A report published by Red Canary last Thursday (2) points out that a license activator, used to unlock unlicensed Windows functions, can obtain sensitive information from various applications, including Bitcoin wallets and other cryptocurrencies.
As it is a dubious tool, the activator named KMSpico can be changed and distributed by anyone, making it difficult, if not impossible, to find a safe version that does not contain any type of threat.
These activators can also be used to illegally license other Microsoft software as well as common third-party products such as Adobe. In short, there is no free lunch.
Compromised wallets and browsers
Red Canary points out that the KMSpico enabler can access multiple internet browsers as well as a large number of cryptocurrency wallets, whether Bitcoin or other altcoins and tokens.
List of wallets whose activator can access sensitive data:
- Electron Cash
- Jaxx Liberty
- Live Ledger
- Waves App
List of browsers whose activator can access sensitive data:
- Google Chrome
- Mozilla Firefox
After that, this Cryptobot then sends this stolen information, which may contain username, password and other data, to a remote server. In other words, anyone who uses these activators is putting their money at risk.
How to escape this trap
Although Windows allows its use for free, limiting some system components, many users tend to use suspicious programs to save money, which can be a bad deal as these programs can steal your bitcoin and other cryptocurrencies, as seen above.
Currently, Windows 10 Home, the most basic version of the operating system, is priced at 1,099 reais. Its Pro version, on the other hand, is a little more expensive, and costs R$ 1,599. Despite the high price, it’s better than handing both your cryptocurrencies and your personal data to malicious people.
For those who want even more security, it is also recommended to purchase a hardware wallet, as they sign transactions in another environment, mitigating these risks.