How to Protect your Coins from Malware

As cryptocurrencies rise in value, hackers target all vulnerabilities to acquire coins: from outright stealing to stealth mining.

Just as the US senate voted to ban all Kaspersky Labs products for use in government agencies, the threat from hackers and malwares is still rising- and this time, it is related to cryptocurrencies. There are many ways that your coins can become vulnerable. Learn how to increase your security around the most common threats. 

There are many ways to attack your computer system or wallets, going beyond the ransomware that asks for Bitcoin.

MyEtherWallet Scams

Always make sure you are at the right site when using MyEtherWallet. A clone could steal your private keys and take away your coins. Always open the wallet from your bookmarks and do not click on links from third parties. MyEtherWallet has fields to provide either a key file or a private key string or a mnemonic phrase. 

Also consider using for tracking funds and only unlock the wallet when sending Ethereum or tokens. 

Clipboard Altering Programs

Cryptocurrency addresses are unpleasant to read- one looks just like the other. And so for some transactions, malware may change the address as you are trying to paste it from the clipboard. Keep in mind that this is possible- though very improbable. Do a visual check of the address before verifying the transaction. 

If possible, avoid using the clipboard at all and rely on other mechanisms to broadcast the receive address. As this message from Bitcoin Wallet suggests, it is better to scan QR codes or use the "Share" button on a wallet. 

As this BitcoinTalk thread shows, such attacks are not so rare. 

Keyloggers Stealing Passwords

Your wallet is also protected by a strong password- but this is also an area where malware lurks. A class of malicious programs allow key logging, stealing the password string. 

The good news is that for such malware to execute, you would need to click on a link. Avoid dubious emails and scan your system. 

According to internet security firm Cyren, a recent key logging threat targets several well-known cryptocurrency wallets: 

Bitcoin, Namecoin, Litecoin, Anoncoin, BBQcoin, Bytecoin, Craftcoin, Devcoin, Digitalcoin, Fastcoin, Feathercoin, Florincoin, Freicoin, I0coin, Infinitecoin, Ixcoin, Junkcoin, Litecoin, Luckycoin, Megacoin, Mincoin, Phoenixcoin, Primecoin, Quarkcoin, Tagcoin, Terracoin, Worldcoin, Yacoin and Zetacoin.

Watch out for emails trying to fake credentials, from official-looking accounts, or impersonating banks or state agencies. Know what mails to expect from your bank or tax service and do not open unexpected messages, or contact customer service first.

Also avoid malicious links that start a download upon visiting. Malicious links are becoming more popular on social channels these days and are one of the most active vectors for fake ICO addresses and other cryptocurrency scams.  Stay away from dubious-looking extensions on files, and do not trust the accounts of your friends- they may have been kidnapped. 

It is also good to be aware of the channels that are currently targeted. Reddit, Telegram and other social media where cryptocurrency discussions happen are always inviting scammers and attempts to install malware.

If you suspect key logging, run a scan on your system- or merely look through your processes and notice if anything looks unusual. If you find a process, remove it from its startup folder. 

Obscure Coin Wallets

With so many new coins, no one knows if their proprietary wallets are to be trusted. Some wallets work inefficiently- and others may work against you. Avoid unchecked GooglePlay wallets. Currently, online stores have been cleared of fake Bitcoin wallets. 

Hidden Mining

In 2017, most coins cannot be mined on an ordinary computer. But this will not stop hackers from attempting to squeeze out hashing power, especially if they can make a larger collection of machines mine their favorite coin. There are known cases where smart home devices were used to mine coins. And some coins are especially suited for this form of mining, such as Monero- the coin miner is most often identified in hidden mining attacks. 

Hidden miners usually come with "dropper", another installer file that also loads the miner. 

There are accusations that MinerGate, intended to mine Monero and Bytecoin, actually does a bit of hidden mining on the side, or at least works inefficiently. Sometimes, the secret installation is precisely the MinerGate software, running secretly from the user. 

Kaspersky Labs claims to be able to catch all hidden installations from dropper files through its Internet Security Service.