Threat to Bitcoin Wallets
Bitcoin.com (BC): How often are computers infected with keylogger malware that can steal bitcoin wallets?
Cyren (C): Malware that steals cryptocurrency wallets has been around since 2012. In 2013 there was a massive spike in this type of malware and it’s hard to say how many infections there have been, but:
We estimate that there are hundreds different types of cryptocurrency malware out there.
They are all after the same thing – the wallet, crypto addresses (Bitcoin address) and the password that protects the wallet. But the difference is how they do it and on what platform.
Common Ways to Get Infected
BC: How many different ways are there to get infected?
C: There are several ways to get infected.
We then have the classic USB stick delivery method where the malware author drops USB sticks with the malware across the city or near an office building that he is targeting. When a victim picks it up to check what’s on the drive he gets infected by an auto run script on the USB stick.
Drive-by-downloads are also popular where the victim may accidentally visit a malicious web page that automatically downloads the malware. Malicious links or attachments via social media are also very popular these days.
Mobile Operating System
BC: Is the mobile operating system safer than a desktop PC?
C: The mobile operating system should be safer if the user sticks to the Google play store/iOS app store and is not installing apps from unknown sources.
There was a malware on android that exploited a bug in the android system to steal information from bitcoin wallets in 2013, but that has been fixed since then.
The most common mobile malware regarding cryptocurrency was to have a legitimate looking app, for example a flashlight app that was mining cryptocurrency in the background without the user knowing.
Android and iOS are pretty strict on the keylogging so it’s easier to exploit the desktop PC.
How to Check for Keyloggers
BC: How can we check if we are being keylogged?
C: For Windows users: Check which processes are running, using, for example, Task Manager, and look for something out of the ordinary.
Examining the outgoing network traffic from the PC is also effective. Look for strange outgoing connections.
BC: How do we prevent being infected with keylogger malware?
C: Obviously do not open strange attachments or click links from emails that you are unsure about. Always check who’s the sender by checking the email address, and if you are not expecting this document or attachment to be sent to you, then make sure you have someone with the proper knowledge to check it before exploring it further. Evidently, relying on users to police their email is a strategy which will have at best limited success.
Standard advice is also always to have anti-virus software on your PC which is up to date, but it’s known that traditional antivirus software recognizes less than half of malware attacks.
Moreover, there can be quite a bit of latency from the time an endpoint anti-virus provider detects something to the time any black list is updated. So relying on user behavior and local anti-virus software is problematic. A better strategy is to use a first-rate secure email gateway which will detect and block delivery of the attachment in the first place. Also use a secure web gateway for internet traffic which inspects outbound connections, preventing the transmission of the data captured, even if infection happens. Make sure to install the latest operating system updates.
BC: What is the best way to get rid of keylogger malware?
C: First of all, scan the computer with an Anti-virus program that is up to date and see if it is able to remove the keylogger.
Open the task manager or activity monitor, depending on the operating system, and make sure every process that is running is safe and not malicious. If you find a process that is a keylogger, then make sure you remove it from the folder it starts up in, the registry, and any other places that it might be in. Search for the process name on the internet and if it’s a common one you will be able to find instructions on how to remove is.
After removing the keylogger it is good to reboot the system and monitor the process to see that it is not starting up and that it has been completely removed from the system.
Have any of your devices have been infected by keylogger malware? Let us know in the comments section below.
Images courtesy of Shutterstock, Cyren, Android, Apple, and Microsoft
You may be interested
Bets Against Bitcoin’s Price Are Nearing Record HighsBrian Evans - Aug 21, 2018
BTC/USD shorts on Bitfinex are nearing record highs, leaving many to wonder if a short squeeze will occur like it did when the prior mark was set.
Major Players Use Blockchain to Streamline Agribusiness’ Creaking Supply ChainBrian Evans - Aug 21, 2018
Let’s see why China and Australia are really into blockchain in the agriculture
Apple Co-Founder Steve Wozniak Flip-Flops on Blockchain, Joins Crypto StartupBrian Evans - Aug 21, 2018
Apple co-founder Steve Wozniak discussed his involvement in a new crypto startup company and his interest in blockchain in general in a NullTx interview earlier this week.…