Bitcoin Forum
November 02, 2024, 10:25:38 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Bunny Loader ver 3.0 - most crypto wallets are being targeted  (Read 167 times)
cryptomaniac_xxx (OP)
Hero Member
*****
Offline Offline

Activity: 1680
Merit: 601


DGbet.fun - Crypto Sportsbook


View Profile
March 22, 2024, 11:50:47 AM
Merited by DdmrDdmr (4), kotajikikox (2)
 #1

According the latest report author behind Bunny Loader, has released it version 3.0, as it is more compact that ever and has the capability to again be in stealth mode and hard to detect. And it developed more sophisticated information stealer malware that includes cryptocurrencies.

As a keylogger, records all keystrokes, identify when the victim authenticates to sensitive applications or services.

And as a clipper module, targets the following cryptocurrencies address:





For credit cards, here is the list of the targets,



https://unit42.paloaltonetworks.com/analysis-of-bunnyloader-malware/

So we all know how this are being spread,

- emails riddled with malwares
- fake software downloads
- fake messages flushing in your computer like "you have been infected" and you need to click a link.

Lucius
Legendary
*
Offline Offline

Activity: 3416
Merit: 6135


Crypto Swap Exchange🈺


View Profile WWW
March 22, 2024, 12:18:03 PM
 #2

~snip~
So we all know how this are being spread,
- emails riddled with malwares
- fake software downloads
- fake messages flushing in your computer like "you have been infected" and you need to click a link.


Given that we know how it spreads, we just need to adhere to basic online hygiene and the chances of getting infected with this or any other malware/virus are minimal. If we also have a good (paid) antivirus program installed, then we have another level of protection in case our attention slips for a moment and we click on something we shouldn't have.

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
un_rank
Hero Member
*****
Offline Offline

Activity: 896
Merit: 855


- Jay -


View Profile WWW
March 22, 2024, 12:44:06 PM
 #3

So we all know how this are being spread,

- emails riddled with malwares
- fake software downloads
- fake messages flushing in your computer like "you have been infected" and you need to click a link.
If you are receiving emails riddles with malwares, you already did something wrong which exposed your personal information to scammers. Ditch that email address and get a new professional one you can keep in the device you hold your funds, or use a hardware wallet.

Follow other advice like downloading only from the original websites and when that app is absolutely necessary, then get a good ad blocker to block malicious notifications.

- Jay -

██
██
██
██
██
██
██
██
██
██
██
██
██
... LIVECASINO.io    Play Live Games with up to 20% cashback!...██
██
██
██
██
██
██
██
██
██
██
██
██
Husires
Legendary
*
Offline Offline

Activity: 1596
Merit: 1288


View Profile WWW
March 22, 2024, 01:04:32 PM
 #4

Keylogger is considered more dangerous than just a virus that attacks specific services, but it collects more data about you, which may lead to privacy problems or knowing details about you and using them in a social attack.
It is best to enter sensitive data using the onscreen keyboard and be very careful when downloading applications or making a separate computer for cryptocurrencies and sensitive data.
promise444c5
Sr. Member
****
Offline Offline

Activity: 462
Merit: 293


Learning never stops!


View Profile
March 22, 2024, 03:17:48 PM
 #5

Keylogger is considered more dangerous than just a virus that attacks specific services, but it collects more data about you, which may lead to privacy problems or knowing details about you and using them in a social attack.
It is best to enter sensitive data using the onscreen keyboard and be very careful when downloading applications or making a separate computer for cryptocurrencies and sensitive data.
Does using an onscreen keyboard prevent the data from getting  popped up onscreen incase of keyboard  malwares?? Or we could just  stop the keyboard from popping



██
██
██████
R


▀▀██████▄▄
████████████████
▀█████▀▀▀█████
████████▌███▐████
▄█████▄▄▄█████
████████████████
▄▄██████▀▀
LLBIT
██████
██
██
██████
██
██
██
██
██
██
██
██
██
██
██
██████
██████████████
 
