Malware that can steal all your cryptos and how to avoid it

The blockchain is safe and unhackable, they say. Our cryptoassets are inside there, so, we feel so confident with our funds… because they’re totally fine, with top-of-the-line security, right? Well, the answer to that one would be yes and no at the same time.

Yes, because someone would need a non-yet-in-existence quantum computer to break a powerful blockchain; and no because the risk factors go beyond that, unfortunately. The thing is: a human always can be lured and tricked. The people themselves are the Achilles heel in cybersecurity, and no one is exempt from suffering a cyberattack.

That’s why we should be very aware of the bad possibilities and malware to avoid at all costs. Prevent before cure, so, meet here the malware that can steal all your cryptos and how to take care of it.

Ransomware

Image by mohamed Hassan / Pixabay

At the dawn of its popularity, there in 2013, the most affected for this were personal devices, and the ransom asked for them were 100–300 USD in Bitcoin (BTC). The hackers even used to deliver instructions for use the cryptocurrency.

To date, there are a lot of types and it has evolved into a billionaire industry in which the most affected are companies and not personal users. The ransom for them now can amount to million dollars in Bitcoin, Monero (XMR), Zcash (ZEC), and other cryptoassets.

How do you get infected?

  • Unofficial downloads from external websites or P2P software (like BitTorrent).
  • Exploits in non-updated operative systems (OS), i.e. Windows XP or old versions of firmware in IoT devices (remember these first three as the “evil triad”).
  • A targeted attack specially planned and designed for one objective, often institutional (organizations and companies).

Useful tips

  • Don’t open links or attached files from dubious emails.
  • Download files and software only from the official websites (remember these first three as the “shield triad”).
  • Make backups of all your important information and files in external devices, preferably offline.
  • In case of infection, go to helping websites like No More Ransom or call the cybernetic division of your local authorities. Paying the ransom directly isn’t recommended and its success isn’t guaranteed.

Keyloggers

Image by Gerd Altmann / Pixabay

Thereby, if a keylogger is installed stealthily on a device, it’s capable to record passwords and credentials that would later be sent to a malicious hacker. Among those credentials might be the password or private key of a cryptocurrency wallet, which means you’d be robbed this way.

How do you get infected?

  • Fake websites and browser extensions (phishing).
  • Infected web domains, which means targeted attacks to services like vulnerable shops and exchanges.
  • Someone left a funny little device connected to your computer, like a dubious USB adapter or an extra wire (it’s a hardware keylogger).

Useful tips

  • Besides the antivirus, make sure you have a cybersecurity solution called anti-keylogger.
  • Record your credentials and passwords in the browser of your usual device, or use software to administrate your credentials.
  • Avoid phishing sites and apps just by looking at the URL, that is always different from the original.
  • Pay attention to the news of your favorite websites and services: they should announce its customers if they’re under cyberattack.
  • Don’t leave connected unknown hardware in your device.

Remote Access Trojan (RAT)

Image by StockSnap / Pixabay

Of course, they could steal your cryptos as well, just by enter in your wallet after record your movements. And you probably won’t notice this stealthy software before it’s too late.

How do you get infected?

  • Using dubious bots in Telegram.

Useful Tips

  • Additionally, you can always look up for comments and reviews from other users of the apps and programs that you’re going to download. Including the bots in Telegram, yes.

Clipper / Clipboard hijacker

Image by Pete Linforth / Pixabay

The main thing this malware does is hijack the clipboard in the user’s device and detect when a crypto-wallet address is copied by the owner. Then, this one is replaced for the hacker wallet address, so, if the user doesn’t pay attention, they may end up sending the funds to the wrong destination.

How do you get infected?

  • Adobe Flash or other fake banners ads on dubious websites.

Useful Tips

  • Pay attention to the wallet addresses! It doesn’t matter if you think you don’t have any clipper on your device (these don’t produce any visible symptoms). Compare and verify your original address and the pasted version twice before share or send.
  • If possible, prefer using your funds through QR codes instead of text.

Phishing

Image by leo2014 / Pixabay

You can find out there a fake version of your reliable cryptocurrency exchange, by example. It looks identical, but, at the same time, some things are off. Maybe it’s bad grammar, broken links, or missing texts; but there’s something on the phishing websites that always gives them away: the URL.

It can’t be the exactly same domain as the original (because you should buy a domain, and you can’t buy something the legitimate owner isn’t selling). They’re always similar, but at least one character will be changed (i.e www. alfa.cash vs www. alfaexchange.cash). And it’s the same for mail addresses: if it doesn’t have the original domain of the company (i.e. [email protected]alfa.im vs [email protected]gmail.com), you should suspect immediately.

How do you get infected?

  • Dubious adds at the top of the browser results. Anyone (even malicious actors) can pay for that kind of add, so, they’ll be there till someone reports it.
  • The hacker/scammer found your phone in some way and it’s calling you, impersonating some authority.

Useful Tips

  • Access your most-used websites through the bookmarks/favorites list, and avoid the browser results as much as you can.
  • Be suspicious of any message/mail/call in which someone is asking you for personal credentials or money. Remember: the companies/organizations don’t use to do that at all.
  • If you’re going to send/receive cryptocurrency through a website or app, always check the URL and previous reviews.

But above everything, don’t worry! Protecting yourself and your cryptocurrencies is easy. Just follow our useful tips, and you should be totally fine.

Originally published at https://blog.alfa.cash on October 4, 2020.

We are an eight-year-old and duly regulated cryptocurrency exchange. We offer crypto-fíat and non-custodial transactions, and valuable knowledge in our blog.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store