Malware is understood to be a type of computer program that was designed to infect the computer of a legitimate user, and in this way cause harm in various ways, some of which are in the form of viruses (Trojan worms, spyware, among others). It is very important that the user knows how to recognize them and how to protect themselves from malware in its different forms.

Every day there are more attacks by hackers towards the world of cryptocurrencies, the most recent being the discovery of a malware called KriptoCibule, which has achieved a lot of notoriety on the network. Investigations carried out by the cybersecurity firm ESET, which were the discoverers of this malicious agent, decided to call it a “triple threat” agent for cryptocurrencies because of its operation. This malicious agent works by installing an application using the victim’s hardware resources to steal their cryptocurrencies, attempts to hijack their wallet files and replaces the addresses of Bitcoin or Ethereum (or any other cryptocurrency that you have) on the clipboard, in order to hack transactions.

What to do about it?

Some experts point out some alternatives in this regard, for example, Tim Ismilyaev, who is CEO and founder of Mana Security, thinks the following: it does not seem possible to protect a crypto wallet, not defending the operating system itself, we see that KriptoCibule spreads through of malicious installers for cracked software and games.

Don’t install suspicious or unreliable programs

In addition to having an antivirus program, it is recommended not to install software or programs that are considered suspicious on our computer (that do not come from reliable sources) which is very common in piracy. The best thing is to buy original programs (pay money to the official developers), in this way we will be supporting them to improve the product we need every day, and we will be in a safer environment.

Another expert opinion on the matter, we get it from Dmytro Volkov, who is CTO of CEX.IO, he points out the following: an attack called man in the middle allows hackers to intercept and read data that are transferred, as well as, alter the packets that are sent by users.

Https protocol

The first and best known is the HTTPS protocol, which encrypts the data sent by the user. By connecting to the Internet through HTTPS, the user can be sure that they have accessed a real site and not a fake site. What criminals usually do is force the user to connect through an HTTP protocol (not secure), instead of the HTTPS protocol (which is secure). Users can only be forced to the “non-secure” protocol when they first connect, and only by the ISP, such as a home Internet service or a public Wi-Fi network.

Avoid non-certified browsers

Now with TOR (the browser for the Deep web), the exit node could also force an unsecured connection to the user, which is the node that connects to the Internet. Thus, by controlling the exit node, a cybercriminal has the same “middle man” attack capacity as the user’s Internet service provider or VPN. The anonymity of the TOR network generally tends to aggravate the latter situation

Now, if ISPs care about their reputation and work to prevent these types of attacks, with TOR no one risks anything. When a hacker “joins” in a connection, not only can he steal the data from our computer, but he can also change the address of the wallet to which the money is sent, so it is recommended preferably not to download files or talk to anyone while connected to the Deep web, remembering that our information there is much more vulnerable than anywhere else. If possible, it is recommended to “avoid” or “reduce” the use of the Deep Web.

Double authentication

It is important to remember that the username and password are never enough, because, in the chain of computer security, the most vulnerable link is always the weakest (in this case it is the human factor), in one way or another, a password can be compromised at some point, for this reason, it is recommended to always use double authentication systems, among the best known are Google Authenticator among others.

What do you think about this topic? Do you know any other security recommendations to protect your cryptocurrencies?

If you want more information about buying and selling cryptocurrencies you can contact us or write your query in the bottom part (comments section).

Image by Markus Spiske via under creative commons license.

Leave a Reply

Your email address will not be published.