 TH#1 SOLANA CASINO 
██████████████
██████
██
██
██
██
██
██
██
██
██
██
██
██████
████████████▄
▀▀██████▀▀███
██▄▄▀▀▄▄████
████████████
██████████
███▀████████
▄▄█████████
████████████
████████████
████████████
████████████
█████████████
████████████▀
████████████▄
▀▀▀▀▀▀▀██████
████████████
███████████
██▄█████████
████▄███████
████████████
█░▀▀████████
▀▀██████████
█████▄█████
████▀▄▀████
▄▄▄▄▄▄▄██████
████████████▀
[
[
5,000+
GAMES
INSTANT
WITHDRAWALS
][
][
HUGE
   REWARDS   
VIP
PROGRAM
]
]
████
██
██
██
██
██
██
██
██
██
██
██
████
████████████████████████████████████████████████
 
PLAY NOW
 

████████████████████████████████████████████████
████
██
██
██
██
██
██
██
██
██
██
██
████
DdmrDdmr
Legendary
*
Offline Offline

Activity: 2478
Merit: 11045


There are lies, damned lies and statistics. MTwain


View Profile WWW
March 22, 2024, 07:08:53 PM
 #6

<…>
I figure you’re referring to a virtual keyboard, which I believe should prove to be safer than a physical keyboard for the most. After all, keyloggers log keystrokes and a virtual keyboard will act based on mouse-click inputs. Nevertheless, malware can get more sophisticated in some instances, and not only log what you type, but also record your actions on screen.

On the other hand, there have been cases of virtual keyboards that were actually trapping all user data and relaying the info to a backend for devious usage.

Note: There may even be some malware (my speculation here) capable of determining the virtual keyboard being used, the screen/window size, and therefore perhaps being able to map mouse-click position to specific keys.
sokani
Sr. Member
****
Offline Offline

Activity: 672
Merit: 441


View Profile WWW
March 22, 2024, 07:25:47 PM
 #7

Does using an onscreen keyboard prevent the data from getting  popped up onscreen incase of keyboard  malwares?? Or we could just  stop the keyboard from popping

The keylogger malware targets your keystroke. It takes record of the data typed on the keyboard and forwards it to the hacker. However, when you use the virtual keyboard (touchscreens and mouse), Keyloggers cannot monitor or take record of your keystrokes because no keys are pressed physically. So the virtual keyboard helps to prevent sensitive data like password, seed phrase, credit card number from being recorded by a keylogger.
Kemarit
Legendary
*
Offline Offline

Activity: 3262
Merit: 1386


View Profile
March 22, 2024, 10:27:18 PM
 #8

Does using an onscreen keyboard prevent the data from getting  popped up onscreen incase of keyboard  malwares?? Or we could just  stop the keyboard from popping

The keylogger malware targets your keystroke. It takes record of the data typed on the keyboard and forwards it to the hacker. However, when you use the virtual keyboard (touchscreens and mouse), Keyloggers cannot monitor or take record of your keystrokes because no keys are pressed physically. So the virtual keyboard helps to prevent sensitive data like password, seed phrase, credit card number from being recorded by a keylogger.

Yes, for now it will be safe, but who knows, this hackers are evolving as well, and they could developed a new version much more powerful than the current one to have the capability to track everything, even virtual keyboard.

So it's not safe to assume here, we still have to do our due diligent specially on the laptops or personal computer that we used. I switch to Linux Mint years ago and up to know if I have to deal with my crypto, it's the OS that I used.
promise444c5
Sr. Member
****
Offline Offline

Activity: 462
Merit: 293


Learning never stops!


