3. I also heard VPN works but i haven’t tried it myselfVPN can not be used to avoid malware. Only what you can mean is maybe malware is directed to specific IP. I mean specific countries. What if the VPN is set to the location the hackers targeted.
If you know how to avoid malware, you will see the use of anti-virus as a waste of money. But that is if you learn how to avoid malware. Most people do not know how to avoid malware.
The recent Malware that people need to avoid right now is on Reddit which can be downloaded through a free version of TradingView (https://bitcointalk.org/index.phptopic=5535769.msg65187989#msg65187989) but which is from hackers and not TradingView.
In this crypto world, ensuring wallet security is essential for cryptocurrency users. Therefore, we should protect our private keys and use strong passwords. Also, 2FA, and following proper backup methods are very important. All the points you have raised are important but there are many more techniques that if followed will always keep your wallet safe. Personally I don't like to use vpb because using it requires giving device access which can be dangerous for you.
I used Kaspersky antivirus for my laptop in the past, but I lost quite a few important files. Besides, I use my personal gmail very seriously and always delete unnecessary gmail and do not enter the links there. I use extra disk to make my wallet more secure. The most secure way to use a hardware wallet is if you want.
5. Always check for emails that gives a sense of urgency to take a quick action.Are you saying to check if some services report unauthorized access to your account? Based on my experience, the number of phishing e-mails I received saying I need to take urgent action is massive. Heck, I bet most of my spam e-mails are full of them. Instead of checking the tone of the e-mail, it's much better to verify the sender IMO. Some scammers managed to replicate official e-mail notices for some services that I used, some even went as far as tricking the e-mail provider with a similar sender name. If you're not careful you'll fall for their tricks.
3. I also heard VPN works but i haven’t tried it myselfVPN can not be used to avoid malware. Only what you can mean is maybe malware is directed to specific IP. I mean specific countries. What if the VPN is set to the location the hackers targeted.
No, i don't use any kind of antivirus now because I lost many important documents due to an antivirus. In fact I use a separate device for my crypto wallet so that it is 100% secure. No one can scam you directly, so scammers use different lures and different strategies to get your information. If you only go with your own experience in crypto and don't trust anyone easily, then no one will be able to scam you.In this crypto world, ensuring wallet security is essential for cryptocurrency users. Therefore, we should protect our private keys and use strong passwords. Also, 2FA, and following proper backup methods are very important. All the points you have raised are important but there are many more techniques that if followed will always keep your wallet safe. Personally I don't like to use vpb because using it requires giving device access which can be dangerous for you.
I used Kaspersky antivirus for my laptop in the past, but I lost quite a few important files. Besides, I use my personal gmail very seriously and always delete unnecessary gmail and do not enter the links there. I use extra disk to make my wallet more secure. The most secure way to use a hardware wallet is if you want.
You are right..using strong passwords and 2FA is also important. So do you still use an antivirus ?
This are some few tips that can help you to avoid this malware attack. If you also have any more to add, you can drop them.If you can afford to, and as an investor, the best place to store your bitcoin is not on any online wallet but on a cold wallet. It totally eliminates the chances of a malware or virus.
So it's better to just have a separate device and stay safe.Take note that it is not simply about having a separate wallet, the wallet has to be airgapped, because even if you have a separate wallet that you only use to store BTC and nothing else, but it is online, then it is still very risky. If the wallet is airgapped, then it is safe if you also have good opsec too.
Take note that it is not simply about having a separate wallet, the wallet has to be airgapped, because even if you have a separate wallet that you only use to store BTC and nothing else, but it is online, then it is still very risky. If the wallet is airgapped, then it is safe if you also have good opsec too.You are right it is always better to use air gapped devices I mean the hardware wallet for holding the big fund. But if the user can't afford that or can't able to purchase hardware wallet for holding or get more security then I think there is no other way to use and separate wallet.
You are right it is always better to use air gapped devices I mean the hardware wallet for holding the big fund. But if the user can't afford that or can't able to purchase hardware wallet for holding or get more security then I think there is no other way to use and separate wallet.Well, there's no need of hardware wallet when your intention is to store your Bitcoin and other crypto on an air gapped device. These days the used hardware are quite cheap in value and those can be used as air gapped device and their cost is low as compare to hardware wallets.
These days the used hardware are quite cheap in value and those can be used as air gapped device and their cost is low as compare to hardware wallets.Hardware wallets are not expensive too, but with an airgapped wallet all you need is an old device and the skill to set it up. I always recommend to newbies that they should use hardware wallets, because they may not have the skill to set up their airgapped wallet in a safe environment.
