Topic: ALERT! sgminerwindows.com Stealing Bitcoins! (Read 13568 times)
ok thanks I see that above. How to setup X11 I didn't see kernel for that?
where I can download clean of viruses miner which is compilled for x11 and x13?
Here you can download trustworthy windows/linux sgminer and cgminer binaries: https://www.nicehash.com/software/#sgminer
where I can download clean of viruses miner which is compilled for x11 and x13?
That's it. I am NOT gonna trust this shit until I hear differently about CLEAN and dependable files with FULL and EXPLICIT clearance. This is so bad.
Here you can download trustworthy windows/linux sgminer and cgminer binaries: https://www.nicehash.com/software/
What type of file are you decompiling, IDA wont identify the entry point of several different files and only break them down to hex.
I'm trying to decompile the shirecoin-qt.exe (not sure if possible).chnchapters said he saw the code, and that it steals the wallets like the miner.
Never ever use precompiled binaries of altcoins, always check the code on github first. Any closed source altcoins can not be trusted either.
To difficult for average user. I have no idea how to do that kinda shit, just instal and launch, that is the only way to go!
What type of file are you decompiling, IDA wont identify the entry point of several different files and only break them down to hex.
I'm trying to decompile the shirecoin-qt.exe (not sure if possible).chnchapters said he saw the code, and that it steals the wallets like the miner.
Never ever use precompiled binaries of altcoins, always check the code on github first. Any closed source altcoins can not be trusted either.
I used HexRays/IDA
I can show you exactly how I did when I get off work,
the tainted SGminer programs, and Shire coin both use the same ftp server where the stolen wallets were being up loaded.
Sure, when you can.I can show you exactly how I did when I get off work,
the tainted SGminer programs, and Shire coin both use the same ftp server where the stolen wallets were being up loaded.
I'm using idaq.exe (i guess that's the program you mention).
I selected the shirecoin-qt.exe and let it analyze it (with default options), but when I tried to go to pseudo code, it told me "decompilation failure"
If I choose binary --> processor type Microsoft - net.
Then it says it can't identify the entry point.
And I get to see hex crap. Can't view pseudo code mode.
Well, first time using this program, so maybe there's some trick.
Thanks.
What type of file are you decompiling, IDA wont identify the entry point of several different files and only break them down to hex.
I'm trying to decompile the shirecoin-qt.exe (not sure if possible).chnchapters said he saw the code, and that it steals the wallets like the miner.
What type of file are you decompiling, IDA wont identify the entry point of several different files and only break them down to hex.
I used HexRays/IDA
I can show you exactly how I did when I get off work,
the tainted SGminer programs, and Shire coin both use the same ftp server where the stolen wallets were being up loaded.
Sure, when you can.I can show you exactly how I did when I get off work,
the tainted SGminer programs, and Shire coin both use the same ftp server where the stolen wallets were being up loaded.
I'm using idaq.exe (i guess that's the program you mention).
I selected the shirecoin-qt.exe and let it analyze it (with default options), but when I tried to go to pseudo code, it told me "decompilation failure"
If I choose binary --> processor type Microsoft - net.
Then it says it can't identify the entry point.
And I get to see hex crap. Can't view pseudo code mode.
Well, first time using this program, so maybe there's some trick.
Thanks.
I used HexRays/IDA
I can show you exactly how I did when I get off work,
the tainted SGminer programs, and Shire coin both use the same ftp server where the stolen wallets were being up loaded.
I can show you exactly how I did when I get off work,
the tainted SGminer programs, and Shire coin both use the same ftp server where the stolen wallets were being up loaded.
He is also the creator of Shire Coin, which is a scam because it uses the same code to steal coins if you download the wallet.
How can I check that?I downloaded that qt some time ago, so it probably stole my encrypted wallet.dat (haven't lost coins, but still want to know if I should consider the wallet compromised)
I tried decompiling it, but it says it isn't a .net program.
What did you use to view the code? Thanks.
So is it confirmed that the tainted code was only in recent builds? If so, how long ago did it happen?
According to LiteSaber, the tainted code was in the most recent binaries which were linked from another site (minersforwindows.com)
So is it confirmed that the tainted code was only in recent builds? If so, how long ago did it happen?
I have the domain now. I will be downing the site until the new binaries are available with an explanation of what happened.
Just for future reference.
I've handed over control of the sgminerwindows.com domain / website to flound1129
Hopefully he has more time to keep it all up to date than I did.
I've handed over control of the sgminerwindows.com domain / website to flound1129
Hopefully he has more time to keep it all up to date than I did.
From my simple investigation if would seem its a non persistent threat, as seen in the code back in the thread.
It basically looks for common wallet files and uploads them to a FTP server each time its run.
So encrypt your bloody wallets always.
It basically looks for common wallet files and uploads them to a FTP server each time its run.
So encrypt your bloody wallets always.
their all set manicious malyware update virus.
you should check your device.
you should check your device.
If you read on site he is not compilled latest version of sgminer but he downloaded it from here
http://minersforwindows.com/
Actually this site is with malware sgminer
http://minersforwindows.com/
Actually this site is with malware sgminer
Jump to: