Hello my fellow Steemians and Crypto investors,
The greatest fear of all Crypto Investors is a common one: To have their coins stolen by a hacker that has installed malware/keylogging software on their computing devices.
Smart, wealthy (relatively speaking), investors protect their coins in hardware wallets, which are the best, most secure option available. However, they are still expensive for most small time investors who have just starting investing in crypto currencies. If they are only investing $10 here and $20 there it makes no sense for them to buy a hardware wallet that is much more expensive than their total holdings. Also, they may not be available for shipping in the places where they live.
The usual way small time investors store these coins is within a third party exchange. This is both wrong and dangerous! You should never keep your coins in an exchange a second longer than it takes to trade them. Exchanges get hacked all the time, they go offline for various reasons and are subject to the laws and regulations of the countries they reside in, which means your coins could be frozen at the whim of politicians at any time.
Also most altcoins are not supported by hardware wallets. If the coin(s) you are betting on are not supported then you are out of luck.
Steem is particularly vulnerable
No Hardware Wallet currently supports Steem or Steem Dollars. The only thing keeping your funds safe are a set of long keys, impossible to remember, that eventually you have to copy and paste on your browser to transfer funds.
Any keylogging malware tracking your clipboard could easily transmit these keys over the internet. The use of a different key for posting mitigates this issue somewhat but eventually your will have to use your master or active key to transfer funds and, if you are infected, you will lose your funds fast! I’ve seen whales here on Steemit with many thousands, even millions of dollars, that are not aware of this issue and how unsafe their funds really are.
The solution
Until your favorite altcoin(s) are supported by hardware wallets you have to protect your computer from malware fiercely. You must keep your operating system updated, have good antivirus software installed and run anti malware software such as MalwareBytes at least once a week.
But this is not enough! Antivirus are not perfect, they can miss some of the malware available out there, and, keep in mind, all it takes is a single chance to steal your keys. If you want to be as safe as possible, you want to have all the software currently running on your computer be inspected by not one, but by more than 50 antivirus engines by doing what I’m about to explain below:
Process Explorer + VirusTotal.com, a match made in heaven!
The free website VirusTotal.com is super useful. You can submit files to it and it will run them against more than 50 of the top antivirus software currently available. If that file is infected, chances are the infection will be detected.
However, you likely have many hundreds of services and executable programs running on your PC at all times. Submitting them to VirusTotal.com one by one would be very time consuming an complicated for most users.
Introducing the free Process Explorer tool provided by Microsoft’s Systernals! This tool will automatically send the signatures of all processes on your PC to VirusTotal.com and let you know right away if any of them are infected by Malware.
When VirusTotal.com runs the files it gives them a "score" consisting of two numbers. The first tells you how many Antivirus engines reported the file as infected, the second, how many antivirus engines it was run against. The score looks similar to this "0/67" or "1/65".
Sometimes the first number would be 1 or 2 and that's fine. It usually means false positives returned by a small number of the antivirus software. However, when you see red scores where the first number is over 5, you can be almost certain the file is malicious and you have been infected by malware.
How to show VirusTotal Scores in Process Explorer
First download the tool from https://docs.microsoft.com/en-us/sysinternals/downloads/process-explorer
You will get a Zip file, decompress it to a Program Files folder or to a USB flash drive, yes, the tool is portable, you can run it from a USB flash drive, so cool! (If you don't know how to decompress a Zip file by now go ahead and move to Sentinel Island, you are a caveman and don't deserve living in this civilization :)
Right click on "procexp.exe" and select Run as administrator. The software needs elevated privileges to "see" everything that's running on your PC.
Activate VirusTotal checking as shown in the image above
Click Yes to agree to VirusTotal's Terms of Service
If the VirusTotal column doesn't show up add it by selecting it as shown in the image aboveIf you see scores in red where the first number is higher than 5 then you are infected. Submit the file to your antivirus company, kill that process right away and stop using the computer for crypto transfers until you are certain the infection has been detected and cleaned by your antivirus software.
