[ 3 / biz / cgl / ck / diy / fa / ic / jp / lit / sci / vr / vt ] [ index / top / reports ] [ become a patron ] [ status ]

/biz/ - Business & Finance


View post   

File: 12 KB, 512x512, 03569B65-3A83-4D76-BAC9-F623C36DBF9C.png [View same] [iqdb] [saucenao] [google]
22649812 No.22649812 [Reply] [Original]

This thread got archived before I had a chance to ask anything. see: >>22637526

Basically anon was saying he had developed and sold a phishing exploit. I’m not sure if he was Larping or not but I’ve gone and bought a Trezor Model T right after I read that thread.

There’s a few days until it gets delivered so I’ve done the following to try and protect myself in the meantime:

>delete all other extensions
>log out of MM
>disable metamask extension
>reset chrome
>do a full system scan by Norton

I’m thinking of not connecting to the internet for a few days. Is this going to far or can I just use a different browser instead while I wait? My private keys and mnemonic phrase are not on the computer or stored electronically.

Have I done enough/is there anything else I can do anons?

>> No.22649836

Virus's dont exist bro. Metamask more like Metamuzzle

>> No.22649850

I keep over $400k in MM no hardware no paper. You're never getting it.

>> No.22649880
File: 238 KB, 1099x1078, 20200917_145520.jpg [View same] [iqdb] [saucenao] [google]
22649880

lol I can't believe you fell for that thread, anon. do you believe everything you read here?

>> No.22649883

>>22649850
Goddamn that sounds dangerous

>> No.22649884

>>22649812
model t is dogshit, either get the trezor one or get a ledger if u want a bunch of features.
if ur stack is big enough, i would get new hard drives before setting up ur trezor

>> No.22649888

>>22649812
Based schizo

>> No.22649906

>Obviously use an airgapped pc and generate tx offline before uploading to net attached pc to broadcast. No one should even own crypto who doesn't know this shit.

fucking lmao

money of the future bros

>> No.22649919
File: 58 KB, 220x220, 1219B9F2-8B3A-47BD-BA4A-FC657505E4E2.gif [View same] [iqdb] [saucenao] [google]
22649919

>>22649880
I did a bit of research after reading that thread. It is technically possible to do what OP said. I’ve also seen a rise in hacks over the last few months. Of course some of that might be the end user doing retarded things but I thought it would be better to have a hardware wallet for long term safety. I’m just wondering what else I can do in the meantime to protect myself. Getting a bit paranoid

>> No.22649970
File: 278 KB, 600x603, E6AB4A75-4492-4FFD-A39F-2E9640CDB626.png [View same] [iqdb] [saucenao] [google]
22649970

>>22649884
>get the trezor one

The model T has more features than the Trezor one and the biggest selling point for me was the touchscreen interface so I don’t have to worry about keyloggers. I thought Trezor interacted better with Metamask too

>> No.22650018

I have 5 hardware wallets, a laptop which has never downloaded anything other than google chrome and stays disconnected from the internet unless i'm making a trade, a safe and my private keys burried in a glass bottle in an undisclosed location.

You will never get my money hackers. This is what getting my rune legs scammed in primary school has made me.

>> No.22650037

>>22649919
Do you guys remember the one guy who said he experienced something like this?

>> No.22650043

>>22649812
You'd have to go on the phishing website then sign a tx allowing a contract to spend funds on your behalf

>> No.22650052

>>22650018
You jest but I actually learned all about viruses and keyloggers from getting keylogged by clicking some link in an RSToolkit chat room

>> No.22650069

This thread
>>22625519

>> No.22650083

>>22650052
I'm not jesting.

I would never keep more than 10k on a single wallet. Who would do that?

>> No.22650108

>>22649812
There is a new hack which can use quantum computer to analyze the digibits and electrical frequency of the pixels on a particular screen. For example, I want to know the IP and gain access to the an anon's post here on /biz/. I run my program and draw a box over the entire rectangular post. Then, I get all the users information uploaded through the trillions of electrical components which make up the screen for that user. All of that persons data gets instantly transferred to my computer by the power of my inconceivably powerful program. Literally it's been working perfectly on here.

>> No.22650114

>>22650083
Satoshi

>> No.22650116

>>22649812
you should sell all your crypto and fuck off

>> No.22650128

>>22650114
if hackers are so smart why dont they just hack satoshi

>> No.22650149

>>22650114
He's not a real person

>> No.22650179

>>22649850

There was a thread a few weeks ago where an anon lost $350k doing exactly that.

>> No.22650182

>>22650083
>Who would do that?
someone who isnt poor?
10k is literally nothing in crypto terms, there are people who have millions in a single wallet

>> No.22650206

How could they hack into a MM if they don’t have the pass-phrase?

