Search for:

The blockchain is safe and unhackable, they say. Our cryptoassets are inside there, so, we feel so confident with our funds… because they’re totally fine, with top-of-the-line security, right? Well, the answer to that one would be yes and no at the same time.

Yes, because someone would need a non-yet-in-existence quantum computer to break a powerful blockchain; and no because the risk factors go beyond that, unfortunately. The thing is: a human always can be lured and tricked. The people themselves are the Achilles heel in cybersecurity, and no one is exempt from suffering a cyberattack.

That’s why we should be very aware of the bad possibilities and malware to avoid at all costs. Prevent before cure, so, meet here the malware that can steal all your cryptos and how to take care of it.


The word wasn’t put together arbitrarily: it comes from the mix of “ransom” and “malware” and defines very well the concept. This is a kind of malware that, once installed on your device, encrypts the personal files (documents, images, audio, video…) or the entire hard drive and ask you for a ransom (often in cryptocurrency) to return them.

Image by mohamed Hassan / Pixabay

At the dawn of its popularity, there in 2013, the most affected for this were personal devices, and the ransom asked for them were 100 – 300 USD in Bitcoin (BTC). The hackers even used to deliver instructions for use the cryptocurrency.

To date, there are a lot of types and it has evolved into a billionaire industry in which the most affected are companies and not personal users. The ransom for them now can amount to million dollars in Bitcoin, Monero (XMR), Zcash (ZEC), and other cryptoassets.

How do you get infected?

  • Spammy emails in your Inbox, delivering dubious links.
  • Unofficial downloads from external websites or P2P software (like BitTorrent).
  • Exploits in non-updated operative systems (OS), i.e. Windows XP or old versions of firmware in IoT devices (remember these first three as the “evil triad”).
  • A targeted attack specially planned and designed for one objective, often institutional (organizations and companies).

Useful tips

  • Keep updated the OS, antivirus, and firmware of all your smart devices.
  • Don’t open links or attached files from dubious emails.
  • Download files and software only from the official websites (remember these first three as the “shield triad”).
  • Make backups of all your important information and files in external devices, preferably offline.
  • In case of infection, go to helping websites like No More Ransom or call the cybernetic division of your local authorities. Paying the ransom directly isn’t recommended and its success isn’t guaranteed.


We can say this isn’t malware per se, but it’s used by cybercriminals as a spying tool. As the ransomware, its name says everything: this one it’s a software or hardware designed to log (and often send) every keystroke typed on a device keyboard. Sometimes, they even can record clicks, audio, and video.

Image by Gerd Altmann / Pixabay

Thereby, if a keylogger is installed stealthily on a device, it’s capable to record passwords and credentials that would later be sent to a malicious hacker. Among those credentials might be the password or private key of a cryptocurrency wallet, which means you’d be robbed this way.

How do you get infected?

  • The evil triad, as we said before.
  • Fake websites and browser extensions (phishing).
  • Infected web domains, which means targeted attacks to services like vulnerable shops and exchanges.
  • Someone left a funny little device connected to your computer, like a dubious USB adapter or an extra wire (it’s a hardware keylogger).

Useful tips

  • Apply the reliable shield triad, as we said before.
  • Besides the antivirus, make sure you have a cybersecurity solution called anti-keylogger.
  • Record your credentials and passwords in the browser of your usual device, or use software to administrate your credentials.
  • Avoid phishing sites and apps just by looking at the URL, that is always different from the original.
  • Pay attention to the news of your favorite websites and services: they should announce its customers if they’re under cyberattack.
  • Don’t leave connected unknown hardware in your device.

Remote Access Trojan (RAT)

This a very bad infection, because is nothing more than an open back door to let hackers enter and control your device remotely. Once installed the software, the RAT enables administrative control, which means its hacker can see and do almost anything they want in the device, from monitoring the data and behavior silently to distribute other malware and format drives.

Image by StockSnap / Pixabay

Of course, they could steal your cryptos as well, just by enter in your wallet after record your movements. And you probably won’t notice this stealthy software before it’s too late.

How do you get infected?

  • The evil triad, worse than ever. Indeed, is very common to find it hidden inside cracked games and software.
  • Using dubious bots in Telegram.

Useful Tips

  • Apply the shield triad, and you’ll be fine!
  • Additionally, you can always look up for comments and reviews from other users of the apps and programs that you’re going to download. Including the bots in Telegram, yes.

Clipper / Clipboard hijacker

The cybercriminals know very well the general manners of cryptocurrency users. They know, by example, nobody writes by hand the long and complex wallet addresses, but copy and paste them when is needed. That’s exactly the point they choose to hijack the original addresses and replace them for their own ones, using a malicious software dubbed “Clipper” or “Clipboard hijacker”.

Image by Pete Linforth / Pixabay

The main thing this malware does is hijack the clipboard in the user’s device and detect when a crypto-wallet address is copied by the owner. Then, this one is replaced for the hacker wallet address, so, if the user doesn’t pay attention, they may end up sending the funds to the wrong destination.

How do you get infected?

  • Evil triad again, yes. This time, the most common infection vector is fake or infected apps on the Play Store.
  • Adobe Flash or other fake banners ads on dubious websites.

Useful Tips

  • Apply the shield triad (it works for almost everything).
  • Pay attention to the wallet addresses! It doesn’t matter if you think you don’t have any clipper on your device (these don’t produce any visible symptoms). Compare and verify your original address and the pasted version twice before share or send.
  • If possible, prefer using your funds through QR codes instead of text.


We can say the phishing is partly malware and partly a scam because it’s a just a fake version of something (website, app, software, message, call…), specially designed to deceive people and get from them valuable information, like bank or cryptocurrency credentials and keys. So, the hackers clone websites or software, or impersonate some service, company, or person via email or call to achieve their malicious goals.

Image by leo2014 / Pixabay

You can find out there a fake version of your reliable cryptocurrency exchange, by example. It looks identical, but, at the same time, some things are off. Maybe it’s bad grammar, broken links, or missing texts; but there’s something on the phishing websites that always gives them away: the URL.

It can’t be the exactly same domain as the original (because you should buy a domain, and you can’t buy something the legitimate owner isn’t selling). They’re always similar, but at least one character will be changed (i.e vs And it’s the same for mail addresses: if it doesn’t have the original domain of the company (i.e. [email protected] vs [email protected], you should suspect immediately.

How do you get infected?

  • Evil triad, especially via email.
  • Dubious adds at the top of the browser results. Anyone (even malicious actors) can pay for that kind of add, so, they’ll be there till someone reports it.
  • The hacker/scammer found your phone in some way and it’s calling you, impersonating some authority.

Useful Tips

  • Shield triad at the rescue again.
  • Access your most-used websites through the bookmarks/favorites list, and avoid the browser results as much as you can.
  • Be suspicious of any message/mail/call in which someone is asking you for personal credentials or money. Remember: the companies/organizations don’t use to do that at all.
  • If you’re going to send/receive cryptocurrency through a website or app, always check the URL and previous reviews.

But above everything, don’t worry! Protecting yourself and your cryptocurrencies is easy. Just follow our useful tips, and you should be totally fine.

Wanna trade BTC, ETH, and other tokens? You can do it safely on Alfacash! And don’t forget we’re talking about this and a lot of other things on our social media.

Twitter * Telegram * Instagram * Youtube *Facebook  * Vkontakte


I'm a literature professional in the crypto world since 2016. It doesn't sound very compatible, but I've been learning and teaching about blockchain and cryptos for international portals since then. After hundreds of articles and diverse content about the topic, now you can find me here on Alfacash, working for more decentralization.

Write A Comment