June 10, 2024, 08:24:35 AM

Welcome, Guest

News: Latest Bitcoin Core release: 27.0 [Torrent]

Bitcoin Forum>Other>Meta

Pages:

«
2
3
4
5
6
7
8
9
10
11
»

Author

Topic: Report Malware and Suspicious Links here so Mods can take Action ! - page 7. (Read 34654 times)

Bitcoin_Arena

copper member

Activity: 2030

Merit: 1788

฿itcoin for all, All for ฿itcoin.

Quote from: Bitcoin_Arena on November 14, 2023, 07:57:59 PM

This one is trying to sell cryptowallet drainers, which are also classified as malware. The scripts are created to drain off crypto from a person's address once they try to connect their wallet to the website

mercy_rain <--- Nuked

Nice seeing that the mods did a quick job. The user was banned, however he is back with a new account. Spreading malware and evading ban at the same time

New account: mercy___rain <--- Please ban or Nuke

ANN: WTS (Selling Drainers) Archive: https://ninjastic.space/topic/5474135
I have also reported his Fake GitHub account. I hope GitHub does what is required.

Bitcoin_Arena

copper member

Activity: 2030

Merit: 1788

฿itcoin for all, All for ฿itcoin.

This one is trying to sell cryptowallet drainers, which are also classified as malware. The scripts are created to drain off crypto from a person's address once they try to connect their wallet to the website

mercy_rain <--- Please ban or Nuke

Thread: WTS (Selling Drainers) Archive - https://ninjastic.space/topic/5474076

Fake GitHub link: github.com/ggrner (only 2 weeks old)

Drainer links

Code:

https://github.com/ggrner/golden-drainer
https://github.com/ggrner/stepn-solana-drainer
https://github.com/ggrner/spaceX_v3_drainer_2023

He even confessed that GitHub keeps deleting his repositories

Quote from: ?? on ??

Github too often deletes repositories and I need create new acc

light_warrior

copper member

Activity: 602

Merit: 926

I think this is a malware thread, as many threads with this coin have already been deleted and users who posted a similar thread have been banned. I don't know if I'm right or not, please check.

ViktorStrange

Thread

[ANN] NikiChain - blockchain with crypto bridges (CPU mining, Ghostrider)

Malware link

Code:

https://github.com/teubub411/NikiBlockchain/releases/download/2.0.2.3/windows-nikichain-2.0.2.3.zip

Lafu

legendary

Legendary level

Activity: 2996

Merit: 3114

And again a new Fake Ann Thread with a new Fake Github Malware download Link for BRANDS again !

Fake Github was created 4 Hours ago.

Fake Github : github.com/vandia1/CryptoBrands

The downloaded and installed files from there have this here:

Code:

Registry keys set
HKEY_CURRENT_USER\Software\Evrmore
HKEY_CURRENT_USER\Software\Evrmore\Evrmore-Qt
HKEY_CURRENT_USER\Software\Microsoft\RestartManager

C:\ProgramData\ThunderboltDriver\tbdriver.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe powershell.exe
C:\Windows\SysWOW64\schtasks.exe "schtasks" /create /tn ThunderboltDriver /tr C:\ProgramData\ThunderboltDriver\tbdriver.exe /sc onlogon /it /f /rl HIGHEST
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1

Source : https://www.virustotal.com/gui/file/5a4ea5abd5f2150b2cc346cf7564454cb6d4bfdda2876324f88e267eb8242d90/behavior

Account : BukanAdit <--- Please ban or Lock that Account and delete the Thread
Registered since May 19, 2020 , Hacked or sold Account

Fake Ann Thread : [ANN] Decentralized tech mining system/GPU mining/Airdrop

Quote from: ?? on ??

WALLET
Windows:

Code:

https://github.com/vandia1/CryptoBrands/releases/download/1.0.0/brands-win64.zip

This post is also a reference for the Github Report !

