10jbp10 Posted August 1, 2021 #1 Posted August 1, 2021 Making this thread because I saw a user claiming to have lost 60k due to someone RATTing their PC in chat. (Enables them to see everything they are doing on their computer) How to avoid having your Crypto stolen by hackers (For Windows Users)! Will make a MAC Users guide if you want. LMK. There are multiple ways of having your Cryptocurrency stolen. Malware such as RATs or Remote Administration Tools are a prevalent way. These are the basics of what you should know about keeping your Cryptocurrency on Stake safe. 2FA enabled. This will stop them from being able to Withdraw any Crypto without access to your Google Authenticator App. You must make sure your phone/email account connected to it are Secure, though, or you could be in for a massive headache. Just this alone can save you a lot of money. The next thing I want to suggest is to never fall for phishing scams. This is when someone pretending to be stake sends you an email or even a Discord message or anything saying that you have won something (like the 5k raffle giveaway) and gives you a malicious link (that looks like Stake.com, but is really STCKE.COM). Never click links without knowing for sure that it is from Stakes official emails! The same goes for downloading files. You should have an anti-virus on your PC. Or, at the very least, have an anti-malware scanner on your PC. I suggest Malwarebytes (even the free version is good). What I like to do is when first installing things on my OS, go to Ninite.com. It will download all of your essentials in one download instead of multiple. You will see Malwarebytes and other Free Antivirus products that you can download from there. Windows Defender is usually not very good at finding Malware. Avast is a decent free anti-virus solution too. Never download files from untrusted sources. If you do, immediately scan it on virustotal.org or using your Malwarebytes/Anti-Virus product. What do you do if you suspect that you have a RAT or a hacker that is on your PC? You need download Malwarebytes and RKILL and ADWCLEANER immediately. Links to those on the bottom of this post. Then turn off your internet connection. You need to scan your PC and get rid of the files instantly. RKILL would be the first one I would suggest running. You will need to run RKILL as an Administrator (Right-click on the downloaded file, then select Run As Administrator). It will scan all of your PC processes and immediately terminate any suspicious or unsafe processes. After this happens, you will be asked to restart your PC. I just leave that window open and then open Malwarebytes and perform a full scan. You will find some threats if you have a RATTed PC. You need to remove them after the scan has concluded. Then you restart your PC. You should be safe now. But I highly advise you to Reformat your SSD and reinstall Windows if you see anything acting strangely after this point in time. Make sure you select Scan for rootkits on this screen when you scan with Malwarebytes. This is in the Custom Scan option. For safety measures, you should also Download ADWCLEANER (Like Malwarebytes for Adware) and it takes much less time to complete the scan than Malwarebytes does. The next thing I recommend is checking what is in your Startup Queue. You can do this by pressing the Windows Key + R at the same time and a Run box will show up and then you type in MSCONFIG. A system configuration window will pop up and you will see a ‘Startup’ tab. Select that and you will see all of the processes that are queued to start when you first turn on your computer. It may take you to a screen that says Open Task Manager to do this. Click on that. Then filter the tab by Status. Disable all unknown programs. You can speed up your PC boot-up time by disabling some of these too. Once finished scanning... Next, you should delete/reinstall whatever browser you were using. So for example, if you were using Google Chrome as your primary internet browser, I would suggest reinstalling it. You would want to go to your Settings on your PC (Quick way to launch this is Windows Key + i at the same time -> Apps -> Where it says Search this list, type in Google Chrome and uninstall all versions that you see.) Then use Microsoft Edge or whatever browser you can use to download Chrome again. I also highly suggest installing the extensions uBlock origin and the ClickNClean extension once you launch Chrome again from the Web Store.)) I would change all of my passwords at this point. Also try to find a way to log out of all current sessions on whatever you were logged in with. If something you see on the computer sounds too good to be true, it typically is. To be super safe, i'd recommend changing your passwords from a different device that you are completely confident was not infected by this virus. TLDR: If you suspect your PC has a RAT then you need to download RKILL and Malwarebytes and ADWCLEANER immediately. Once those are downloaded, you should turn off your Internet (closes their connection to your