This article is supposed to warn all of you newbies to the cryptosphere who may have heard about malicious attacks against cryptocurrency holders but dont know any specifics.
Let me tell you my story. I used my wallet and connected it to a miner by copy-pasting the address for ethereum. I didnt think much of it and the site had previously mined Ravencoin for my wallet (and delivered it perfectly in order) so I was thinking everything was fine.
Since the payout was set at 0.05 ETH and my last generation 2070 would take some time to mine that I decided to enjoy some faucet/survey givaway sites while waiting. Many of those sites have popups and try to encourage you to download things that you probably should avoid downloading, so I thought, as long as I stay clear of that I may be safe.
When it was time for me to cash out my first 50 dogecoins from free-doge.com, pasted the address from my wallet into the right space. After a while, the statement on the site said "Paid" and I was still not recieving anything in my wallet. Something must be wrong I thought, and compared the address to the one I had in my wallet. They were different! First, I thought maybe they change the addresses ever so often by default after a transaction, but then I tried copy pasting the address again. It completely changed the address!
I looked in horror at the ethereum address as well and saw that it also changed whenever copy-pasted. I was mining for somebody else this entire time! While the miner had yet to pay out the soon-to-be 0.05 ETH to the scammers wallet, I shut down the mining immediately and contacted the mining pool support. They informed me that they would try to block the address but couldnt do anything about the ETH already mined.
Somwhere along the line, a simple clipboard hijacking trojan had been downloaded on my computer. It also included a separate trojan that logged me into a special proxy server to be able to host attacks against my network. I downloaded malwarebytes and removed the files and also the proxy trojan after some digging.
So while this was a lesson for me, I hope everybody double checks their wallet address in the future and makes sure these scammers have a harder time operating. After following upp on the address, I also found the site the scammer uses to change crypto for money. I contacted them with the information and asked them to shut him down or if possible, try to report him to authorities if they had his personal information. I doubt anything will be done, but I hope we can all try to take steps to make life harder for these opportunists.
Stay safe out there and keep on mining!