Bureau

sr. member

Activity: 448

Merit: 271

Eloncoin.org - Mars, here we come!

Another post on the Indian local board with a suspicious link. Please check it and delete the post. I have already reported it to the global mods but I think there should be a local mod to remove such links. I do not understand why a big board like India does not have a local mod to date. There are a few sub-boards that need to be restructured and a lot of pin messages need to be removed. At the moment it is not done as global mods are busy and won't work on such issues.

The link to the post: https://bitcointalksearch.org/topic/--5474041

Lafu

legendary

Legendary level

Activity: 2996

Merit: 3114

And again there is a new Fake Ann Thread with an Fake Github Malware download link for BRANDS !

Fake Github : github.com/veramuraga/BlockchainBrands

The Fake Github was just created 1 Hour ago.

The downloaded and installed files from there have this here:

Code:

Registry keys set
HKEY_CURRENT_USER\Software\Evrmore
HKEY_CURRENT_USER\Software\Evrmore\Evrmore-Qt
HKEY_CURRENT_USER\Software\Microsoft\RestartManager

C:\ProgramData\ThunderboltDriver\tbdriver.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe powershell.exe
C:\Windows\SysWOW64\schtasks.exe "schtasks" /create /tn ThunderboltDriver /tr C:\ProgramData\ThunderboltDriver\tbdriver.exe /sc onlogon /it /f /rl HIGHEST
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1

Source : https://www.virustotal.com/gui/file/5a4ea5abd5f2150b2cc346cf7564454cb6d4bfdda2876324f88e267eb8242d90/behavior

Account : Darkvi <--- Please ban or Lock that Account and delete the Thread
Registered since January 20, 2019 , Hacked or sold Account

Fake Ann Thread : [Pre-ANN] BRANDS - new trading tech [ProgPow/New eco area]

Quote from: ?? on ??

WALLETS

Code:

Github: https://github.com/veramuraga/BlockchainBrands/releases/tag/1.0.0

This post is also a reference for the Github Report !

BABY SHOES

sr. member

Activity: 294

Merit: 433

HODL - BTC

Newbie accounts spread the virus on meta boards and local india boards with Trading AI Tool.

user: ddoxer889 - Please ban this user and lock the thread.
ANN: Trading AI Tool / Trading AI Tool

Code:

[url=https://transfer.sh/MadLG7DuLG/Trading%20AI%20Tool.zip]https://transfer.sh/MadLG7DuLG/Trading%20AI%20Tool.zip[/url]

Virustotal: https://www.virustotal.com/gui/url/88da53b771ed7fa6392a003168cedf076e78eede18d8a426bd583219a7396e51/detection

Lafu

legendary

Legendary level

Activity: 2996

Merit: 3114

And again we have a new Fake Ann Thread with a new Fake Github Malware download Link for Capybara coin !

Fake Github Files was just uploaded 40 Minutes ago.

Fake Github : github.com/xaMWVUnT/capybara/
Real Github : github.com/Capybaraworld/

Account : Dmengeon2 <--- Please ban or Lock that Account and delete the Thread
Registered since October 31, 2017 , Hacked or sold Account

Fake Ann Thread : Capybara coin - scrypt animal coin (Not another animal coin)

Quote from: ?? on ??

Wallets
Windows:

Code:

https://github.com/xaMWVUnT/capybara/blob/main/capybara-win64.zip

Virustotal : https://www.virustotal.com/gui/file/5ab74c83f8df2dd95e83e220bb2b0e3bf63b24aa7043b5cdd38f4ca7f6360ae0/behavior

Code:

C:\Windows\Supremo.exe
C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe

When you install the Fake Github download file it will create a lot of bad things.
One of them is the File C:\Windows\Supremo.exe that is a Remote Control Program

This post is also a reference for the Github Report !

Lafu

legendary

Legendary level

Activity: 2996

Merit: 3114

And we have another new Fake Ann Thread with an Fake Github download Link for Nevermore !