PC) and then open RKILL as an administrator - do this by Right-clicking on RKILL and selecting Run as Administrator. This will scan all of your open processes and attempt to terminate any suspicious ones. Then you open Malwarebytes and scan with that. After Malwarebytes scan is finished, open ADWCLEANER and do a scan with that too. Then you restart your PC. Should be good after that, but if it was a much more complicated RAT and you see your PC acting strangely shortly after again, you should reformat your SSD/HDD and reinstall Windows. Very useful links: https://www.malwarebytes.com/mwb-download https://www.malwarebytes.com/adwcleaner https://www.bleepingcomputer.com/download/rkill/ https://ninite.com/ https://m.majorgeeks.com/mg/sortname/anti_spyware.html ^ Link 5 will sort you through all of the different types of Viruses and tools out there to combat them. Sort them through Popularity is my suggestion. Also, there is Malware that utilizes a copy and paste technique to get you to copy and paste their Crypto address when you try to copy and paste. So always be sure that what you are seeing when you copy and paste and attempt to withdraw is the actual address of YOUR wallet. Another thing that suggests that your PC may be infected with something is when the Time and Date are not correct/unsynced. Always worth a scan with Malwarebytes if you see that. Any suggestions to improve these quickly compiled thoughts or organize them are welcomed. I will edit this later to improve it. *Please make sure your email connected with your Stake account is always secured/has 2FA and is enabled to SMS text you whenever a unrecognized device attempts to log in. This will save you a lot of money. *If it is a large amount of Crypto in your Stake account, I really recommend withdrawing to your private wallet (such as Exodus) after each Session. You just never know. To avoid fees i'd use LTC or XRP. *You can also Download Malwarebytes on your Phone (Android for me, not sure on iOS)
ByteMeTwice Posted August 5, 2021 #2 Posted August 5, 2021 Just one suggestion to add: If Stake could automatically log out people once the player has closed the browser after play .. My current session is approximately 14 days & counting until I manually sign out of my account.. I'm sure this wouldn't be too difficult to implement & apologies if already in progress
Optimost Posted August 5, 2021 #4 Posted August 5, 2021 Thank you for sharing this tips and ideas it is very helpful.
Mariejone24 Posted August 7, 2021 #5 Posted August 7, 2021 Very Well Said! Thank You For Sharing Tips ❤️
Galap Posted August 14, 2021 #8 Posted August 14, 2021 I can vouch for MBAM and RKILL, great software. Nice post!
Inkmom70 Posted August 18, 2021 #9 Posted August 18, 2021 Scary that this could even happen! Thank you!!
markcariaso04 Posted August 19, 2021 #10 Posted August 19, 2021 be careful next time always check always
tristay01 Posted September 1, 2021 #11 Posted September 1, 2021 On 8/1/2021 at 4:38 PM, 10jbp10 said: Making this thread because I saw a user claiming to have lost 60k due to someone RATTing their PC in chat. (Enables them to see everything they are doing on their computer) How to avoid having your Crypto stolen by hackers (For Windows Users)! Will make a MAC Users guide if you want. LMK. There are multiple ways of having your Cryptocurrency stolen. Malware such as RATs or Remote Administration Tools are a prevalent way. These are the basics of what you should know about keeping your Cryptocurrency on Stake safe. 2FA enabled. This will stop them from being able to Withdraw any Crypto without access to your Google Authenticator App. You must make sure your phone/email account connected to it are Secure, though, or you could be in for a massive headache. Just this alone can save you a lot of money. The next thing I want to suggest is to never fall for phishing scams. This is when someone pretending to be stake sends you an email or even a Discord message or anything saying that you have won something (like the 5k raffle giveaway) and gives you a malicious link (that looks like Stake.com, but is really STCKE.COM). Never click links without knowing for sure that it is from Stakes official emails! The same goes for downloading files. You should have an anti-virus on your PC. Or, at the very least, have an anti-malware scanner on your PC. I suggest Malwarebytes (even the free version is good). What I like to do is when first installing things on my OS, go to Ninite.com. It will download all of your essentials in one download instead of multiple. You will see Malwarebytes and other Free Antivirus products that you can download from there. Windows Defender is usually not very good at finding Malware. Avast is a decent free anti-virus solution too. Never download files from untrusted sources. If you do, immediately scan it on virustotal.org or using your Malwarebytes/Anti-Virus product. What do you do if you suspect that you have a RAT or a hacker that is on your PC? You need download Malwarebytes and RKILL and ADWCLEANER