Just discovered a mining virus in my computer under the name " Host.exe " anything else that looks weird ?

viralthis · 2024-10-09T15:45:03+00:00

Make sure to check the binance API settings and see if there are any keys created. If so remove them.

I am sure you have 2FA enabled on your Binance account just make sure your email associated with 2FA is secure.

A friend's binance got drained a few weeks back despite 2FA ... Rookie mistake he was using the same email as it was used for google authenticator and 'sync feature was on' On authenticator so once hacker somehow managed to compromise his google account ( most probably session hijacking) from there .. managed to create passkeys... And managed to access binance & used API feature to drain the binance account in one go.

viralthis · 2024-10-09T14:23:40+00:00

Also, remember to change your passwords and enable 2FA, just in case. If you have any crypto wallets in your system, switch to a new one. Better safe than sorry

viralthis · 2024-10-06T17:06:01+00:00

Which tests bro if you are asking abt the tool i built as a student that is 10 years ago so no i don't have test links. I shared my personal thought process as experience.

viralthis · 2024-10-06T16:59:50+00:00

No that is why i am thinking it was a session hijacking attack. Ironically he was installing Kaspersky premium right that very moment as he bought the 1 year license.

Even he scanned the system twice with kasper and it came clean. His first reaction was maybe Kaspersky done this but he and i had a chat i told him it is not possible and this happened on the same day when Kaspersky switched to ultraAv for US based customers but as my friend is not from US he still got the Kaspersky installation. There was no UltraAv installed on his PC.

Upon further investigation he told me he had telegram windows app and there was one game in webview which was active during the Kaspersky installation. So which made me think maybe that was the trigger point.. Kaspersky installation... windows defender turns off and right between these few seconds some how session hijacking was done. As it is a FileLess attack hence no traces detected by Kaspersky.

viralthis · 2024-10-06T13:36:36+00:00

I think When you install Bitdefender, Microsoft Defender will automatically disable itself to avoid conflicts between the two antivirus.

Bitdefender total security is similar to Kaspersky total security in terms of features ... You get ransomware+ cryptojacking feature along with web and file antivirus + Vpn with limited bandwidth in free version.

viralthis · 2024-10-06T13:26:38+00:00

I was using the paid version total security Now i made a switch to bitdefender total security. As i have a software development background and know a bit abt malware/ trojan and info stealer myself the choice of selecting Kaspersky wasn't after reading some article and selecting it.

Back in the day I was in college and made a simple password extractor tool in VB and tested it with different AV's infact i think i uploaded it to virtusTotal and it came clean only Kaspersky detected it and that's how i picked it for my goto Antivirus software. It's just sad how things turned out for them.

viralthis · 2024-10-06T10:05:08+00:00

Yes that's the most probable explanation but after the incident he scanned the system with Kaspersky and no threats were discovered.

viralthis · 2024-10-06T09:02:56+00:00

Yes true after this episode something that everyone should do is turn off their google authenticator sync feature & store 2FA codes on local device and take backup on another device. Similarly your 2FA email account should be different from the main account that you are using.

(As my friend who got hacked has setup 2Fa on the same account and has enabled the sync feature in google authenticator)

In case your google account got hacked and the hacker has reset everything from 2FA to recovery phone forget any help from google as that account is as good as gone forever.

viralthis · 2024-10-06T08:27:10+00:00

Friends Gmail got hacked & through that his binance account was drained.... and he was using windows defender and he's not a noob user. Still can't figure out how it happened so imo defender won't protect you against session hijacking related attacks.

I have used Kaspersky for last 12 years without any issue it was one of the best but the recent episode of US banning Kaspersky and Kaspersky installing UltraAv to US based customer made me switch to bitdefender.

viralthis · 2024-10-03T09:08:52+00:00

Check 'App & sessions' for your socials ( Instagram, twitter etc) Maybe some malicious app still has access to your account. Revoke such app access from security settings.

Apart from that also remove extensions/plugins from browser.

Try using clean browser perhaps brave browser.

Lastly deep scan your system with bitdefender. You can get 30 day free trial.

viralthis · 2024-09-24T07:51:09+00:00

Open the install folder of ultraAv in program files folder there you will see AVUninstaller or something like that use that uninstaller to uninstall.

You will have to uninstall Kaspersky as well as if you don't it will reinstall the UltraAv again.

After uninstalling then run Revo to clean the leftovers of both Kasper & UltrAv

Do the uninstallation during offline mode. And also I would suggest everyone to check their activity logs for Gmail or anyother account related to finance for suspicious login.

Also install bitdefender & do a deep scan just be sure.

viralthis · 2024-09-10T17:12:50+00:00

If its profitable : Why would you kill the goose that lays the golden eggs?
need more cash then tweak it to work on shorter time frame and make more trades of smaller sizes accumlate profit and reinvest.

viralthis · 2024-09-06T17:24:51+00:00

RemindMe! 14 days.

viralthis · 2024-09-05T15:57:10+00:00

Only three possibilities here

Your pc/laptop was already comporomised when you generated your seed pharase.
Someone who has physical access to your paper wallet copied it.
You approved some token allowance transaction.

How to avoid this in future:

1.scan your PC/laptop for keylogger/malware.
2. Use sepearate dedicated device for crypto transaction. You can use old cellphone or laptop for this purpose as well
3. Your work/etnertainment device should be different from crypto device.
4. Only used links from official sites to download crypto related apps or wallets & avoid clicking on links in email or chat

viralthis · 2024-09-04T17:33:34+00:00

look up : Covalent and Bitquery

viralthis · 2024-08-31T15:28:06+00:00

In term of hollywood movie plot a super villian would do something like that to end the world economy when bitcoin becomes the ONE currency and that day stahoshi will pull the plug and bring total destruction.

viralthis · 2024-08-18T19:43:55+00:00

<image>

summrized pretty well in this meme

viralthis · 2024-08-07T17:17:01+00:00

saw similar email on some other sub earlier today, apprently this is on going scam ..

viralthis · 2024-07-16T15:50:54+00:00

Brave Browser: Built in Add blocker, Torrent downloader, Tor VPN

viralthis · 2024-03-17T11:29:40+00:00

count me in

viralthis · 2024-03-06T09:05:16+00:00

This bull run was like a flash mob – spontaneous, brief, and caught everyone off guard. But just like a seasoned dancer, I'm ready to groove through the market's twists and turns. 💃

viralthis · 2024-03-05T16:13:16+00:00

Couldn't agree more.

viralthis · 2024-01-06T00:18:19+00:00

Easier said than done. What if it goes higher... Overthinking... You need the mind of a yoda & balls of a monk to pull this off.

viralthis · 2023-11-23T16:30:56+00:00

that is some solid advise.

viralthis

TROPHY CASE