View Profile
March 23, 2024, 06:37:56 AM
 #9


Note: There may even be some malware (my speculation here) capable of determining the virtual keyboard being used, the screen/window size, and therefore perhaps being able to map mouse-click position to specific keys.
Yeah exactly and this is also used in mobiles as keyboard taps could be mapped .
I think there should be   some virtual keyboard that's  could be rearranged eveytime you feel like rearranging  the keys to confuse maps I think.....
Generally,  mallware sucks Tongue



██
██
██████
R


▀▀██████▄▄
████████████████
▀█████▀▀▀█████
████████▌███▐████
▄█████▄▄▄█████
████████████████
▄▄██████▀▀
LLBIT
██████
██
██
██████
██
██
██
██
██
██
██
██
██
██
██
██████
██████████████
 
 TH#1 SOLANA CASINO 
██████████████
██████
██
██
██
██
██
██
██
██
██
██
██
██████
████████████▄
▀▀██████▀▀███
██▄▄▀▀▄▄████
████████████
██████████
███▀████████
▄▄█████████
████████████
████████████
████████████
████████████
█████████████
████████████▀
████████████▄
▀▀▀▀▀▀▀██████
████████████
███████████
██▄█████████
████▄███████
████████████
█░▀▀████████
▀▀██████████
█████▄█████
████▀▄▀████
▄▄▄▄▄▄▄██████
████████████▀
[
[
5,000+
GAMES
INSTANT
WITHDRAWALS
][
][
HUGE
   REWARDS   
VIP
PROGRAM
]
]
████
██
██
██
██
██
██
██
██
██
██
██
████
████████████████████████████████████████████████
 
PLAY NOW
 

████████████████████████████████████████████████
████
██
██
██
██
██
██
██
██
██
██
██
████
Outhue
Hero Member
*****
Offline Offline

Activity: 1008
Merit: 500


Playbet.io - Crypto Casino and Sportsbook


View Profile WWW
March 23, 2024, 06:53:03 AM
 #10

So we all know how this are being spread,

- emails riddled with malwares
- fake software downloads
- fake messages flushing in your computer like "you have been infected" and you need to click a link.
If you are receiving emails riddles with malwares, you already did something wrong which exposed your personal information to scammers. Ditch that email address and get a new professional one you can keep in the device you hold your funds, or use a hardware wallet.

Follow other advice like downloading only from the original websites and when that app is absolutely necessary, then get a good ad blocker to block malicious notifications.

- Jay -
How many times can on keep doing this? It doesn't take a thing to form any email address and send malicious code into the inbox, its like how those scammers get a hand on every ETH address that is ever created, because once you do a transaction on the blockchain your address is already online, its like this with email address too, there are specific software that scammers use to gather email addresses and they are powerful tools, enough to grab your address from which ever company its from.

I for once saw a tool, I can't remember its actual name again but it has something like Gmail Finder 2.0 or something, it was in 2012 a very long time ago, this tool is specifically for Google Mail address finding only, at that moment I new there is no point create an email to avoid scammers.

Since then I have gotten used to open any email that I am expecting, even if its in the right inbox and not spam inbox I won't open it if I am not expecting such an email, windows OS has the biggest users in the world, scammers target computers more than any other hardware, this is why I don't use anything crypto on my PC than for trading and watching YouTube videos.

███████████████
█████████████████████
██████▄▄███████████████
██████▐████▄▄████████████
██████▐██▀▀▀██▄▄█████████
████████▌█████▀██▄▄██████
██████████████████▌█████
█████████████▀▄██▀▀██████
██████▐██▄▄█▌███████████
██████▐████▀█████████████
██████▀▀███████████████
█████████████████████
███████████████

