Search content
Sort by
Showing 20 of 171 results by whotookmycrypto
Re: Be careful of mobile wallets that holds private keys
Haven't heard of them but the Monero subreddit has this to say about them:
Sauce: https://www.reddit.com/r/monero/wiki/avoid/
Quote
Mobile Wallets
Do not use the following wallet(s).
Freewallet Please read through the many threads out there regarding Freewallet, and the selective scam that it plays on its unsuspecting users: https://redd.it/6gtrmd, https://redd.it/6gvere, https://redd.it/5m1jzc, https://redd.it/6ldf8y.
Do not use the following wallet(s).
Freewallet Please read through the many threads out there regarding Freewallet, and the selective scam that it plays on its unsuspecting users: https://redd.it/6gtrmd, https://redd.it/6gvere, https://redd.it/5m1jzc, https://redd.it/6ldf8y.
Sauce: https://www.reddit.com/r/monero/wiki/avoid/
A great reminder. The scammers are coming once again. See tweet below for an indication of what they are getting paid ...
Read the thread here: https://twitter.com/aantonop/status/1141634217945849857
Read the thread here: https://twitter.com/aantonop/status/1141634217945849857
⭐ Merited by JayJuanGee (1)
Duckduckgo has a great article on living without Google: https://spreadprivacy.com/how-to-remove-google/
Also, for those concerned about privacy when using Bitcoin, this is a very good read: https://en.bitcoin.it/wiki/Privacy
Also, for those concerned about privacy when using Bitcoin, this is a very good read: https://en.bitcoin.it/wiki/Privacy
Re: I want to post my articles on some big reputable new websites
⭐ Merited by dbshck (2)
You're right, it's hard to get my articles published there, I did contact a writer on CCN, but then he gave me the wrong link. It was like my article couldn't be posted on the main website but on the other side, not on CCN.
May not be the best idea to post on CCN?
https://www.ccn.com/ccn-is-shutting-down-after-googles-june-2019-core-update/
⭐ Merited by TMAN (10)
1) If ledger goes out of business or offline, you can always recover your funds on a compatible wallet. What is a compatible wallet? See this: https://support.ledger.com/hc/en-us/articles/115005297709-On-which-wallet-can-I-restore-my-wallet-if-I-lose-my-Ledger-device
Note that they do not indicate Trezor as a compatible wallet but it is. Have tried restoring from Trezor and it works.
2) is ledger a good choice? Personally use it and have no complaints so far. Not sure why there are so many complaints on Reddit though...
3) can it have bugs? Yeap, hence the need to keep track of updates.
Note that they do not indicate Trezor as a compatible wallet but it is. Have tried restoring from Trezor and it works.
2) is ledger a good choice? Personally use it and have no complaints so far. Not sure why there are so many complaints on Reddit though...
3) can it have bugs? Yeap, hence the need to keep track of updates.
Re: Guide to creating watch only wallets on Desktop, Android and iPhone
Nice guide, you even mention risks of exposed xpub and private key generated from the xpub 
You might want to mention Ledger/Trezor user also can use any software besides "official" software to make watch-only wallet.
You might want to mention Ledger/Trezor user also can use any software besides "official" software to make watch-only wallet.
Thanks for the comments @ETFbitcoin. Yes, that part wasn't clear and would try to find where best to incorporate that. Thanks.
You can use Electrum in your Android phone as well, which is more reliable than sentinel (in my opinion)
Nice guide.
Nice guide.
Thanks for highlighting that @bitmover. Hadn't realized Electrum was on Android too!
Guide to creating watch only wallets on Desktop, Android and iPhone
Hey all, we wrote a guide on how to create watch only wallets on Desktops, Android phones, and iPhones.
https://whotookmycrypto.com/watch-only-wallets/
In summary, if you are a Ledger wallet user, you are in luck as they offer options on all platforms (mobile phones and desktops) for creating watch only wallets. If you use other wallets, you may need to consider other options:
1) Desktop -> Electrum
2) iPhone -> bitWallet
3) Android -> Sentinel
Any feedback is appreciated. Thanks!
https://whotookmycrypto.com/watch-only-wallets/
In summary, if you are a Ledger wallet user, you are in luck as they offer options on all platforms (mobile phones and desktops) for creating watch only wallets. If you use other wallets, you may need to consider other options:
1) Desktop -> Electrum
2) iPhone -> bitWallet
3) Android -> Sentinel
Any feedback is appreciated. Thanks!
