One of the biggest threats to cryptocurrency holders is malware, which remains undetected on the system only to manifest itself when coins and other funds inexplicably go missing. Your antivirus software is of little use against the most advanced forms of malware, for several reasons:
There is evidence that malware can evade antivirus, either by being encrypted or by appearing so innocuous that it is unnoticed.
An existing program that seems safe can at a later time update itself to incorporate malware.
When you download a trial version of antivirus software, the program hides some files deep in the registry to ensure that after the trial expires merely deleting the program will not renew the trial. So if antivirus software is able to hide stuff on your system that cannot be easily removed or detected, so can malware.
People have lost Bitcoin despite having antivirus software running. It’s not uncommon to read stories of people having Bitcoin stolen despite antivirus not finding anything.
Remote Access Trojans (RATs) are the most dangerous form of malware, worse than even those cryptolockers. RATs can log your wallet private passwords (such if you’re using an electrum wallet) as you are typing them into the computer and then steal the coins. A program as innocuous as teamviewer, which millions of people have installed, can potentially be turned in a RAT. Rats can also search for computers with Bitcoin-related activity and then steal coins as users unlock wallets. This means if you have coins on an exchange and you move them to a Trezor or Ledger (which goes to show how even if you take all the necessary precautions such as buying a hardware wallet, you can still fail), the malware can steal the private key as soon as it is exposed.
Chrome plugins can log your form data and send it to a remote server…this includes passwords and other login credentials. This is because the plugin, via JavaScript, inserts a modification to the document object model that triggers when a form is entered. You would think that Google would never allow an app developer to have such power, but you’d be wrong. Antivirus cannot stop this.
Antivirus software tends to generate too may alerts and false positives, which are annoying and make people included to turn off the program, hence diminishing its effectiveness.
For these reason and others, I don’t use antivirus software. I haven’t used antivirus in years and have never had problems with my computer being infected. My solution, to the best of my knowledge, is completely new, but I believe to be far more effective than antivirus at detecting major threats.
Given the all the attention Bitcoin has gotten and the extreme valuations of these currencies, advanced malware is programmed to home in on Bitcoin keys and wallets. A single wallet that holds a few coins is far better than a bunch of credit card numbers or filling one’s computer with pop-up generators.
So what I do is keep a Litecoin wallet open at all times on my computer, which has $60 in it (about 1/3 of a single Litecoin) and is unencrypted. I also keep the secret key in plaintext. If is vanishes, then I know my system is infected, which so far after 4 months of running the experiment it hasn’t. Does this not seem like a waste of money when instead for $60 I could buy a full-fledged antivirus software? But I would rather lose the $60 and know what I am fully up against than spend $60 on a program that will only give me a false sense of security.
If your computer is infected, the only safe option is to backup important files and just reformat everything and then redo the Litecoin test.