.... ..Playbet.io..Casino & Sportsbook.....Grab up to  BTC + 800 Free Spins........
████████████████████████████████████████
██████████████████████████████████████████████
██████▄▄████████████████████████████████████████
██████▐████▄▄█████████████████████████████████████
██████▐██▀▀▀██▄▄██████████████████████████████████
████████▌█████▀██▄▄█████▄███▄███▄███▄█████████████
██████████████████▌████▀░░██▌██▄▄▄██████████████
█████████████▀▄██▀▀█████▄░░██▌██▄░░▄▄████▄███████
██████▐██▄▄█▌██████████▀███▀███▀███▀███▀█████████
██████▐████▀██████████████████████████████████████
██████▀▀████████████████████████████████████████
██████████████████████████████████████████████
████████████████████████████████████████
un_rank
Hero Member
*****
Offline Offline

Activity: 896
Merit: 855


- Jay -


View Profile WWW
March 23, 2024, 07:26:05 AM
 #11

...
Situations like these are not as common as you are making it out to be. There are tens of millions of email addresses across the different mail service providers. Scammers do not have easy access to emails, unlike wallet addresses, except when there is a major leak. And even with such a leak, they will have no clue who uses crypto and will be operating blindly.

The major way they will get your email address is when you sign up for airdrops, send them to different new token projects, register on too many untrusted platforms, etc. Scammers can buy this list of email addresses and are aware their users are into crypto.

- Jay -

██
██
██
██
██
██
██
██
██
██
██
██
██
... LIVECASINO.io    Play Live Games with up to 20% cashback!...██
██
██
██
██
██
██
██
██
██
██
██
██
lovesmayfamilis
Legendary
*
Offline Offline

Activity: 2268
Merit: 4532


✿♥‿♥✿


View Profile
March 23, 2024, 02:01:11 PM
 #12

Who most often becomes a victim of such clippers? And now is precisely the time when these software programs will be successful, in the bad sense of the word. Bounty hunters, fans of those companies that require you to enter your email, fans of giveaways, are ready to give up their documents and reveal their identity for a few cents, not realizing that all their data will either be sold or simply leaked onto the network.
Everything stems from computer security illiteracy. Therefore, regular viewing of news sites that highlight new inventions by scammers will be a good way to stay unharmed.

▄▄███████▄▄
▄██████████████▄
▄██████████████████▄
▄████▀▀▀▀███▀▀▀▀█████▄
▄█████████████▄█▀████▄
███████████▄███████████
██████████▄█▀███████████
██████████▀████████████
▀█████▄█▀█████████████▀
▀████▄▄▄▄███▄▄▄▄████▀
▀██████████████████▀
▀███████████████▀
▀▀███████▀▀
.
 MΞTAWIN  THE FIRST WEB3 CASINO   
.
.. PLAY NOW ..
Kristiyana
Member
**
Offline Offline

Activity: 252
Merit: 36


View Profile
March 23, 2024, 03:50:40 PM
 #13

...
Situations like these are not as common as you are making it out to be. There are tens of millions of email addresses across the different mail service providers. Scammers do not have easy access to emails, unlike wallet addresses, except when there is a major leak. And even with such a leak, they will have no clue who uses crypto and will be operating blindly.

The major way they will get your email address is when you sign up for airdrops, send them to different new token projects, register on too many untrusted platforms, etc. Scammers can buy this list of email addresses and are aware their users are into crypto.

- Jay -

Well Said, scammers gain access to ones email through most of this untrusted platform, that is why as an Investor who is deep into cryptocurrency you need to be mindful with the kind of project you participate,so as to avoid scammers not to gain access to your wallet. However there are some platform that requires your email address even most of this newly launch project that pretends to offer free airdrop to their users, most of those project are scam.scammers are capable of doing all sort of things just to look for a victim,but we need to be extremely careful with the online platform that we put our email address, we are in a modernize world.