I am more vigilant and careful about what I will open and install on the device I use as a digital wallet.
Because it all starts with the user and if the user is careless enough then the security of any wallet will be useless.
StilachiRAT is not yet used to target people en masse but it is good to avoid it. The recent Malware that people need to avoid right now is on Reddit which can be downloaded through a free version of TradingView (https://bitcointalk.org/index.phptopic=5535769.msg65187989#msg65187989) but which is from hackers and not TradingView.
StilachiRAT is not yet used to target people en masse but it is good to avoid it. The recent Malware that people need to avoid right now is on Reddit which can be downloaded through a free version of TradingView (https://bitcointalk.org/index.phptopic=5535769.msg65187989#msg65187989) but which is from hackers and not TradingView.
If all the problems mentioned by OP on the first page are related to PC, why don't we just keep our seed or private key away from PC.. we can write it manually, write it once for life... then store it in a safe place that is difficult for ordinary people to reach.... I think we don't need to be afraid of malware anymore...I also like to extend my seed phrase with passphrase in case of offline attack.
and if the concern is when making transactions, then Trezor is the solution...What do you mean by this?
Like in the first I created and wallet then I remove from my all kinds of device that and store the private phrase in a secured place.Some people might consider sneaking some hardware wallets into the country even if crypto is banned. Though I'm not advising on that. Since you can't use the hardwares wallet, it's better to either create an air gapped wallet and store your funds offline.
If someone wants to store their funds in a device using a non-custodial wallet such as Electrum instead of using a hardware wallet, they need to make sure that they are having a separate device for that purpose so that it stays clean from everything and the assets stay safe.The use of a hardware wallet will certainly provide security in all aspects as long as the hardware wallet is not hacked or uses the private key that you store, whoever owns the Private Key is the owner.
By now you should be aware of StilachiRAT malware that is targeting crypto wallets. I noticed there’s no discussion about it on the forum. So here are few tips to help avoid it.Never heard the word before but aware of the way of how hacking works, it all starts by clicking on a link or downloading some pdfs or attachments. Now a days people are using very old fashioned techniques to scam others, they create fake girl ids on social media and send you a pm and says, this link is my friend's profile, she is very introverted and did not want to directly connect with you so she asked me, can you give her a hi. This is how they start their message.
1. You should avoid clicking on random links come across or downloading attachments from unknown or unexpected sources; it might be on your social media account or through emails.
2. You should install and update the antivirus, you have on your PC.
3. I also heard VPN works but i haven’t tried it myself
4. You should turn off unnecessary remote access and also use a firewall to block fake connections.
5. Always check for emails that gives a sense of urgency to take a quick action.
6. Check if there isn’t an unsual activity in your PC
7. Also remember to scan for malware regularly on your computer
This are some few tips that can help you to avoid this malware attack. If you also have any more to add, you can drop them.
For someone who doesn't jave any anti-virus installed on PC aside from default Defender, and never get hacked on any of my wallets. I only suggest to avoid downloading files from unknown sources, and avoid clicking suspicious links especially those shortened url, some malicious urls are masked by these short urls.
Normally the unusal behaviour of PC is when some windows opens and closes quickly when you power on your pc so keep an eye on that, and take proper actions.From some malware news I've read in the past few weeks or so, I don't think I've seen a start-up window being present as a sign that a PC is infected. Most of them run in the background without any visible sign, except your computer feeling slow. I guess that shows how advanced the attack has become, and you'll probably find it easier to prevent yourself from opening one instead of cleaning it. That being said, I check my PC start-up schedule once in a while to see if some random apps have been added.
Some people might consider sneaking some hardware wallets into the country even if crypto is banned. Though I'm not advising on that. Since you can't use the hardwares wallet, it's better to either create an air gapped wallet and store your funds offline.I think the only way to import crypto-related hardware in countries like ours is to illegally import it from outside through someone you trust, which is very risky. And to be honest, I am a cryptocurrency guy and in this case, I never support third party hardware wallet imports.
Much better to still invest on a good anti-virus + Windows defender. But I do agree that shortened url are also very dangerous as obviously they are masking the real url. So it could be a malicious site and before you know it, you are already trap.I stopped using paid AV after those annoying pop up warnings that cannot be stopped for some reason even just accessing a site's page for their web protection. Also because of those false positive results.