Extracurricular activity:
Even though Process Explorer + VirusTotal.com will very likely detect most hidden malware running on your PC this process is not infallible. There’s some very advanced malware out there known as RootKits that can so deeply penetrate the defenses of your operating system, they won’t show up under the list of running processes in Process Explorer.
To be safe, you'd want to run a RootKit scanner such as this one provided for free from MalwareBytes to detect such craftily hidden pieces of software.
Make sure you download it, update it and run it at least once a week on your PC, or before you do any cryptocurrency transactions that involve copying and pasting of master keys.
Nothing is 100% secure. Get a Hardware Wallet!
If you follow these steps you will be safe against 99.99% of Malware out there. Your “house” will be among the most well protected in the neighborhood so hackers will likely just move on and attack other softer targets, which is what you want.
However, this still leaves software known as Zero Day Exploits. This is the kind of advanced software that Governments and Big Corporations buy for millions of dollars. There’s isn't any safe way to protect against them, antivirus won’t detect them at all. They may even be baked in in your operating system, courtesy of companies cooperating with government agencies, to provide them with friendly backdoors. But, don’t despair, you are not Edward Snowden, governments are not likely to spend millions of dollars and waste their Zero Day exploits on you so can relax :).
Though the steps provided in this article will protect you fairly well, you should still try to get a Hardware Wallet as soon as possible. They sign transactions in isolation from your computer so they are very safe. Also, support and press the developers of your favorite coins to provide Hardware Wallet compatibility so that their users are really safe from hackers stealing their coins.
Have you used Process Explorer before? Did you know you could activate a VirusTotal column in it?
Do you have other methods to protect your computer from hackers and malware that you want to share with the community?
Feel free to share your thoughts on this post with the Steemit community in the comments below!
What have you been doing this crypto winter?
Accumulating patiently like a professional hodler.
Panic selling like a hopeless noob.
If you answered 1, go ahead and download Crypto Millionaire from the link below. This app will help you diversify in a smart way, especially right now that' it's such a good time to buy the millionth of supply of top coins on the cheap.
If you answered 2, sell everything and become a pimp. It's the only way you will be able to keep selling bottoms, haha!
INVEST SMARTLY!
DOWNLOAD CRYPTO MILLIONAIRE from Google Play
CHECK OUT MY PREVIOUS POSTS:
Is Bitcoin Cash the Hallucigenia of Crypto? Do big blocks make sense?
How I'm using Bitcoin’s Lightning Network in the real (third) world!
My first experience ever with BITCOINS’s LIGHTNING NETWORK – PAINS and GLORY!
Discover your Crypto Portfolio Score and back it up with latest Crypto Millionaire updates
New Portfolio Diversification Score for Crypto Millionaire!
These new Crypto Millionaire filters will help you find the best ranked value coins
How to bring normies to Steemit in three easy steps
Quantum Doom for Crypto? It’s all FUD and here’s why
WOW! Crypto investing app hits #4 trending on Google Play Finance! Just below Paypal and Zelle!
"It's Been Dismal" - Gold Coin Sales Slump As 'Bugs' Bounce To Bitcoin
Why China (or governments) can’t stop crypto
Don't forget to tell the community what you think of this post in the comments below.
Follow me for updates news and commentary on "sane" crypto investing.
Happy crypto investing!
67.17
the 99 percent of hacks nowadays are not stolen through the system but the hackers mostly uses social engineering to victimized people and it's far more efficient and easy to those innocent people from being hacked because of phising technique used by a hacker, so it's very important not to click a link you don't trust and never fall for a money without any reason at all and ended up asking your passwords.
rule1. never give you password on sites you don't trust.
rule2. never forget rule number 1.
Best way o found to keep your coins safe is using bootable USB drives. Possibly linux. Boot it, use it and you are done. It starts with a fresh copy every time so no risk of infection. It has no RAM or storage.
