Please visit my sponsors, i need them more than ever now. Thank you.
I fell for this one for the second damn time!
What happens is that if you copy an address into your cache memory, and then paste it, the address that gets pasted is not the one you copied. It's one under control of a malicious actor. As you can imagine, if the paste you do is in the field for the destination address when you're trying to send coin from one wallet to another. Or when you're trying, like i was, to send bch to Coinflex following the instructions in Jane's article.
I thought i was making a mistake, which turned out to be true but not as i thought it was.
I was really dead tired at that time and thought I'd done it the wrong way around, that i should've sent it to the metamask in bch normal network and then to coinflex through the 20network. So the bch disappearing and not ending up where i expected them wasn't unexpected. But, working with coinflex support through chat it became clear that when i posted a wallet address it wasn't my wallet address. (as in, i sent it from THIS wallet to THAT address, can you check if i done something stupid setting up the account or something?)
She kept looking and oddly enough a transaction with the same amount i had sent out had come into that wallet at around the same time.
Well turned out that i was pasting the address of the scammer's wallet into the chat when i had copied and thought was pasting my own wallet's address here on the site.
How i got the malware, where it resided, if i still have it and how to recognize?
That is a good question. I immediately shut down my system and then fired it back up from my h4ckst1ck (boots in either Parrot or Lubuntu) to make sure i could write up this warning to all y'all asap and hoping to prevent other people losing bch this way.
It cannot have come from any other sources than:
Or perhaps Cointree
Only thing that was picked up in the antivirus/malware scan i ran on the pc is a wincp.lnk file so I'm betting the malware is still on the machine but not detected by antiviruses and malware finders.
I'll be taking the following precautions from now on:
When transferring or in any way handling crypto's I'll be booting into Linux from a USB stick that saves nothing each time you shutdown. That way no malware can infect it for more than one session, if at all with Linux being more secure imho.
I'll also be copying an address, then pasting it in a notepad, checking if it is the same address, then pasting it in the field for the destination address and checking if it is the right address once again before clicking the submit button.
I must have been Adolf, Losif (Dzhugashvili) AND Mao in a previous life to deserve karma like this.
Which would be very strange indeed because they all lived at the same time for a while! But it seems every time i make progress and have a positive outlook to look forward to, getting things moving forward, something shit like this happens to me.
I had to tell my son this morning about this coming weekend that the game (treasure hunt) we were supposed to be going to play couldn't happen. The fee for the entrance tickets and the documents with hints and so on for the game cost €30.= which i now don't have to spare.
Never mind the repairs to my scooter that i now have to postpone. Even though without scooter I'll be back in my social isolation but i can live with that, I've done so before, but disappointing my son... that really gets me in the gut!
So watch out when pasting addresses to send coin to.
The address you paste might not be the one you copied. Even the CTRL-C CTRL-V isn't safe any more. What's the world coming to!!
Stay safe, and stay happy.
Huh? Didn't know that could happen. 😦 Sorry to hear that. At least now more people are also aware after reading this.