For someone who doesn't jave any anti-virus installed on PC aside from default Defender, and never get hacked on any of my wallets. I only suggest to avoid downloading files from unknown sources, and avoid clicking suspicious links especially those shortened url, some malicious urls are masked by these short urls.That's a good suggestion, in reality only those people get hacked who download unknown applications and trust those applications without verifying their source. The ones who don't download such applications or don't click on suspicious links are always safe from such threats. One can also use Linux for more security. :)
One can also use Linux for more security. :)Yeah, using linux would be pretty good and most recommended way to avoid such things to happen. But i never tried to install linux distro on any of my laptop, or to have dual boot with linux distro on my windows laptop yet, but i have experience using linux OS before, as well as i use ubunto on my VPS.
So it's really our duty to be on the look out of any kind of attacks and we should be made self-aware of the modus of cyber criminals. As everything might look nothing, but inside of that file, there are malware to steal our crypto assets.What's worse, there are some viruses that are not even detected at all by antivirus, and the victims are very many.... some viruses that are often discussed in forums or on reddit, those are the ones that are detected, right?
I don't do much with my PC, apart from login to the forum to read and post. My electrum wallet on my PC is only used when I am transferring funds or uploading the lastest version of electrum. I don't do any other thing on my PC because I want to be as careful as possible to avoid having too many things to do with my PC. I don't open an email that I am not expecting.For someone who doesn't jave any anti-virus installed on PC aside from default Defender, and never get hacked on any of my wallets. I only suggest to avoid downloading files from unknown sources, and avoid clicking suspicious links especially those shortened url, some malicious urls are masked by these short urls.
Much better to still invest on a good anti-virus + Windows defender. But I do agree that shortened url are also very dangerous as obviously they are masking the real url. So it could be a malicious site and before you know it, you are already trap.
So it's really our duty to be on the look out of any kind of attacks and we should be made self-aware of the modus of cyber criminals. As everything might look nothing, but inside of that file, there are malware to steal our crypto assets.
From some malware news I've read in the past few weeks or so, I don't think I've seen a start-up window being present as a sign that a PC is infected. Most of them run in the background without any visible sign, except your computer feeling slow. I guess that shows how advanced the attack has become, and you'll probably find it easier to prevent yourself from opening one instead of cleaning it. That being said, I check my PC start-up schedule once in a while to see if some random apps have been added.These malware are old not new where we see pop up windows when we start our device and they pop up for sometime like they just blink for a less than a second and disappears. These pop up windows can be a sign that there is a virus on our computer and we have to deal with it until it is too late.
Even though I follow good security practices by avoiding installing unknown software and verifying GPG signatures, I always have this nagging feeling in the back of my mind when it comes to being infected by malware.So it's really our duty to be on the look out of any kind of attacks and we should be made self-aware of the modus of cyber criminals. As everything might look nothing, but inside of that file, there are malware to steal our crypto assets.What's worse, there are some viruses that are not even detected at all by antivirus, and the victims are very many.... some viruses that are often discussed in forums or on reddit, those are the ones that are detected, right?
After understanding that our computers are quite vulnerable to being used as a place to store something important like a private key or seed key, it's a good idea to consider storing it offline, such as writing manually with a marker on paper, then storing it in a safe place... do it once and it will be useful forever.
The antivirus can save you from old viruses but day by day the hijackers/hackers are going to be very clever, so they create new viruses that the antivirus can't detected. So the ultimate tips is ' do not double click on any unknown software ' ;D
But first we have to find which virus it can be or we can just reset our computer, and it will take care of it. I think this method is good what do you think if this method is doable.What do you mean by reset? Are you referring to the factory reset or reinstalling Windows whenever a virus is found? I do think that can be a solution if the virus is located in our OS drive, but I don't think it will prevent a virus from putting itself on another drive, and if we're reckless, we open it after we install a new Windows, which means we get infected again. Obviously, this is just a simplification and there are many ways to prevent this.
What do you mean by reset? Are you referring to the factory reset or reinstalling Windows whenever a virus is found? I do think that can be a solution if the virus is located in our OS drive, but I don't think it will prevent a virus from putting itself on another drive, and if we're reckless, we open it after we install a new Windows, which means we get infected again. Obviously, this is just a simplification and there are many ways to prevent this.Most of the people involved in crypto watch or use pirated movies and softwares they somehow click on spam links and some windows just opens automatically and download some files that's not new and later a small bug like a clipboard virus that changes copy paste item in clipboard.
Checking the start-up list is a good thing to do once in a while; I agree with that. Especially if you regularly install or download new files.
