Pages:
Author

Topic: [ANN] Zipcoin [ZIPC]- X13 PoW/PoS - NO Premine - 7 days PoW - Ninja - page 8. (Read 42971 times)

legendary
Activity: 1610
Merit: 1003
"Yobit pump alert software" Link in my signature!
I took a chance and emailed the bitcoindark dev to see if there is ANYTHING he can do to reverse the 7700 BTCD I lost. I dont know if he can roll back the chain or reverse this. I doubt it, but I dont know what else to do Sad
legendary
Activity: 1610
Merit: 1003
"Yobit pump alert software" Link in my signature!
Superantispyware was the ONLY antivirus that was able to find it, and its free
legendary
Activity: 1131
Merit: 1007
https://mega.co.nz/#!6cAxzBjT!KVntyW_y8j4QVwobEHROrRhpuKnX_2uxd-KML_S4ips

So the wallet link on OP now is safe ?

Supposed to be. The op only left the infected wallet up for a few hours. But would you risk downloading from someone who you know for certain is in control of a virus?

So is there a way I can determine for sure whether I ran the infected version?
sr. member
Activity: 252
Merit: 250
https://mega.co.nz/#!6cAxzBjT!KVntyW_y8j4QVwobEHROrRhpuKnX_2uxd-KML_S4ips

So the wallet link on OP now is safe ?

Supposed to be. The op only left the infected wallet up for a few hours. But would you risk downloading from someone who you know for certain is in control of a virus?
full member
Activity: 132
Merit: 100
https://mega.co.nz/#!6cAxzBjT!KVntyW_y8j4QVwobEHROrRhpuKnX_2uxd-KML_S4ips

So the wallet link on OP now is safe ?

Nope, on your own risk. Just like the moderator warns you in the OP.

What is safe though is to conclude that this coin is a major scam coin.
sr. member
Activity: 308
Merit: 250
https://mega.co.nz/#!6cAxzBjT!KVntyW_y8j4QVwobEHROrRhpuKnX_2uxd-KML_S4ips

So the wallet link on OP now is safe ?
newbie
Activity: 54
Merit: 0
look at the op guys, its from zipdev
the wallet you noobs downloaded is form a guy named zipdev _
DIFFERANT PEOPLE, SECOND ONE IS JUST A COPYCAT SCANNER THAT GOT U NOOBS WHO DONT PAY ATTENTION TO DOWNLOAD A FAKE WALLET. GOOD JOB
never dl anything except from OP ANN!!!

What? the fake zipdev _ made his first post like 30 mins ago and he didnt even post any wallets.

I downloaded the wallet from the OP and so did others.

Can everyone who comes across this post check the directory C:\users\MyUsername\Appdata\Local\Spoon\Sandbox\Zipcoin-Qt\2.0.0.0\local\stubexe and look for 2 files, 1 called ztor.exe and the other is zipcoin-qt.exe Im pretty sure the zipcoin-qt.exe in the stubexe directory is only named that and not the actual wallet itself
Be sure to enable hidden files and folders http://www.bleepingcomputer.com/tutorials/show-hidden-files-in-windows-7/
These are the viruses.

EDIT: netsh.exe is also in there
For information.: https://cryptocointalk.com/topic/13908-zipcoin-zip-information/

Could all who have the infected windows qt wallet post the md5sum of the file?

Here is MD5: B6D4AD693400D53AC8F34D8237C98AD2
member
Activity: 113
Merit: 10
sorry took a while...here is what i believe to be the virus QT...

https://mega.co.nz/#!L1IBwTzB!sHUsuf3fLQ-PJrtScL7IZaT99DPNesSSrUfJ_ehFjkg



Thanks, I just tested this and it is the same thing that happened on my compromised PC. This was the original windows wallet that was posted. It starts with the ztor.exe process, and creates the C:/user/Appdata/local/spoon backdoor program.

Anyone in doubt should test this themselves on a vm or sandbox, DO NOT RUN THAT EXE ON YOUR NORMAL SYSTEM.

NP thanks for verify. Could some more people do this for credibility please?
newbie
Activity: 54
Merit: 0
sorry took a while...here is what i believe to be the virus QT...

https://mega.co.nz/#!L1IBwTzB!sHUsuf3fLQ-PJrtScL7IZaT99DPNesSSrUfJ_ehFjkg



Thanks, I just tested this and it is the same thing that happened on my compromised PC. This was the original windows wallet that was posted. It starts with the ztor.exe process, and creates the C:/user/Appdata/local/spoon backdoor program.