Odusko
Hero Member
*****
Offline Offline

Activity: 1078
Merit: 523


Leading Crypto Sports Betting & Casino Platform


View Profile WWW
March 23, 2024, 04:29:08 PM
 #14

If you don't click or download virus infected applications and subscribe to such service which will exposed your details and sensitive data's to such attackers, lately I have been mindful of the kind of keyboard apps that I use and most times I prefer to use to follow come keyboard that comes with my device instead of using the other third party keyboard that put me at risk while using them, many of them will steal the information that we type on them, so being highly accurate with our security will help us alot so as to remain safe in the online communities.
Virus have always been there and have lead's to alot of loses from time to time leaving us with preventive measures being the only tool that we have to stay ahead of such attacks, many times we have seen a more worst virus which comes in form of clipboard malware which change address you copy to scammer own address, such is a cryptocurrency targeted virus.

..Stake.com..   ▄████████████████████████████████████▄
   ██ ▄▄▄▄▄▄▄▄▄▄            ▄▄▄▄▄▄▄▄▄▄ ██  ▄████▄
   ██ ▀▀▀▀▀▀▀▀▀▀ ██████████ ▀▀▀▀▀▀▀▀▀▀ ██  ██████
   ██ ██████████ ██      ██ ██████████ ██   ▀██▀
   ██ ██      ██ ██████  ██ ██      ██ ██    ██
   ██ ██████  ██ █████  ███ ██████  ██ ████▄ ██
   ██ █████  ███ ████  ████ █████  ███ ████████
   ██ ████  ████ ██████████ ████  ████ ████▀
   ██ ██████████ ▄▄▄▄▄▄▄▄▄▄ ██████████ ██
   ██            ▀▀▀▀▀▀▀▀▀▀            ██ 
   ▀█████████▀ ▄████████████▄ ▀█████████▀
  ▄▄▄▄▄▄▄▄▄▄▄▄███  ██  ██  ███▄▄▄▄▄▄▄▄▄▄▄▄
 ██████████████████████████████████████████
▄▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄
█  ▄▀▄             █▀▀█▀▄▄
█  █▀█             █  ▐  ▐▌
█       ▄██▄       █  ▌  █
█     ▄██████▄     █  ▌ ▐▌
█    ██████████    █ ▐  █
█   ▐██████████▌   █ ▐ ▐▌
█    ▀▀██████▀▀    █ ▌ █
█     ▄▄▄██▄▄▄     █ ▌▐▌
█                  █▐ █
█                  █▐▐▌
█                  █▐█
▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀█
▄▄█████████▄▄
▄██▀▀▀▀█████▀▀▀▀██▄
▄█▀       ▐█▌       ▀█▄
██         ▐█▌         ██
████▄     ▄█████▄     ▄████
████████▄███████████▄████████
███▀    █████████████    ▀███
██       ███████████       ██
▀█▄       █████████       ▄█▀
▀█▄    ▄██▀▀▀▀▀▀▀██▄  ▄▄▄█▀
▀███████         ███████▀
▀█████▄       ▄█████▀
▀▀▀███▄▄▄███▀▀▀
..PLAY NOW..
un_rank
Hero Member
*****
Offline Offline

Activity: 896
Merit: 855


- Jay -


View Profile WWW
March 24, 2024, 07:33:22 AM
 #15

However there are some platform that requires your email address even most of this newly launch project that pretends to offer free airdrop to their users...
You can simply submit a throwaway email address which you would not use for any other thing after that. There are email services which help with this for when you want to open accounts like that. Never submit your professional email address.

- Jay -

██
██
██
██
██
██
██
██
██
██
██
██
██
... LIVECASINO.io    Play Live Games with up to 20% cashback!...██
██
██
██
██
██
██
██
██
██
██
██
██
Husires
Legendary
*
Offline Offline

Activity: 1596
Merit: 1288


View Profile WWW
March 24, 2024, 09:56:03 AM
 #16


Note: There may even be some malware (my speculation here) capable of determining the virtual keyboard being used, the screen/window size, and therefore perhaps being able to map mouse-click position to specific keys.
Yeah exactly and this is also used in mobiles as keyboard taps could be mapped .
I think there should be   some virtual keyboard that's  could be rearranged eveytime you feel like rearranging  the keys to confuse maps I think.....
Generally,  mallware sucks Tongue
If hackers can access and record screen data, then this is a complete failure of the system and closer to taking remote control of your phone or PC. Here, hackers can do anything just like admin account, but if we assume that malware was able to obtain such permissions, then detecting it will be easier, as recording and broadcasting the screen requires more data compared to Keylogger.