It's a very good idea for advanced users but inconvenient. Unfortunately most people choose convenience over security. I hope more people would do what you describe. Thanks for the suggestion @mightypanda!
agree to that. I am lazy myself, a lot of my coins are on exchanges so i can sell them quickly when i see an opportunity. Part of the reason it, when you see a price pump, mostly the wallets for that coin go down or there is so much congestion that you will not be able to send it to exchange in time.
@cryptoeagle Resteemed this nice post. Thanks
Thanks @tanvirmahmudemon! Regards
Good one! I hadn't heard of this tool.
I will like this now, and keep it to read carefully when I have more time.
Seems like is it is full of interesting information.
@cryptoeagle Resteemed this nice post. Thanks
Thanks sir..Keep doing good work.....
please visit my blog
Excelente y información y muy util, gracias a ti encontre 4 viruz corriendo en mi pc que llevaban conmigo mucho tiempo, eso me sucedio por usar software con crack. saludos desde Cuba y gracias por la info.
Looks like a great tool! it's very scary how easy it is for people to get hacked
@cryptoeagle resteemed this post.
I would imagine that crypto currency based maleware will not be detected by any antivirus service. The crypto community is too small for the security devs to provide us with quick virus definitions.
Still a good idea to keep your computer as clean as possible obviously.
Hopefully hardware wallets will exist soon to give us all peace of mind.
Good information. I keep my steem in steemit but for the last week or so it has fallen dramatically. At first I thought it was market fluctuations, but no, the market came back, but my account value did not! Where is my money? I didn't have much, but was planning on buying steem, sure as hell aren't going to do that if it's just going to disappear! I lost about 25%-30% so far, even though I have consistently gotten upvotes and rewards. WTF?
Do you see any unauthorized transfer out of your account?
Thanks for the reply, no, I search on steemd and can't find anything out of the ordinary. I did a page that's supposed to report any downvotes and it didn't find any. Steem is back up, but my account isn't.
It's very disheartening to see it wither away for no obvious reason.
I was at around 10.50 about 10 days ago and now it's below 8.50 and falling...even though I am getting some rewards and such. It'll go up a couple of cents, then loose 20 before the day is out. I have been in about three months and it always fluctuates a few cents, but goes up as I get votes and such, not any longer though.
I know this is little money, but I had aspirations and have put a lot of time into it. I was planning on buying steem when it was low, but that would be foolish the way it's going. At this rate, if I had 1000 I would have lost 250 or so.
Folks say just keep posting and you'll get there, but if things keep going I'll owe them!
I accidentally double posted one post and post two "introduce yourself" posts...but that's the only things I can find that I might be getting fined for. I might have commented on a couple of semi controversial posts, but haven't ruffled any feathers that I know of.....it did seem to happen right after I posted about steemit and self regulation, but that's nothing.
I welcome any advise. Heeeellllp!
Been listening lately from friends about things like these. Hopefully there's no shenanigans going on with Steemit itself
awesome tutorial :o no i didn't use process explorer before. i have window 10 antivirus is built except that should i install any antivirus like this one you told us? because i'm not using any method to protect my pc :(
resteemed mare and more people get aware
Great post.
So important for any investor.
I can fully agree with your mentioned points.
I will buy a hardware wallet in the near future
To be honest I didn't know that Im so vulnerable.I thought that wallets are somehow secured.I never type my passwords since they are too long.All I do is copy-paste them.I thought Im preety safe since I never allow my browser to remember my passwords.I guess I was wrong :/(what about those mobile wallets which you can have on your phone?)
Thanks sir for your valuable post.
Resteem done.
@cryptoeagle Thanks for share this important topic. Reateemed this post.
Hey man just wanted to say thanks for always supporting my blog.
My pleasure! Your topics are very similar to mine and I always like supporting other creators who write about Crypto. Best regards @hotsauceislethal
Commenting so i can easily trace back to this post in future.. Great info.
wallets run on the cloud and are accessible from any computing device in any location. While they are more convenient to access, online wallets store your private keys online and are controlled by a third party which makes them more vulnerable to hacking attacks and theft.. Thank you for your information. It could be very useful. I think this post should be read by all steemians. So i have resteemed, so that more people could be know about this important informations.
