Audits
Services
Services
Smart Contract Audit
Blockchain Protocol Audit
Penetration Testing
Cloud Penetration Testing
dApp Audit
Crypto Wallet Audit
Cross-Chain Bridge Audit
Bug Bounty
Proof of Reserves
CCSS Audit
Tokenomics Audit & Design
Smart Contract Audit
Mitigate weaknesses in your smart contract and improve its functionality with a double line-to-line code analysis and a separate review by a lead auditor.
Blockchain Protocol Audit
Secure the entire architecture and implementation layers of your blockchain protocol with professional security audits and testing.
Penetration Testing
Proactively detect vulnerabilities in your Web3 project by subjecting your systems to a simulated cyberattack in a secure and controlled environment.
Cloud Penetration Testing
Secure your cloud with Hacken's expert penetration testing. Our certified team delivers tailored security solutions for AWS, Azure, Kubernetes, and more, ensuring your data's safety.
dApp Audit
Identify vulnerabilities in applications interacting with blockchain networks with secure code review and static security analysis.
Crypto Wallet Audit
Code review & static security analysis for crypto wallet apps.
Cross-Chain Bridge Audit
Code review & security analysis for cross-chain crypto bridges.
Bug Bounty
Receive only relevant bug reports or undergo crowdsourced penetration testing with the help of thousands of ethical hackers curated by HackenProof.
Proof of Reserves
Enhance transparency in crypto exchanges with independent on-chain proof of assets’ true collateralization.
CCSS Audit
Assess and strengthen your security practices, identify vulnerabilities, and safeguard valuable digital assets in the ever-evolving cryptocurrency landscape.
Tokenomics Audit & Design
Ensure your token model robustness and efficiency and convey trust to investors and community with our thorough, independent audit of protocol economic security.
Solutions
Post-deployment security solution
Hacken Extractor
Real-time smart contract protection from assets loss
Learn more
Solutions
Featured ecosystems:
Ethereum (EVM)
BSC
Polygon
Near
Avalanche
Fantom
Aptos
Sui
Optimism
zkSync
Arbitrum
Solana
Polkadot
Cosmos
Radix
Linea
MetaMask
Others
By Languages:
Solidity
Rust
Move
Blog
Company
Company

How DOTA Influenced Crypto: SCR Scam

How DOTA Influenced Crypto: SCR Scam

2 minutes

So you wake up one winter morning and notice a friend request with a message «hi! I’m starting a new project, and your friend Sam has recommended you, check the details here : *weird file*».

Bet you click it, and bet you won’t notice anything suspicious happening, but meanwhile, your laptop is getting slower and slower.

What actually happened

Someone has likely sent you an *.SCR file.
Usually *.SCR extension files are found in Windows and contain scripts which change the PC configuration (keylogger, password stealers, screensavers, etc). They are indeed dangerous since they are able to create a heat map that will actually record your keyboard activity and record any kind of credentials you type and send them to the person who created the file.

SCR files in crypto

Historically, mostly the DOTA fans have been aware of the danger of *.SCR files. However, with the emergence of crypto, the scam has spread further. A person, let’s call them “kamikaze” (as they’re banned immediately), sends a link with the name “TOP-10-COINS-TO-INVEST-DECEMBER-2018.scr” to a Telegram group, or another channel of communication.
The naive crypto enthusiast downloads the file and opens it, hoping that this generous person is sharing with them the secret of wealth.
Spoiler alert: no one will ever share valuable information on how to get rich without hidden personal gain

Solution

How to stay protected

Never open any attachment or media file if it comes from an unknown source.
Buy and install strong antivirus software which contains anti-malware and security properties (once again there is no such thing as a free lunch!)

To remove it

Check the windows taskbar -> Processes tab -> find screensaver.scr (one of the most popular targets) and click End Process
Open your file explorer and search for any .scr extension files, if you find any — delete them.
If you are still experiencing the same issue download AdwCleaner Run and run the software. An AV and Adwcleaner tool will usually remove the root files of any SCR creation.
Run a full scan twice to make sure it has been successfully removed.

Don’t be upset if something like this has happened to you: scams like this occur to every third person because we often click before we think! Learn from your own and other’s mistakes. We should all be more hack-aware these days.

P.S. If you’ve ever experienced scams like that or simply want to talk about crypto, blockchain, and your holidays. Join our chat!

Join chat!