Fake Github : github.com/thelifebeautifulguru
Real Github : github.com/evrmoreorg

Account : Krissh_369 <--- Please ban or Lock that Account and delete the Thread
This user recently woke up from a long period of inactivity.
Registered since April 21, 2020 , hacked or sold Account

Fake Ann Thread : [ANN] Nevermore - blockchain for DeFI (Fork Evrmore) (GPU mining)

Quote from: ?? on ??

Wallets
Windows:

Code:

https://github.com/thelifebeautifulguru/Nvrmore/releases/download/2.1.0/nevermore-v2.1.0-win64.zip

For More Information:
discord.gg/4csauGuvw3

Original Ann Thread : [ANN] Evrmore [EVR] Blockchain | ProgPoW GPU Mining | The Ravencoin fork for DeF

Account : hans_schmidt

Quote from: hans_schmidt on October 11, 2022, 06:37:50 PM

For More Information:
https://github.com/evrmoreorg
discord.gg/4csauGuvw3

This post is also a reference for the Github Report !

Lafu

legendary

Legendary level

Activity: 2996

Merit: 3114

And we have new Fake Ann Topics with Malware download Links again , now with Short Links !

The Short Links are directing to the Fake Github Account download page!

Quote from: ?? on ??

Windows:

Code:

https://shorturl.at/dzET7

With http://getlinkinfo.com you will get all the Information you need and you see the Fake Github Account !
GetLinkInfo for that used Short Link : Result

Fake Github : github.com/nikitonum
Real Github : github.com/nikitonium

Account : mah0099 <--- Please ban or Lock that Account and delete the Thread
This user recently woke up from a long period of inactivity.
Registered since August 02, 2020 , hacked or sold Account

Fake Ann Thread : [ANN] SUB - sub network for workspace (Mineable)

Quote from: ?? on ??

Windows:

Code:

https://shorturl.at/dzET7

And again a new Fake Ann with a new Fake Github Account showed up this time for BlackCode !

Fake Github just got created 1 Hour ago and looks like it got already deleted.

Fake Github : github.com/BlackCodeBlockchain

Virustotal Malware and Trojan detections : https://www.virustotal.com/gui/file/bc2b3e767d1c973f8a1d5f70fa44f3bef1cda849e8520aca17833ba8833d956e/behavior
Files that will get installed here again:

Quote from: ?? on ??

LINKS

Code:

Github: https://github.com/BlackCodeBlockchain/CoreWallets/releases/tag/2.1.2

This post is also a reference for the Github Report !

light_warrior

copper member

Activity: 602

Merit: 926

Quote from: Lafu on November 10, 2023, 01:12:06 PM

The Fake Github Account was just created 1 Hour ago.

Can I ask you a question? How do you determine the time and date when a Github account was created? I found three threads created by the accounts you marked in red and I wanted to see the time the accounts were created on Github, but I didn't see that information there.

https://bitcointalksearch.org/topic/--5473646
https://bitcointalksearch.org/topic/--5473647
https://bitcointalksearch.org/topic/--5473645

Lafu

legendary

Legendary level

Activity: 2996

Merit: 3114

And we have a new Fake Ann Thread with a new Fake Github Account for Subi Network !

The Fake Github Account was just created 1 Hour ago.

Fake Github : github.com/VirtualRealityProject
Real Github : github.com/subinetwork

Account : alinyous <--- Please ban or Lock that Account and delete the Thread
Looks like this Account got hacked or sold , Registered since May 25, 2018.

Fake Ann Thread : [ANN] VRT - virtual reality project (Ghostrider/Exchange 20/11/2023)

Quote from: ?? on ??

Subi Network's combination of public and private blockchain technologies for unparalleled gaming experiences in virtual reality
WALLETS
Windows:

Code:

https://github.com/VirtualRealityProject/VRNetwork/releases/download/1.1.2.4/subi-win-1.1.2.4.zip

Original Website : https://subinetwork.com/

Quote

Subi Network combine public and private blockchain technologies to create unparalleled gaming experiences based on virtual reality.

