You are reading about: "Watch your Bitcoins: A very deceptive way to infect your crypto-devices."
If you have been around digital currencies for a bit, you probably know that in terms of security the only thing you can say with certainty is the next vulnerability will be an unexpected one.
We had Trezor hardware wallets hacked by a teenager through a “trivial bug”.
Ledger Wallet went through something similar a few times, not even mentioning all the campaigns targeting Exodus or Jaxx.
We also had an (apparently exploited) vulnerability in Electrum wallet, which passed unnoticed for way too many years.
Devices Separated for Activities
Because of this aspect of security, it became the best practice to separate your devices based on what you do on them: For your convenience you can safely keep having your day-to-day wallet on your normal laptop as long as you don’t access notorious places like streaming sites that often have malicious ads, and as long as you are careful about what you are clicking at in your emails.
For whatever download or streaming sites you want to visit, you can simply have an old phone that is good for nothing anyway and therefore can act like a burner.
But What Is Safe?
The problem is that the definition of “safe activities” for your day-to-day device keeps getting narrower.
We know it is not safe to have installed TeamViewer or similar remote control software. We know there might be another bug in Telegram.
The campaign reported recently at TrendMicro takes it to a whole new level though: A malicious script distributes via Twitter memes.
The malicious part is embedded in the image via an old technique called steganography that we mentioned in another AltcoinTrading.NET Security Primer as a method for hiding secret text phrases like perhaps parts or your crypto wallet seed.
Uploading the enriched picture to social networks doesn’t necessarily strip off the embedded information.
In the case of the malicious memes, you download the image which activates the script inside it.
This particular edition acts only as a communication tool. It grabs screens of your active windows, looks for a particular malware you got from somewhere else and perhaps downloads other malicious memes (you wouldn’t notice, would you?).
If it works, it will be reused
The way the business of malware works in 2018 though is you test the waters with something low-key and if it kind of works, you add stuff like Monero miners and scanning for cryptocurrency wallets.
These building blocks are available commercially for cheap and especially with the illicit mining (cryptojacking), they provide quite a stable source of long-term income.
Either way: The distribution model relies on users downloading the good memes onto their computer.
Now that you’re wiser you can simply screenshot them instead to be on the safe side. It could potentially shake up the market with Rare Pepes though.
More & Better:
Email alerts (2-3 a week)
- Opinions, Analyses & Interviews
- Industry News Releases
- Blockchain Tech Intelligence
Data is beautiful
Blockchain Technology in Mobile App Market: State of the Industry 2020
Blockchain is currently at the top among the new trending technologies that came up in recent years. It is a remarkable innovation for our ever more digitalised world. Blockchain is mostly known as decentralized network,...
New Horizons in Fintech: Payments, Big Data and Partnerships [Infographic]
The global fintech market saw a period of consolidation in 2018, which is exactly what we saw also in terms of price evaluation of crypto assets. In spite of the “crypto winter”, which is apparently...
Brand development in forex and crypto: Most expensive domain names [Infographic]
Crypto infographics - Most expensive domain names in forex and crypto. Targeted brand development in forex and crypto with domain names.
Top 8 Women in Blockchain Tech [Infographic]
When it comes to women in crypto, the pre-2016 OG heads will probably come up with names like Alena Vranova and Blythe Masters. Alena Vranova is the former CEO of Satoshi Labs, the company that...
Infographic: Blockchain Technology, Ledgers, Blocks and the Role of Price
Blockchain technology 101: What is blockchain, what types of blockchains exist and what role does the cryptocurrency price play.
Infographic: The Good And The Bad Of ICOs
Infographic: The good and bad of ICOs - Which token sales raised the most money in 2018?
The Business of Esports: All The Numbers [Infographic]
Esports is a rapidly emerging category as a real sport. It’s even beginning to compete with traditional sports.
Shocking Facts About Cryptocurrency Heists [Infographic]
If there is one question in the history of Bitcoin that cannot be answered with anything more than an estimate, it is the problem of how much of Bitcoin’s supply is actually ever available on...
Comparing Forex Market with Crypto Markets [Infographic]
One of the few metrics that cryptocurrency markets have in common with the forex markets in 2018 is the high percentage of total trades being located on few most popular markets.
East vs. West: Which One Sides More With Blockchain?
Digital cash schemes were the holy grail of the late 90s, but since the bitcoin blockchain was invented, suddenly nobody in the West cares.
Blockchain Consortium in Trade Finance: 6 Notable Networks [Infographic]
The success of trade finance blockchain implementations depends on how widely they are adopted. That's why we have seen businesses form consortia based on similar interests.
Real-world companies that accept crypto payments [Infographic]
Infographic - Graphic map of businesses that let customers pay in bitcoin.
Infographic: Blockchain Hacks & Crypto Trading Platform heists 2018 vs 2017
Blockchain infographic comparing the biggest crypto heists of 2018 and 2017. In 2017 the focus lied more on ICOs, smart contracts and wallet.
15 crypto kings that are making history with their engagement in the field of cryptocurrencies
Coining The Bucks With Cryptocurrencies Have you ever wondered how much masters of the cryptocurrencies are worth? Like the guy who founded Ethereum, or the one who started Ripple, for example. The answer, in short,...
Industry News Releases
LocalCryptos, the non-custodial p2p platform, added a crypto-to-crypto exchange feature
LocalCryptos, formerly known as LocalEthereum, is currently the most popular non-custodial p2p market for cryptocurrencies....Read >>
- Montenegro to embrace blockchain technology in efforts to join the EU
- The Global Hackaton (April, Los Angeles) comes with free tickets to Crypto Invest Summit
- Etheremon celebrating #ChineseNewYear2019 with a series of bounties (Ends 8:00 AM UTC on Feb 11th)
- Crypto Marble dApp Game: Monopoly on Blockchain
- The dApp gaming platform VX Network launched the official VX Wallet in Apple App Store and Google Play
- Etheremon's first Chinese New Year Campaign: Chance to recall two rare mons