we really don't know the content of the links until it's too late. So it's not wise to just click on them even if the source is someone that we can trust as we don't know if they've been hack or something and then hackers using their account to spread the malware to anyone. So prevention is the key here and obviously we should learn this very tips or revisit threads from time to time, sort of refresher on security.
That's why there are short link checkers and that's what we can do to check on the contents of it or what actually the link is all about. There have been links dropped already on how to check one. I agree that it's still prevention that's better than containing it because you'll never know if someone has dealt with these before or it's gonna be for the first time. Be aware of links you click on Bitcoin Talk too. Make sure you hover your mouse over the link and check if it truly leads to the link it should.
I agree, especially if there are topics that are posted by other members that aren't reputable. The tendecy of them posting some unknown links and if you're too curious to check it quickly without checking, you might fall for the trap.
|
|
|
|
|