>> No.22650298

>>22649812
All of this is just a larp to get ppl to buy hardware wallets

>> No.22650393

>>22650182
People having millions of dollars in a single wallet, doesn't mean they aren't imbeciles. A guy lost millions of dollars a month ago because he had millions on a single trezor that was compromised. If you aren't smart enough to see how an 80$ security investment for every 10-50k you have is a good idea, you deserve to lose.

>> No.22650438
File: 26 KB, 645x729, 04C1D2D2-74B2-48F2-945D-74A30E26E9BD.jpg [View same] [iqdb] [saucenao] [google]
22650438

>>22650298
See>>22650393

>> No.22650514
File: 41 KB, 798x644, disgusted.jpg [View same] [iqdb] [saucenao] [google]
22650514

i have literally every password to any account stored on my computer or saved on my browsers. if someone were to hack even one thing on my computer, they'd basically have access to my bank accounts, my crypto, my email, my damned porn accounts for christ's sake. I don't give a fuck and I will literally never do any kind of security measures. If i lose, i lose. i'll take it like a man and move on. bunch of pansy faggots.

>> No.22650606

>>22649919
look into what the top public crypto users are doing, also owning a couple separate cold storage wallets wouldn't hurt. Don't be paranoid it'll eat you alive anon, just don't click stupid shit and don't download stupid shit and you're good.

>> No.22650610

>>22650393
>80$ security investment for every 10-50k
thinking of getting 2nd Ledger Nano X. one per 10k. first one to my door was like in the $130 range. so like 1.30 or 1.40% per 10k investment. sounds good next best thing would be some weird crypto insurance you pay for.

>> No.22650612

>>22650116
Why don’t you fuck off you shit cunt. I’m asking a legitimate question and here you are shitting up the board. If you think it’s unnecessary then are you willing to cough up the money if I do get hacked? If not then piss off.

>> No.22650633
File: 39 KB, 220x216, tenor.gif [View same] [iqdb] [saucenao] [google]
22650633

>>22649812
>chrome
>norton
>what do I do about viruses anon
Kek I keep 4 grand in coins on my browser wallet and sleep soundly
Winfaggots and Mactoddlers BTFO

>> No.22650646
File: 43 KB, 628x676, 4ABC28F0-7760-4F8B-AF62-7C06196D94C6.jpg [View same] [iqdb] [saucenao] [google]
22650646

>>22650606
Thanks fren

>> No.22650719

Most of you plebs make it for hackers too easy. Some of you retards don't even use a virus scanner and some of you are so stupid by using their daily e-mail account for crypto.

>1. Get a decent virus scanner
>2. Get a firewall
>3. Get Keyscrambler
>4. Use a VPN
>5. Don't use any other third party browser addons than metamask
>6. Don't store your password in a txt file
>7. Use tools like keepass to store your passwords and use a key file and a decent password to protect that database
>8. Use 2F Authentication where ever it is possible

>AND THE MOST IMPORTANT RULE: READ THE FUCKING SMART CONTRACT! Some of you plebs literally allow hackers to move your funds out of your wallet.

Set allowance to 0 for all crypto wallet related pages if you do not use them anymore! There are pages like https://tac.dappstar.io/ where you can do that if you are too stupid to do that yourself.

>> No.22650759

>>22649812
yes, it is my understanding that the eth-theif known as fourchan is in fact behind over 9000 proxies and you are helpless to prevent any funds being removed from your wallet. ggwp but might as well kiss your eth goodbye now. maybe you should just start buying books instead of fake internet money if you want to be taken seriously going forward.

>> No.22650784

Fuck it I bought a ledger pack

>> No.22650808

OH SHIT a fox just flew over my house

>> No.22650839

>>22650784
pack?
how many is that anon?
What for? 2 might be nice, one hot EDC, one cold.

>> No.22650847

>>22650018
I remember getting scammed for dlegs and whip back in 2006 from a year long "gf". Felt like the end of the world at the time - lose gf, lose gear, lose meaning of life.

>> No.22650849

>>22649970
The way the trezor one works, keyloggers wouldn't matter

>> No.22650886

>>22649812
Nice, almost got me. How much is Trezor paying you for this post you long nose cunt

>> No.22650921

>>22649836
Kek

>> No.22650924

>>22650839
I bought the backup pack
https://shop.ledger.com/products/ledger-backup-pack
They got three packs as well

>> No.22650957

What app do you use with your Ledger? MEW has become a clusterfuck to deal with. Fuck MEW.

>> No.22651054

>>22649812
>phishing
aka, don't be a dumbass and don't give away your private key. Thanks for the heads up OP, but this isn't anything to worry about if you have a 3 digit IQ

>> No.22651216

>>22650847
Moments like that shape you

>> No.22652120

>>22650719
>Get a decent virus scanner
>Get Keyscrambler
>Get a firewall
Get Linux?