Thanks Faiyaz
I'm extremely sorry sir. I just forgot to resteemed your post. Now I have done it. Please be kind to me.
You are always most welcome sir. Further I would not do this such of fault.
Thanks Thanks And thakns . Thanks for share this important topic. This post help me a lot . Thanks for share this . Nice work @cryptoeagle. Reateemed this important post .
Steem Power is a good store though. Even if your account is compromised as long as it isn't the master password then you can stop chances to steal steem power. It takes a full week for them to extract 1/13th of the steem power. If the power down is not stopped. This does offer some security that doesn't exist elsewhere. However, with liquid steem and steem dollars you are absolutely correct. That is vulnerable if your keys are compromised.
why should we trust it?
How do I know that it won't steal my keys itself?
I like you Mickey haha, defiant, free thinking, untrusty and independent! If only all people were like you!
You should not trust this software either. I know it's made and signed by Microsoft, downloaded from a Microsoft certified website, I have also ran it against VirusTotal.com. I would say I'm 99.99% certain the software is safe and go with those odds, but, like yourself I don't entirely trust anything.
In computing, at least until security is not managed entirely through blockchains, nothing is 100% safe. The best hackers out there have scotch tape on their webcams.... they don't trust their own computers haha
scotch tape?
fools
I have duct tape..the lens is faceing the wall
turned around AWAY from me
and it's got a coffee cup covering it.
Time to check those stealthy processes running on your pc after the porn visits hehe
do what?
That's right, friend. You can not stop things like cryptocurrencies. It will be everywhere and the world will have to readjust itself. We have decided to put our money and our faith into a mathematical structure that is free from human or political mistakes.
Very good and interesting information friend great job thank you for sharing with us greetings and success
Is our steemit wallet is safe or not?
I am holding my 185 sbd's in steemit!
Read the article. They are not safe if you are not doing this before you put your keys on your browser.
Okay bro reading the article
Is a hardware wallet even possible for steem?
I have already installed Avast Premier. It is a great tool for cleaning viruses and also takes care of online browsing.
Thanks for this valuable post though! Resteemed
What about the malware Avast Premier misses?
Thanks a lot dude! ( I am assuming of course, sorry if I got it wrong) Those were some great tips and easy to execute. Tried to upvote but I guess it's too late.
Dude here, glad to hear you found this information useful. Be safe! regards
I appreciate the article but aren't you limited to the amount of steem power that week since it takes time to power down. I know if you leave your account inactive you would be very vulnerable but if you are on daily or weekly wouldn't you be limited to that amount you could loose?
interesting post. but from what I know our funds are very safe if we powered up with steem. noone can touch them without powering down.
I don't want to lose all my coins lol. I'm pretty sure you're gonna help a lot of people with this post! Upvoted and I hope it will reach a lot of steemians.
Coins mentioned in post:
I have also invested some money in crypto. It should take the money out. Or is the solution to be safe.
quiet informative, will make myself upto the mark man, keep it up 😊
Great post dude, will do it ^^
Ah ... They can't steal much from me :)
What if Steem pumps to a $1000 in one of two years?
I have Macbook Air, so would the same process work on IOS supporting device's. Thanks for your effort.
Wow! thaks for the info
@cryptoeagle important topic thanks for share this.
interesting post like it and upvoted.
To add to it, try and be careful with the sites yOu visit, visit only trusted site.
Use lOng, mixed and unpredicted password..
At least yOu will be guarrante 99% safety...
Great & Helpful post. Thanks @cryptoeagle
I dnt hv any types of experience about this news.. Is it really true?? sir @crytoeagle.. can u tell me the details?.👌
That's a wonderful information.i appreciate your Every news Share...
You got a 5.67% upvote from @postpromoter courtesy of @cryptoeagle!
Want to promote your posts too? Check out the Steem Bot Tracker website for more info. If you would like to support the development of @postpromoter and the bot tracker please vote for @yabapmatt for witness!