Bitcoin stealing malware: Bitter reminder for crypto users to stay vigilant

Published at: March 15, 2022

An unfortunate Bitcoin (BTC) user was duped out of 0.255 BTC, almost $10,000, due to malware running on their computer. 

Louis Nel, a tech blogger and crypto enthusiast, flagged the issue on Twitter, referring to his friend as ‘C.’

A friend sent 0.255BTC from his bitcoin wallet to an exchange.He copied and pasted the wallet address on his computer.After 4 hours he was worried when the funds did not arrive at the exchange...

— Louis Nel (@LouisNel) March 14, 2022

Nel told Cointelegraph that C’s “Bitcoin was sent from Kraken to VALR, a South African exchange,” however, “malware running on his computer intercepted the copied data and inserted a new wallet address when he pasted this without realizing.”

Kraken exchange confirmed that the wallet address does not belong to them; in further warning signs, Nel added that “there are 9 transactions into that wallet, so others have been duped as well.”

The wallet address in question now has a value of 0.27 BTC but the funds have not moved. Nel shared a photo of the wallet address with connected addresses:

Malware attacks are nothing new to the world of crypto finance or indeed to Bitcoin transactions. Chainalysis estimates that as much as $500,000 was stolen by just one malware bot over the course of 2021.

Plus, malware attacks can happen to seasoned cryptocurrency enthusiasts: C first got involved in Bitcoin and cryptocurrency in 2018. The malware attack is rotten luck for C, but a poignant reminder for cryptocurrency users.

Transactions on Bitcoin are irreversible, or “immutable”, meaning that once the funds have left a wallet, no party can manipulate or falsify data, or send back the money. While it’s one of the protocol’s strengths, in situations such as this malware attack, it’s a double-edged sword. Nel suggested:

“When working with Bitcoin and cryptocurrency you are responsible for your own security. When copying and pasting wallet addresses, always check the first four to six characters and the last four to six to ensure that they match.”

Related: No crypto for criminals: Coinjoin BTC mixing tool to block illicit transactions

It boils down to one of the most crucial Bitcoin mantras, "don't trust, verify." If sending money, always reread addresses, checking "the entire address." If it's a large amount, send a test transaction of a few Satoshis to ensure the funds arrive safely at the desired wallet address.

For C, despite discovery then removal of the malware software, “the issue was still there and he sent me [Nel] a video where the wallet address would still dynamically change.” The laptop, which was running Windows 10, appears to still be compromised:

“All we know is that the malicious software became embedded in his operating system and was still doing its thing.”
Tags
Blockchain
Bitcoin
Wallet
Bitcoin Wallet
Scams
Kraken
Bitcoin Scams
Malware
Related Posts
Aussies warned to avoid scanning crypto paper wallets they find on the street
Australians have been warned to stay away from suspicious-looking fake Bitcoin paper wallets, which work by luring victims into accessing a lucrative crypto wallet but will ultimately drain them of their own crypto holdings. According to a Nov. 22 post on the Facebook page of the NSW Police Force, the scam starts as a paper cryptocurrency wallet with a QR code, which is made to appear like a legitimate Bitcoin paper wallet. These are strewn by scammers in public locations such as streets or parks. An individual that locates the paper wallet and scans the QR code is directed to …
Bitcoin / Nov. 24, 2022
Forecasting Bitcoin price using quantitative models, Part 3
This is Part Three of a multipart series that aims to answer the following question: What is the “fundamental value” of Bitcoin? Part One is about the value of scarcity, Part Two — the market moves in bubbles, Part Three — the rate of adoption, and Part Four — the hash rate and the estimated price of Bitcoin. The rate of adoption If more and more people desire a certain good, and the same amount of units are in circulation, the price will obviously have a tendency to rise. It’s the supply-and-demand rule that governs any market in the world. …
Adoption / June 5, 2021
Indian prime minister Modi's hacked Twitter account attempts BTC scam
The official Twitter account of Indian Prime Minister Narendra Modi got compromised earlier today, which was then used to share misleading information about the mainstream adoption of Bitcoin (BTC) and redistribution of 500 BTC among the Indian citizens. On Dec. 10, Modi said in a virtual event virtual summit hosted by US President Joe Biden that technologies such as cryptocurrencies should be used to empower democracy and not undermine it: “By working together, democracies can meet the aspirations of our citizens and celebrate the democratic spirit of humanity.” While the long-awaited Lok Sabha Winter Session, a parliamentary meetup intended to …
Adoption / Dec. 12, 2021
Trezor investigates potential data breach as users cite phishing attacks
Cryptocurrency hardware wallet provider Trezor has begun investigating a possible data breach that may have compromised users’ email addresses and other personal information. Earlier today, on Apr. 3, several users from the Crypto Twitter community warned about an ongoing email phishing campaign specifically targeting Trezor users via their registered email addresses. Hey trezor, are you aware of a phishing campaign going on? I just received this email with my actual email on it. It looked very legit. pic.twitter.com/GF0Od6llr2 — josearkaos ⚡️ (@josearkanos) April 3, 2022 In the ongoing attack, several Trezor users have been contacted by unauthorized actors posing as …
Blockchain / April 3, 2022
Are Bitcoin transactions anonymous and traceable?
Should I share my Bitcoin address publicly? It is not a problem to share public keys, but make sure the private key cannot be found by third parties. Transactions can be sent to the public key, which is completely secure. It is safe to share your Bitcoin address publicly. This way, it is possible to safely complete donations or payments. No cryptocurrencies can be stolen through a public address. The only way by which stealing crypto is possible is if someone has managed to get hold of the private keys. Bitcoin wallets always make a difference between public keys and …
Blockchain / Sept. 3, 2022