ninjabenja

PSA: Bitcoin traders, YOU are the targets- Don't get hacked!

BITSTAMP:BTCUSD   Bitcoin / Dollar
No trade setup today folks. This MALWARE warning for BTC traders is purely a public service announcement with some sage advice on how you need to safeguard your hard work and earnings against looting parasite hackers. IF YOU TRADE BITCOIN YOU ARE A TARGET!

Q: What the heck are you talking about?
A: Recently there have been links posted in the TV chat and as comments on published charts which will take you to a website that automatically runs a flash element. This instant and automatic install pretends to be useful trading software, but it is absolutely malicious. It works to provide the attackers access to as many of your unprotected accounts as it can, particularly email and trade accounts. The attacker will change your account passwords locking you out and looting anything of value you might have.

Q: How do you know this?
A: I have been witness (first hand) while in the chat to people reporting the exact end results listed above, and watched them freak out while looters locked them out. I have also recently been the target of such an attack. The link was posted to my most recent published chart multiple times, in a very real-time and conversational way. The link was also posted to another TV member's chart who later investigated it.

Q: What to do then? Just not click on anything?
A: DO NOT CLICK ON LINKS FROM UNKNOWN/UNTRUSTED SOURCES!!
Take two seconds to look at the user's profile and publication history. Is the account well established, or is it 30 mins old? Have they EVER published anything? Do you recognize the user name? USE SOME COMMON SENSE!

~ Enable Two Factor Authentication (2fa) on ALL your accounts- especially your email and Trade accounts!!
~ Use a different strong password for every account and for god's sake use LastPass or something like it.
~ In your browser settings, disable flash from running automatically.
~ Use FireFox and install the NoScript plugin.

~ Lastly, Go to www. grc             .com, under "Services" click on SheildsUp and find out if you're vulnerable. It's an Internet security vulnerability profiling service offered for free by Steve Gibson one of the leading information security experts of our time. He coined the term "Malware".

DO THESE THINGS!! You work too hard to lose it all to a looting parasite because of complacency.
/end rant.


PS. If you are interested in researching the malware referred to above, please feel free to message me, and I'll PM you the link. Anyone who re-posts the link in the chat or on a published chart will risk being permanently banned by the mods.
Thanks for this. The script it runs is actually pretty insidious and not very obvious to the average user that they have been infected.

Reply
Does Malwarebytes detect if you are infected with this hack after possibly visiting some dangerous site?
Reply
I don't know if this would be detected or if it even triggers any security software at all at this point. Regrettably my skill-set is not sufficient to provide any more detailed information regarding the threat, beyond what I've provided above. There are those in the TV community who may know or want to know how this thing works. If anyone wants to try and dissect this malware PM me and I'll shoot you the link.
Reply
Can it affect Mac OS?
Reply
ninjabenja PRO adamholt91
It's my understanding, that if your browser has the ability to run Flash elements, then yes it can. This malware doesn't seem to be OS specific, but don't quote me on that.
Reply
In Chrome go to Settings > Content Settings... > Plug-ins > Make sure "Click to play" is the radio/circle selected. Flash cannot automatically load with click to play selected.
+1 Reply
Ideas Scripts Chart
United States
United Kingdom
India
España
France
Italia
Brasil
Россия
Türkiye
日本
한국
Home Stock Screener Forex Signal Finder Economic Calendar How It Works Chart Features House Rules Moderators For the WEB Widgets Stock Charting Library Priority Support Feature Request Blog & News FAQ Help & Wiki Twitter
Private Messages Chat Ideas Published Followers Following Priority Support Public Profile Profile Settings Account and Billing Sign Out