>> No.22652367
File: 226 KB, 701x424, 1583595590032.jpg [View same] [iqdb] [saucenao] [google]
22652367

Raspberry PI 4 running kali linux is waaaaaaayyy more secure then those audrinos with LCDs (aka hardware wallets) just install meta mask in chromium and ur good.

>> No.22652396

>>22649850
i fucking lost 2k sending my shit to a recent addy id rather have balls and keep my shit in metamask and call it a day

>> No.22652435

>>22650612
I am saying that low IQ newfaggots shouldnt be in crypto, though we need someone to dump our bags on so stay I guess?

>> No.22652455

This is a FUD, in the next days there will be a massive SHILL on a metamask rival..

Screencap this anons.....

>> No.22652466

>>22650633
Nobody cares about your 600 Rupees, Paranjeet.

>> No.22652584

don't put any more money in a metamask wallet than you would in your pocket wallet. metamask wallets are not crypto savings accounts.

>> No.22652702

>>22649812
>>do a full system scan by Norton
FUCKING KEK

>> No.22652719

>>22652435
>newfag
I’m only 18 so what do you expect? I’ve only managed to save up something worth investing from the last 2 years of work

>> No.22652740

>>22652702
lmao

>> No.22652742

be careful out there. if you have big money in crypto then definitely get ledger hardware wallet. Do not store more than 50k per wallet. So if you have 200k get 4 ledgers to be safe and just store 50k on each to be safe.

>> No.22652772

>>22650849
Trezor one or trezor model T. Which is better?

>> No.22652900
File: 55 KB, 640x422, ducksalexjones.jpg [View same] [iqdb] [saucenao] [google]
22652900

>>22649812
Hate to say it but the play is (if you have the right coins/tokens) trade through Binance or another CEX to avoid the phishing, fees, and tx times then store in a HW wallet when done.

>> No.22653156

anyone who got free UNI the other day use some of the profits for a hardware wallet. you have it for life and you can live a little more at ease. if you're too greedy to spend <$100 to secure your funds, you're never going to make it.

>> No.22653402

>>22649850
>>22650179
>>22652396
I lost 1 BTC doing this. I just made it back recently.

>> No.22653421

Are autorun possible on Linux?

>> No.22653452

>>22653402
Literally would not have lost anything if I wasn’t fucking paranoid and just kept my shit in metamask

>> No.22653456

>>22649836
Kek

>> No.22653519

>>22650108
MarshviperX lives!

>> No.22653528

I'm holding Link, XRP, DOT, BAT, and now UNI. What wallet should I get?

>> No.22653533

>>22650719
>3. Get Keyscrambler
could you recommend one?
>6. Don't store your password in a txt file
why not? is spreadsheet better?

>4. Use a VPN
how does VPN help you?
>2. Get a firewall
is Macbook standard firewall sufficient?

>> No.22653540

>>22653421
no sir only tuk tuk runs are possible sir

>> No.22653620

>iPhone 11 Pro
>iOS 14
>24 digit device passcode
>MEW Wallet with 24word seed in safe
Pretty comfy. Looking for a good Bitcoin Wallet app that’s as trustworthy as MEW is for Ethereum.

>> No.22653642

>>22653533
iOS is far superior to MacOS in regards to security. That may change soon as Apple drops a Mac equipped with Apple Silicon.

>> No.22653843

>>22653540
why do you answer like a mongoloid?
What's tuck-tuck?

>> No.22654045

Guys I found the code being used in the phishing exploit op is talking about. Here it is:
>@ echo off
>echo "hello sirs I am a Nigerian prince and require met masks user password to secure my frozen accounts. I will return you one hundred cryptocoins. Please sirs, you are only remaining relative, not a phishing scams. Please deliver metamask to nigerian449 at gmail dot com. Many thanks sirs!"
>pause
Please, anons, I am begging you. If you somehow come across this evil phishing exploit, DO NOT run the file titled nigerian449.bat.

>> No.22654116

>>22649812
>I’m not sure if he was Larping
lol

>> No.22654155

>>22653528
a laptop running linux and a brain

>> No.22654232

>>22650018
>other than google chrome
have fun getting hacked

>> No.22654336

>>22654155
This. Linux or MacOS, since they are essentially the same thing. Then you can sleep at night.

>> No.22654491

>>22652742
>store 50k on each to be safe
I'm not going to split my eventual 3 million into 60 different hardware wallets.

>> No.22654537

>>22649812

You went over the top, get a fresh linux usb. Make an eth wallet and write down the key and address.

Memorize the key with multiple mnemonics and get rid of the paper. Brain wallet.

>> No.22654658

It's not that hard to have a hot wallet and a cold wallet where you keep all your money in the cold wallet and only have like $200 max floating on the hot wallet. I do not understand what is not to get about this.