I enable as many security features as possible, 2FA, email confirmation (if available), long password with a mix of characters, numbers, and letters. Nowadays, attacks are becoming more and more sophisticated, and we need to be prepared for this.Your methods are not bad, but take note that a password only protects your wallet locally and not from online attacks, that is why the most recommended way to avoid attack is to store your funds in cold storage. By cold storage i mean off the internet, either in an airgapped wallet or a hardware wallet.
In this crypto world, ensuring wallet security is essential for cryptocurrency users. Therefore, we should protect our private keys and use strong passwords. Also, 2FA, and following proper backup methods are very important. All the points you have raised are important but there are many more techniques that if followed will always keep your wallet safe. Personally I don't like to use vpb because using it requires giving device access which can be dangerous for you.You are right, we should keep our keys and seed phrases save, the best way is to encrypt our keys and seed phrases using any encryption method and store it in safe place but all of the crypto bros suggests not to store keys on computer at all.
I used Kaspersky antivirus for my laptop in the past, but I lost quite a few important files. Besides, I use my personal gmail very seriously and always delete unnecessary gmail and do not enter the links there. I use extra disk to make my wallet more secure. The most secure way to use a hardware wallet is if you want.
You are right, we should keep our keys and seed phrases save, the best way is to encrypt our keys and seed phrases using any encryption method and store it in safe place but all of the crypto bros suggests not to store keys on computer at all.I agree with what you said in part, it's known that removable media can be damaged in the same way as paper and either it becomes completely useless or the data saved on it becomes corrupted.
Which is a good approach but I think keys are more safer in devices then they are on paper because if we store it by encrypting on usb or memory card we can still recover data from it even it damages but if paper damages it will be hard to recover. Speaking of anti viruses, they are not good imo, I just use defender in my windows.
I enable as many security features as possible, 2FA, email confirmation (if available), long password with a mix of characters, numbers, and letters. Nowadays, attacks are becoming more and more sophisticated, and we need to be prepared for this.but unfortunately, to hack your crypto wallet... the malware only needs a copy of the private key... as long as you store this private key in a careless place, even viruses that automatically copy paste data will easily hack your wallet without knowledge of your security layer....
1. Avoid centralized exchange wallets.I know this is strange, but my security mechanism is actually very weak when storing assets in a non-custodial wallet, because maybe I'm the one who has a security problem here... I don't justify storing money in an exchange wallet, because there is also a risk of loss there... however, for someone who is not even confident in their ability to store private keys safely, maybe using an exchange wallet is not bad either... they also have a security system, right?
2. Use a non custodial wallet.
3. Don't leave your private keys open to third parties.Keep the private key connected to your wallet away from the internet, it is a fairly effective practice... considering that all hacking via malware (which often happens) is sending data online... that way when any of our data has been leaked and there is an active internet network that can send the data to someone we don't know, that's the end of our story...
4. Don't post your wallet address anyhow online.
5. Store your seeds in a private place only accessible to you.
I agree with what you said in part, it's known that removable media can be damaged in the same way as paper and either it becomes completely useless or the data saved on it becomes corrupted.TBH I did stored my phrase on paper but don't know why even after storing it away in a locker safe, I felt unsafe, while I stored it in my phone, I only felt unsafe whenever I take it outside, or travel. But it is just the feeling the reality is storing on paper is better but if we don't want other to easily read the content we should do encryption, we should not use third party tools to do the encryption, because to mix the words we can use any simple encryption method, which we can do by using our mind, pencil and paper.
A good approach is to have both encrypted backups and paper backups (preferably also encrypted or with your funds stored in a hidden wallet with bip39-passphrase).
Bottom line: do both, any digital backup should be done in an environment, preferably offline to prevent potential malware from capturing sensitive information.
I enable as many security features as possible, 2FA, email confirmation (if available), long password with a mix of characters, numbers, and letters. Nowadays, attacks are becoming more and more sophisticated, and we need to be prepared for this.2FA is one in a million security I don't joke with having because it gives a good security system that third party cannot in a anyway hacked the account of the user, except the person lost the smartphone that has the 2FA because having the smartphone is also applicable to having access to the 2FA so there is another security after the installation of the 2FA which is protection of the phone to avoid theft. Another security I usually use is the cellphone verification that requires the use of code before being authorized on the account.
4. Don't post your wallet address anyhow online.You cannot lose your funds through your wallet address, it is a public address, something similar to a banks account number in the centralized world. However, you can only lose your privacy through your BTC wallet address, that is why for the sake of privacy, it is sometime recommended not to reuse addresses.