Source : https://subinetwork.com/

This post is also a reference for the Github Report !

Lafu

legendary

Legendary level

Activity: 2996

Merit: 3114

And we have again a new Fake Ann Thread with a new Fake Github Account with Malware download Link for ARSAGILITY !

The Fake Github Account was just created 20 Minutes ago.

Fake Github : github.com/Arsagility
Real Github : github.com/arsa-hub

Account : Daniel323 <--- Please ban or Lock that Account and delete the Thread
Looks like this Account got hacked or sold , Registered since February 17, 2022

Fake Ann Thread : [ANN] ARSAGILITY - secure, private and instant [Ghostrider]

Quote from: ?? on ??

Coin Name: ARSAGILITY
Wallets
Windows:

Code:

https://github.com/Arsagility/arsg/releases/download/2.7.14.72/arsa-win-2.7.14.72.zip

Our socials
site: https://arsagility.org/

Virustotal : https://www.virustotal.com/gui/file/ce19e2ef68373ab6f7b18d2fd25c0da193f7bd14f591509aa82c03b24783de44/detection

Original Ann Thread : [ANN] ARGY - Arsa Core of ARSAGILITY ~ Come and Join The Game

Account : gharrison

Quote from: gharrison on June 01, 2023, 08:12:57 PM

Coin Name: ARSAGILITY
Github: https://github.com/arsa-hub/arsa
Websites: https://arsagility.org/

And we have again a new Fake Ann with a new Fake Github Account for USA Coin !

The Fake Github was just created 2 Hours ago.

Fake Github : github.com/US-Coin
Real Github : github.com/usacoin

Account : psertakil <--- Please ban or Lock that Account and delete the Thread
This user recently woke up from a long period of inactivity.

Fake Ann Thread : [ANN] USA Coin - New Reality Of Wealth

Quote from: ?? on ??

https://github.com/US-Coin/Core/releases/tag/v1.0.0

Virustotal : https://www.virustotal.com/gui/file/b2fba44034dbeafeb92e1fb6143e332e2486114e586b853f37a748c3366cd7ec/detection

This post is also a reference for the Github Report ![/b]

Lafu

legendary

Legendary level

Activity: 2996

Merit: 3114

And there is again a new Fake Ann Thread with a new Fake Github Account with Malware for DoubleNode !

The Fake Github Account was just created 1 Hour ago.

Fake Github : github.com/DoubleNodeCoin
Real Github : github.com/DoubleNode

Account : Henrique250 <--- Please ban or Lock that Account and delete the Thread
The Account is Registered since September 08, 2017 without any post , possible Hacked or sold Account.

Fake Ann Thread : [Pre-ANN] DoubleNode - experimental mining project [ProgPow/MN]

Quote from: ?? on ??

Wallet

Code:

https://github.com/DoubleNodeCoin/Experimental/releases/download/1.1.1/doublenodecore.zip

A testnet is currently being conducted to test all systems. Coins mined on the testnet will be transferred to the mainnet in a 1:1 ratio

First Red Flag
is that normaly no Coins mined from the testnet will be transferred to the mainnet.

Next Red Flag is:
When you install the Github download file it will create a lot of bad things.
One of them is the File C:\Windows\Supremo.exe that is a Remote Control Program.
Virsutotal : https://www.virustotal.com/gui/file/79c7262e1335c522daa70fc65fb58b1435b28e0bbf2b21a88d6c03f8135a4da5/behavior

And again there is another new Fake Ann with a new Fake Github Account for nikitonium !

Fake Github was created 1 Hour ago.

Fake Github : github.com/nikitoniums
Real Github : github.com/nikitonium

Account : mrhakas565 <--- Please ban or Lock that Account and delete the Thread
Looks like the Account got hacked.