>> No.22654666

>>22654658
Only plebs trade with 200$ max

>> No.22654683

>>22650393
bullshit, post proof of loss of millions from a trezor

>> No.22654700

>>22654658
I put 200 into risky shit coins that are probably rugpulls

>> No.22654762

Seriously, what can you do against RCE? Aside from not using a browser that is vulnerable/unpatched

>> No.22654831

Why the fuck doesnt Metamask have 2FA?

>> No.22654984

>>22650610
they're having a 20% off sale until the 21st FYI

this thread just inspired me to get another one

>> No.22655013

>>22653533

IS SPREADSHEET BETTER

Holy fuck, you imbecile.

The lower-tech the better, write that shit down and hide it in a creative place.

>> No.22655155

just dont click random links and use brain. Crypto safe.

>> No.22655177

imagine focusing your security from an entire network to a single point of failure hardware device. keep your keys safe and everything should be fine no?

I have a macbook just for trading btw, no keyloggers/etc because I never go on any other websites with it

>> No.22655403

>>22650514
T.nihilisticretard

>> No.22655418

What's the difference between Ledger X and S? Which one do you think is better?

>> No.22655527
File: 33 KB, 600x454, 1598513297981.jpg [View same] [iqdb] [saucenao] [google]
22655527

>>22649812
If you use Windows you can avoid 99% of viruses and worms by setting up a guest account on your computer with zero admin privileges. You then use this account for your day to day Internet usage, trading/cooming etc. Or just use Linux or macos if you're actually worried about security they are much less likely to be pwned (although still possible but most hackers don't bother because they are more difficult to write exploits for and they have such a small market share its just not worth their time)

>> No.22655597
File: 12 KB, 258x245, laughingpepe.jpg [View same] [iqdb] [saucenao] [google]
22655597

>>22655527
>If you use Windows you can avoid 99% of viruses and worms

>> No.22655720

>>22649836
Kek
And kinky

>> No.22655759

Should I install linux on my new laptop? Whats the advantage if my laptop is airgapped when i'm not using and I only use it to make trades and have nothing downloaded on it except for electrum, metamask and google chrome?

>> No.22655952

The absolute state of retards saying a paper wallet or a GODDAMN USB DRIVE would be better than a proper hardware wallet. The second you need to transfer anything out of your paper wallet, the private key will be exposed. A real hardware wallet, like trezor or ledger, NEVER EVER exposes your private key. It never leaves the device, the transaction will be signed on it. You can plug your hardware wallet into a computer full of malware, trojans, keyloggers, ransomware, whatever you can imagine, and your private keys will be completely safe. Try doing that with a regular usb drive and you're fucked.

>> No.22656068

>>22655952
People get stung from firmware updates on ledgers and tezors, very common.

>> No.22656255

>>22656068
That's why you have your seed phrase (which you store offline, separate from the device) and it doesn't matter if the wallet gets wiped clean. You can get one of those metal stamping kits and store the phrase that way if you're paranoid about fire or water damage etc. Boom, now you're more secure than with a paper wallet and have the convenience of Metamask (which you can connect to your hardware wallet).

>> No.22656284

>>22656255
Doesn't matter, if you install a fake firmware update, all your stuff is gone. However, it's easily avoidable by just not updating firmware.

>> No.22656299

>>22652367
The only right answer here, your in control of your own wallet and the raspberry pi is portable enough to take it anywhere.

>> No.22656380

>>22656284
How would it not matter? Aren't the seed phrases ultimate key to your wallet?

>> No.22656402

>>22650719
What about add blocker?!?!

>> No.22656491
File: 5 KB, 237x212, l.jpg [View same] [iqdb] [saucenao] [google]
22656491

>future of money

>> No.22656853

So what exactly is the danger the last OP posted about?
As long as there aren't any hardcore zero day browser exploits I don't see how you could get compromised if you keep your system clean.

>> No.22657341

>>22650719
don't use some weird variants of linux and never use windows and mac or smartphones for crypto
like this>>22652120

>> No.22657370

literally as i type i'm in the process of moving every substantial holding to an airlocked pc. more secure than any hardware wallet. they keys have never been online and could never have been seen by anyone, nothing is getting to my cryptos.

>> No.22657458

>>22654831
This

>> No.22657791

>use a macbook
>have a separate browser that you only use for metamask
>don't go on dodgy sites
That's like 99.99% of all problems solved right?

>> No.22657803

>>22649812
If you are infected the malware can steal your crypto duh. Nothing related to metamask directly

>> No.22657934

this thread and the last one are hard for me to read. does anyone even know wft wallets are anymore? it's an interface for accessing your crypto address. that's it. the arguments people make for this one or that one....bunch of retards. software wallets vs hardware wallets....the debate is meaningless. if you know the risks associated with either of them you can take steps to mitigate that risk. it's not as complicated as you all try to make it desu.