Some recent versions of virtual keyboard come with features such as data encryption, KeyShield protects from keystroke logging, screen logging, clipboard logging...etc.
Text
Hero Member
*****
Online Online

Activity: 2548
Merit: 604



View Profile
March 24, 2024, 10:33:05 AM
 #17

Sometimes I think that having an updated antivirus isn't enough, others say the same especially if there's a new virus or malware that security software can't detect. That's why we should always stay vigilant and adopt best practices for cybersecurity. Many fall victim easily to emails, especially those unaware of creators mimicking originals. That's why I avoid subscribing to newsletters and refrain from opening emails, especially if unexpected.

tabas
Hero Member
*****
Offline Offline

Activity: 3178
Merit: 770


Top Crypto Casino


View Profile
March 24, 2024, 10:37:01 AM
 #18


Note: There may even be some malware (my speculation here) capable of determining the virtual keyboard being used, the screen/window size, and therefore perhaps being able to map mouse-click position to specific keys.
Yeah exactly and this is also used in mobiles as keyboard taps could be mapped .
I think there should be   some virtual keyboard that's  could be rearranged eveytime you feel like rearranging  the keys to confuse maps I think.....
Generally,  mallware sucks Tongue
That's certainly possible, these hackers are wise and they have for sure concluded that and one example is what you've said about the touchscreens/touchpads through mobile or smartphones. And in that sense, it can be possibly apply to the PC users and will just have to detect those mouse clicks and if the user is detected using a virtual keyboard. You'll never know if they have upgraded and became more dangerous this time but truly they sucks and that's why the protection starts from us and how we use our devices and the internet.

███████████████████████
████▐██▄█████████████████
████▐██████▄▄▄███████████
████▐████▄█████▄▄████████
████▐█████▀▀▀▀▀███▄██████
████▐███▀████████████████
████▐█████████▄█████▌████
████▐██▌█████▀██████▌████
████▐██████████▀████▌████
█████▀███▄█████▄███▀█████
███████▀█████████▀███████
██████████▀███▀██████████

███████████████████████
.
BC.GAME
▄▄▀▀▀▀▀▀▀▄▄
▄▀▀░▄██▀░▀██▄░▀▀▄
▄▀░▐▀▄░▀░░▀░░▀░▄▀▌░▀▄
▄▀▄█▐░▀▄▀▀▀▀▀▄▀░▌█▄▀▄
▄▀░▀░░█░▄███████▄░█░░▀░▀▄
█░█░▀░█████████████░▀░█░█
█░██░▀█▀▀█▄▄█▀▀█▀░██░█
█░█▀██░█▀▀██▀▀█░██▀█░█
▀▄▀██░░░▀▀▄▌▐▄▀▀░░░██▀▄▀
▀▄▀██░░▄░▀▄█▄▀░▄░░██▀▄▀
▀▄░▀█░▄▄▄░▀░▄▄▄░█▀░▄▀
▀▄▄▀▀███▄███▀▀▄▄▀
██████▄▄▄▄▄▄▄██████
.
..CASINO....SPORTS....RACING..


▄▄████▄▄
▄███▀▀███▄
██████████
▀███▄░▄██▀
▄▄████▄▄░▀█▀▄██▀▄▄████▄▄
▄███▀▀▀████▄▄██▀▄███▀▀███▄
███████▄▄▀▀████▄▄▀▀███████
▀███▄▄███▀░░░▀▀████▄▄▄███▀
▀▀████▀▀████████▀▀████▀▀
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!