Fake Ann Thread : [ANN] WBS - without blockchain and compromise system (CPU algo)

Quote from: ?? on ??

Our wallets

Code:

Windows: https://github.com/nikitoniums/nikito-wbs/releases/download/2.0.2.3/nikitonium-core-2.0.2.3.zip
Linux: https://github.com/nikitoniums/nikito-wbs/releases/download/2.0.2.3/ubuntu-nikitonium-2.0.2.3.tar.gz

Our socials
Website: https://nikitonium.com/
Discord: https://discord.gg/QFSvSuvgGq

Original Ann Thread : [ANN] WITHOUT A BLOCKCHAIN, $NIKI CANNOT EXIST

Account : nikitonium

Quote from: nikitonium on November 06, 2023, 12:32:29 PM

Windows :
https://github.com/nikitonium/nikito/releases/download/2.0.2.3/windows-nikito-2.0.2.3.zip

Website: https://nikitonium.com/
Discord: https://discord.gg/QFSvSuvgGq

This post is also a reference for the Github Report !

Lafu

legendary

Legendary level

Activity: 2996

Merit: 3114

And we have again a new Fake Ann Thread with an Fake Github Account for nikitonium !

Fake Github was just created 5 Hours ago.

Fake Github : github.com/nikitonum
Real Github : github.com/nikitonium

Account : voelker <--- Please ban or Lock that Account and delete the Thread
Registered on January 31, 2016 and today first post , possible hacked or sold Account

Fake Ann Thread : [ANN] [NIK] Nikitonum - Secure Cryptocurrency Blockchain (Ghostrider)

Quote from: ?? on ??

Windows:

Code:

https://github.com/nikitonum/nikito/releases/download/2.0.2.3/windows-nikito-2.0.2.3.zip

Original Ann Thread : [ANN] WITHOUT A BLOCKCHAIN, $NIKI CANNOT EXIST

Account : nikitonium

Quote from: nikitonium on November 06, 2023, 12:32:29 PM

Windows :
https://github.com/nikitonium/nikito/releases/download/2.0.2.3/windows-nikito-2.0.2.3.zip

This post is also a reference for the Github Report !

Lafu

legendary

Legendary level

Activity: 2996

Merit: 3114

And we have a new Fake Ann with an Fake Github Malware download Link for Etica !

Fake github : github.com/etilca
Real Github : github.com/etica

Account : Redox778 <--- Please ban or Lock that Account and delete the Thread
Looks like that Account got hacked as the last year it just posted in the Bountie section.

Fake Ann Thread : [ANN] ETICA - open source medical research (Rework blockchain/ETChash)

Quote from: ?? on ??

Code:

https_://github.com/etilca/etlca-gui/releases/download/1.0.7/Windows-eticawallet-1.0.7.zip/

Original Ann Thread : [ETI] Etica - A cryptocurrency for Open Source medical research

Account : etica

Quote from: etica on August 24, 2022, 06:26:42 AM

Wallet
https://github.com/etica/etica-gui/releases

And again from a other User posted the same Fake Ann and Fake Github !

Account : tasin78 <--- Please ban or Lock that Account and delete the Thread
Looks like this Account also got hacked or sold.

Fake Ann Thread : ETICA COIN - open source protocol for medical research (etchash)

Quote from: ?? on ??

Wallets

Code:

https://github.com/etilca/etlca-gui/releases/download/1.0.7/Windows-eticawallet-1.0.7.zip

This post is also a reference for the Github Report !

Lafu

legendary

Legendary level

Activity: 2996

Merit: 3114

Quote from: BABY SHOES on November 03, 2023, 08:01:08 PM

This user appears again with his fake ANN, even though he has been tagged by you, at least I am reporting again here so that this user is banned.

Thanks for keeping your eyes open and reporting this kind of posts and topics.
Yeah it was late when i saw that user and just tagged him and reported the thread , would have written it the other day but you was faster.
Oh and can you please use the code function and edit your last posts so that nobody can click on the Links , would be nice.