immediately. Links to those on the bottom of this post. Then turn off your internet connection. You need to scan your PC and get rid of the files instantly. RKILL would be the first one I would suggest running. You will need to run RKILL as an Administrator (Right-click on the downloaded file, then select Run As Administrator). It will scan all of your PC processes and immediately terminate any suspicious or unsafe processes. After this happens, you will be asked to restart your PC. I just leave that window open and then open Malwarebytes and perform a full scan. You will find some threats if you have a RATTed PC. You need to remove them after the scan has concluded. Then you restart your PC. You should be safe now. But I highly advise you to Reformat your SSD and reinstall Windows if you see anything acting strangely after this point in time. Make sure you select Scan for rootkits on this screen when you scan with Malwarebytes. This is in the Custom Scan option. For safety measures, you should also Download ADWCLEANER (Like Malwarebytes for Adware) and it takes much less time to complete the scan than Malwarebytes does. The next thing I recommend is checking what is in your Startup Queue. You can do this by pressing the Windows Key + R at the same time and a Run box will show up and then you type in MSCONFIG. A system configuration window will pop up and you will see a ‘Startup’ tab. Select that and you will see all of the processes that are queued to start when you first turn on your computer. It may take you to a screen that says Open Task Manager to do this. Click on that. Then filter the tab by Status. Disable all unknown programs. You can speed up your PC boot-up time by disabling some of these too. Once finished scanning... Next, you should delete/reinstall whatever browser you were using. So for example, if you were using Google Chrome as your primary internet browser, I would suggest reinstalling it. You would want to go to your Settings on your PC (Quick way to launch this is Windows Key + i at the same time -> Apps -> Where it says Search this list, type in Google Chrome and uninstall all versions that you see.) Then use Microsoft Edge or whatever browser you can use to download Chrome again. I also highly suggest installing the extensions uBlock origin and the ClickNClean extension once you launch Chrome again from the Web Store.)) I would change all of my passwords at this point. Also try to find a way to log out of all current sessions on whatever you were logged in with. If something you see on the computer sounds too good to be true, it typically is. To be super safe, i'd recommend changing your passwords from a different device that you are completely confident was not infected by this virus. TLDR: If you suspect your PC has a RAT then you need to download RKILL and Malwarebytes and ADWCLEANER immediately. Once those are downloaded, you should turn off your Internet (closes their connection to your PC) and then open RKILL as an administrator - do this by Right-clicking on RKILL and selecting Run as Administrator. This will scan all of your open processes and attempt to terminate any suspicious ones. Then you open Malwarebytes and scan with that. After Malwarebytes scan is finished, open ADWCLEANER and do a scan with that too. Then you restart your PC. Should be good after that, but if it was a much more complicated RAT and you see your PC acting strangely shortly after again, you should reformat your SSD/HDD and reinstall Windows. Very useful links: https://www.malwarebytes.com/mwb-download https://www.malwarebytes.com/adwcleaner https://www.bleepingcomputer.com/download/rkill/ https://ninite.com/ https://m.majorgeeks.com/mg/sortname/anti_spyware.html ^ Link 5 will sort you through all of the different types of Viruses and tools out there to combat them. Sort them through Popularity is my suggestion. Also, there is Malware that utilizes a copy and paste technique to get you to copy and paste their Crypto address when you try to copy and paste. So always be sure that what you are seeing when you copy and paste and attempt to withdraw is the actual address of YOUR wallet. Another thing that suggests that your PC may be infected with something is when the Time and Date are not correct/unsynced. Always worth a scan with Malwarebytes if you see that. Any suggestions to improve these quickly compiled thoughts or organize them are welcomed. I will edit this later to improve it. *Please make sure your email connected with your Stake account is always secured/has 2FA and is enabled to SMS text you whenever a unrecognized device attempts to log in. This will save you a lot of money. *If it is a large amount of Crypto in your Stake account, I really recommend withdrawing to your private wallet (such as Exodus) after each Session. You just never know. To avoid fees i'd use LTC or XRP. *You can also Download Malwarebytes on your Phone (Android for me, not sure on iOS) This is cool of you to post!!
Featured Comment
Archived
This topic is now archived and is closed to further replies.