OP, you might want to check this article out by Trezor: https://blog.trezor.io/paper-wallets-a-relic-of-the-past-1f711ba82b8c
It is going to be difficult to believe you for someone who got involved with bitcoin in 2010 but you just registered in this forum in May 2019. This looks scammy.
Well you never know right? He could be an active member on here but doesn't want to use his main account to avoid people tracing who he is.
Message to OP, I know this is a bitcoin forum but why don't u try funding other promising projects too like Monero? https://forum.getmonero.org/
I can see people fall for this kind of thing. The same type of people who google Bitcoin Foundation support because they want to speak to the manager of Bitcoin Ltd so he can revert their bitcoin transaction. It is a good thing it has been removed already by google.
Already happened many times before man. Example: https://www.reddit.com/r/Bitcoin/comments/blgv46/scammed_for_5k/
If you are interested in other Ledger wallet scams, we have done an article on it (link). Summary of what we discussed to save you a click:
- Fake recovery seeds
- Fake apps and software
- Fake customer support (like what the OP posted)
- Fake websites
Stay safe
And just to add on to what @bob123 said above, if you use Ledger then you are in luck. You can easily set up watch only wallets on desktop and mobile phones (using their apps).
Other options available to you together with links to guides on setting up watch only wallets (link):
- Electrum on desktop
- Samourai on Android
- bitWallet on iPhone
Also, if you are going to drop your xpub, ypub etc into a block explorer service. https://www.blockonomics.co/ (as mentioned by BitMaxz above) is good as it supports them.
Hope this helps.
Other options available to you together with links to guides on setting up watch only wallets (link):
- Electrum on desktop
- Samourai on Android
- bitWallet on iPhone
Also, if you are going to drop your xpub, ypub etc into a block explorer service. https://www.blockonomics.co/ (as mentioned by BitMaxz above) is good as it supports them.
Hope this helps.
All in your list looks the same as what I see on google a little while ago.
Would you mind sharing this website you are referring to?
So add my thread in your article to let them know about Punycode website from here https://bitcointalk.org/index.php?topic=5152979
So that they are aware of fake Punycode website.
So that they are aware of fake Punycode website.
Yes, thanks for highlighting. We added it in our other article on Ledger wallet scams but forgot to include it here.
Maybe you can try to add their official trezor (FAKE amazon shops) since there is still large number of people using their official amazon shop to buy trezor wallets and be aware such shops.
Thanks for the input. Would update for that.
We recently did an article on scams targeting Trezor wallet users. Since most readers here are experienced users, we have listed the scams covered by the article below to save you a click if you are already aware of them.
1. Fake Trezor wallets
2. Fake Trezor bridge software and apps
3. Fake advertisements and websites
4. Fake Trezor customer support
5. Fake Trezor jobs (not a typo)
6. Scams targeting other wallet users (eg. Ledger)
Link: https://whotookmycrypto.com/fake-trezor-wallet/
Also, happy to get any feedback / new scams to be added to it.
Thanks
1. Fake Trezor wallets
2. Fake Trezor bridge software and apps
3. Fake advertisements and websites
4. Fake Trezor customer support
5. Fake Trezor jobs (not a typo)
6. Scams targeting other wallet users (eg. Ledger)
Link: https://whotookmycrypto.com/fake-trezor-wallet/
Also, happy to get any feedback / new scams to be added to it.
Thanks
Mining scams are just one type of scams on mobile devices. If you want to learn more about mobile phone scams, Binance has an article on this: https://www.binance.vision/security/common-scams-on-mobile-devices
To the OP, don't bother. Whatever you mine would be miniscule @ best.
To the OP, don't bother. Whatever you mine would be miniscule @ best.
I have some questions:
1. Is there any carrier provider that allowed you to change your sim card or port to another device via phone call only?
2. If this case happens, can we blame our carrier provider on this or take some legal actions?
and what more tips or advice you can give to avoid this kind of attack.
1. Is there any carrier provider that allowed you to change your sim card or port to another device via phone call only?
2. If this case happens, can we blame our carrier provider on this or take some legal actions?
and what more tips or advice you can give to avoid this kind of attack.
Not sure about 1.
On 2, yes there have been cases where this has been successful. Example: https://www.coindesk.com/crypto-investor-awarded-over-75-million-in-sim-swapping-hack-case
Tips to avoid this
> Avoid storing your coins or funds for long term in a centralized exchange.
> Avoid using centralized cryptocurrency wallet.
> User hardware wallet or cold wallet.
> Avoid storing your coins or funds for long term in a centralized exchange.
> Avoid using centralized cryptocurrency wallet.
> User hardware wallet or cold wallet.