Looks like after a short break they starting again to post there Malware shit Links , but i am ready.

Quote from: pinggoki on November 03, 2023, 10:51:22 PM

Although I could be wrong though and this account really is hacked but that's unlikely since the hacker won't really get anything out of hacking this account wouldn't they?

They dont care about the Accounts or what is related to them , they just want to spread there Fake Malware Links and sometimes somenody falls in that trap.
Then they can use this Account again and doing the same with it and on top of that they get all his coins if they lucky.

BABY SHOES

sr. member

Activity: 294

Merit: 433

HODL - BTC

I found two fake ANNs spreading viruses via download links on github!

ANN Fake: [INS] InternetSecurity - protect you from phishing attempts [CPU mining]][ANN] [INS] InternetSecurity - protect you from phishing attempts [CPU mining]
User: js2105 - Please ban this user and lock the thread.

Virustotal: https://www.virustotal.com/gui/file/1aa7a5d6aa38f4e5a4b641ccf6d5d7bdf4a96b86059b457e8cd0b49f00544008/detection

Quote from: ?? on ??

Wallets
Windows: https://github.com/InternetSec/InternetSec/releases/tag/1.2.1
Source: https://github.com/InternetSec/InternetSec/

ANN Fake: [ANN] [BRV] BitcoinRivera - most security system [Scrypt]
User: Bitcoin@111 - Please ban this user and lock the thread.

Virustotal: https://www.virustotal.com/gui/file/c8f05286290cb9bc4f62c0330aed2be4f43da5f6e9c00f87e76117cfcefc5dcc

Quote from: ?? on ??

Wallets
Windows: https://github.com/BitcoinRivera/BRV/releases/download/1.0.0/BitcoinRiveraCore.zip
Linux: coming soon

What we see again is that the file is created with the name PhoenixMinerReborn.exe.
As @Lafu reported here.

Code:

C:\Users\\AppData\Local\Temp\IXP000.TMP\PhoenixMinerReborn.exe

https://www.virustotal.com/gui/file/c8f05286290cb9bc4f62c0330aed2be4f43da5f6e9c00f87e76117cfcefc5dcc/behavior

pinggoki

sr. member

Activity: 1442

Merit: 390

★Bitvest.io★ Play Plinko or Invest!

Quote from: BABY SHOES on November 03, 2023, 10:23:22 AM

This user has 282 activities and suddenly spreads a trojan with a fake ANN, maybe this account was hacked.

I've checked the 5 pages of his post and it's just bounty related posts so I might not be too inclined to believed that this account is hacked, there's not a lot of effort invested in this account so it's easy for him to just use it to share a Trojan, if I were on that person's shoes and there's an opportunity for me to do it with an account that has some significant activity to hide my intentions (sharing links in the posts most of the time so it's likely that someone will click on my links without thinking about it.), I would probably do it too. Although I could be wrong though and this account really is hacked but that's unlikely since the hacker won't really get anything out of hacking this account wouldn't they?

BABY SHOES

sr. member

Activity: 294

Merit: 433

HODL - BTC

Quote from: Lafu on November 03, 2023, 09:09:14 AM

Fake Ann Thread : [ANN] [OGR] OgreCoin - meme token destroyer, WHOAAA (Ghostrider)

This user appears again with his fake ANN, even though he has been tagged by you, at least I am reporting again here so that this user is banned.

ANN Fake: [ANN] [OGR] OgreCoin (Ghostrider)
User: vesko_savov - Please ban this user and lock the thread.

Quote from: ?? on ??

Ogre wallet
Github: https://github.com/OgreProject/Ogre/releases/tag/1.0.0
Source: https://github.com/OgreProject/Ogre/blob/main/Ogrecoin-master.zip

Pages:

«
2
3
4
5
6
7
8
9
10
11
»

Bitcoin Forum>Other>Meta

Jump to: