Maybe don’t install shady crypto extensions next time. Or don’t log into your wallet in public WiFi just so you can accidentally show off to the person sitting behind you at Starbucks.
Quite often it’s another payload that installed the browser extension on the user’s host.
SEO poisoning or malicious adverts, for instance posing as legitimate tools like FileZilla etc, leads to a malicious payload (loader, RAT, etc) that in turn downloads and installs the malicious browser extension.
Install adblockers. Genuinely. It’s insane how many adverts on Google and Bing etc are straight up malicious. It’s been a problem for years now.
While this is good advice, as the local ButtcoinMaximalist(tm, OG do not steal) I think this is only pleb protection, you know for the normal people. Butters should do more, be your own bank as they say. So clearly it is ops own fault that he lost his money, he should have setup a IDS which should have warned his SOC that something was wrong and then they should have taken action. Be your own bank! ;)
But yeah it is amazing how a standard bank protection like ‘it is not possible to transfer huge amounts of cash/assets without additional checks and balances’ would simply stop most of this crime. But that requires centralization. (Google is also bad, and getting worse, I now double check download urls for tools via secondary sources and half the time also virustotal the exe files. But im paranoid).
But crypto is centralized XD
Who pushes the commits? Who builds the binaries?
The ledger may be distributed but it’s still all controlled by a centralized entity - the developers.
Developers with even less oversight than the democratic/economic process. It gets worse when you take into account the people running all the servers/miners etc.
Maybe don’t install shady crypto extensions next time. Or don’t log into your wallet in public WiFi just so you can accidentally show off to the person sitting behind you at Starbucks.
Quite often it’s another payload that installed the browser extension on the user’s host.
SEO poisoning or malicious adverts, for instance posing as legitimate tools like FileZilla etc, leads to a malicious payload (loader, RAT, etc) that in turn downloads and installs the malicious browser extension.
Install adblockers. Genuinely. It’s insane how many adverts on Google and Bing etc are straight up malicious. It’s been a problem for years now.
While this is good advice, as the local ButtcoinMaximalist(tm, OG do not steal) I think this is only pleb protection, you know for the normal people. Butters should do more, be your own bank as they say. So clearly it is ops own fault that he lost his money, he should have setup a IDS which should have warned his SOC that something was wrong and then they should have taken action. Be your own bank! ;)
But yeah it is amazing how a standard bank protection like ‘it is not possible to transfer huge amounts of cash/assets without additional checks and balances’ would simply stop most of this crime. But that requires centralization. (Google is also bad, and getting worse, I now double check download urls for tools via secondary sources and half the time also virustotal the exe files. But im paranoid).
But crypto is centralized XD Who pushes the commits? Who builds the binaries? The ledger may be distributed but it’s still all controlled by a centralized entity - the developers.
Developers with even less oversight than the democratic/economic process. It gets worse when you take into account the people running all the servers/miners etc.