Also, we wrote an article for Binance that does touch on some other ways to protect yourself (https://www.binance.vision/security/common-scams-on-mobile-devices)
Quote
> Do not use your mobile phone number for SMS 2FA. Instead, use apps like Google Authenticator or Authy to secure your accounts. Cybercriminals are unable to gain access to these apps even if they possess your phone number. Alternatively, you may use hardware 2FA such as YubiKey or Google's Titan Security Key.
> Do not reveal personal identifying information on social media, such as your mobile phone number. Cybercriminals can pick up such information and use them to impersonate you elsewhere.
> You should never announce on social media that you own cryptocurrencies as this would make you a target. Or if you are in a position where everyone already knows you own them, then avoid disclosing personal information including the exchanges or wallets you use.
> Make arrangements with your mobile phone providers to protect your account. This could mean attaching a pin or password to your account and dictating that only users with knowledge of the pin can make changes to the account. Alternatively, you can require such changes to be made in person and disallow them over the phone.
> Do not reveal personal identifying information on social media, such as your mobile phone number. Cybercriminals can pick up such information and use them to impersonate you elsewhere.
> You should never announce on social media that you own cryptocurrencies as this would make you a target. Or if you are in a position where everyone already knows you own them, then avoid disclosing personal information including the exchanges or wallets you use.
> Make arrangements with your mobile phone providers to protect your account. This could mean attaching a pin or password to your account and dictating that only users with knowledge of the pin can make changes to the account. Alternatively, you can require such changes to be made in person and disallow them over the phone.
1. Convert BTC to XMR (using your own Monero wallet, not a hosted wallet).
Any guides on how to do this?
App was picked up by ESET. See their report here:
https://www.welivesecurity.com/2019/05/23/fake-cryptocurrency-apps-google-play-bitcoin/
https://www.welivesecurity.com/2019/05/23/fake-cryptocurrency-apps-google-play-bitcoin/
Got you. But human greed and social engineering do not follow mathematical models.
If you create one, it will have big sum and human greed will always like to take chance to get access on it.
But if you create 100 than the greed will be 100 time less and people will not like to risk their jobs/career for that small amount.
If you create one, it will have big sum and human greed will always like to take chance to get access on it.
But if you create 100 than the greed will be 100 time less and people will not like to risk their jobs/career for that small amount.
Yes, thought so too. If all funds are aggregated into a single wallet, then it makes it a very attractive target. Andreas had this video where he discussed why hackers go after exchanges. Couldn't locate it but would share if found. Basically, he said that hackers approach this in terms of reward / effort ratio. The key thing he mentioned is that security is not scalable.
So if random user X holds $900 in his wallet and uses moderate security that requires an effort of 2 to crack, then the ratio is 50.
On the other hand in exchanges, they hold say $900 million. But the security that an exchange offers cannot be a million times stronger. Consequently, the reward / effort ratio for hackers is actually higher.
Which goes back to the original question, why don't exchanges split up their funds into wallets then?
Somehow I believe in most of hacking it is always inside job.
Popped it into Google. Poof! You are right.
https://www.benzinga.com/pressreleases/17/11/p10792005/most-cyber-attacks-are-inside-jobs
So after Binance recovers from their recent hack, CZ goes around disclosing information such as the below.
Can someone explain the following:
1) Why are they making such disclosures? Wouldn't they make it easier for hackers to get to them? For example, just for the sake of argument (know it's a bad argument because of math, large numbers, publicly visible to begin with but just put that aside) - if you provide the address hackers can begin trying to brute force it. But if you don't disclose it, a hacker would not even know where to start. It's like a robbery victim pointing hackers where to attack next.
Think the question here is: why are they comfortable with hackers knowing such information.
2) Why do they appear to use only ONE address for BNB cold wallet? Isn't this like putting all your eggs in one basket?
3) Likewise, how many hot wallets addresses do they use? Any way to find out such information?
Clearly know nuts about this. Thanks.
Can someone explain the following:
1) Why are they making such disclosures? Wouldn't they make it easier for hackers to get to them? For example, just for the sake of argument (know it's a bad argument because of math, large numbers, publicly visible to begin with but just put that aside) - if you provide the address hackers can begin trying to brute force it. But if you don't disclose it, a hacker would not even know where to start. It's like a robbery victim pointing hackers where to attack next.
Think the question here is: why are they comfortable with hackers knowing such information.
2) Why do they appear to use only ONE address for BNB cold wallet? Isn't this like putting all your eggs in one basket?
3) Likewise, how many hot wallets addresses do they use? Any way to find out such information?
Clearly know nuts about this. Thanks.