Anyone in doubt should test this themselves on a vm or sandbox, DO NOT RUN THAT EXE ON YOUR NORMAL SYSTEM.
newbie
Activity: 54
Merit: 0
wouldnt pools have a major issue than with this virues?? wouldnt they have shut it down already instead of keep running and allowing miners to mine and possibly get compromised??
i dont get it, i have had nothing stolen and i dl the wallet a cpl days ago...

No, the source code is clean, and pools and exchanges compile from the source code. The keylogger/backdoor was packaged with the already compiled windows wallet that was in the ann.
member
Activity: 113
Merit: 10
sorry took a while...here is what i believe to be the virus QT...

https://mega.co.nz/#!L1IBwTzB!sHUsuf3fLQ-PJrtScL7IZaT99DPNesSSrUfJ_ehFjkg

legendary
Activity: 1131
Merit: 1007
wouldnt pools have a major issue than with this virues?? wouldnt they have shut it down already instead of keep running and allowing miners to mine and possibly get compromised??
i dont get it, i have had nothing stolen and i dl the wallet a cpl days ago...

It could be that they were looking for specific coins?

I don't know.

I haven't had anything taken either but all this talk has got me a little worried.  Guess I will reformat to be safe.  Thanks Zipcoin!  Embarrassed
sr. member
Activity: 252
Merit: 250
wouldnt pools have a major issue than with this virues?? wouldnt they have shut it down already instead of keep running and allowing miners to mine and possibly get compromised??
i dont get it, i have had nothing stolen and i dl the wallet a cpl days ago...

Pools and exchanges build the wallets from source, the source does not have the viruses. Only we were infected because we downloaded the packaged .exe with the viruses
sr. member
Activity: 252
Merit: 250
Could you upload to virustotal?


Yes it says its clear: https://www.virustotal.com/en/file/6b1f9c129d06fc010850c6a44ec443b4435735722cfd4fe271737f1ab4f7e90a/analysis/

But its not

The only way i can test the file thats the logger is to execute the qt file then it pasted the logger into a folder on my pc.

Yeap, virustotal does not prove it's clean. I'm almost convinced that all this is not just FUD to get cheap coins.

BTW, why don't you guys encrypt your wallets? That's why encryption is there for. To avoid situations like this.

Are you sure you are nothing to do with this virus. If we encrypt the wallet, you or the keylogger will have access to all our coins. Are you for real..

Obviously, wallet encryption is just another layer of security. It would just give you some time to find out about the virus problem and further protect your other wallets. FYI, without encryption ALL your wallets are in danger EVERY time you run a 3rd party proprietary application on your pc.


I fucked up by not encrypting, I know. I have just ordered this https://www.buytrezor.com/ should help with BTC wallets at least
hero member
Activity: 756
Merit: 500
wouldnt pools have a major issue than with this virues?? wouldnt they have shut it down already instead of keep running and allowing miners to mine and possibly get compromised??
i dont get it, i have had nothing stolen and i dl the wallet a cpl days ago...
sr. member
Activity: 415
Merit: 250
look at the op guys, its from zipdev
the wallet you noobs downloaded is form a guy named zipdev _
DIFFERANT PEOPLE, SECOND ONE IS JUST A COPYCAT SCANNER THAT GOT U NOOBS WHO DONT PAY ATTENTION TO DOWNLOAD A FAKE WALLET. GOOD JOB
never dl anything except from OP ANN!!!

What? the fake zipdev _ made his first post like 30 mins ago and he didnt even post any wallets.

I downloaded the wallet from the OP and so did others.

Can everyone who comes across this post check the directory C:\users\MyUsername\Appdata\Local\Spoon\Sandbox\Zipcoin-Qt\2.0.0.0\local\stubexe and look for 2 files, 1 called ztor.exe and the other is zipcoin-qt.exe Im pretty sure the zipcoin-qt.exe in the stubexe directory is only named that and not the actual wallet itself
Be sure to enable hidden files and folders http://www.bleepingcomputer.com/tutorials/show-hidden-files-in-windows-7/
These are the viruses.

EDIT: netsh.exe is also in there

For information.: https://cryptocointalk.com/topic/13908-zipcoin-zip-information/
sr. member
Activity: 252
Merit: 250
look at the op guys, its from zipdev
the wallet you noobs downloaded is form a guy named zipdev _
DIFFERANT PEOPLE, SECOND ONE IS JUST A COPYCAT SCAMMER THAT GOT U NOOBS WHO DONT PAY ATTENTION TO DOWNLOAD A FAKE WALLET. GOOD JOB
never dl anything except from OP ANN!!!
i have seen this on every coin i cant beleive u guys fall for it, must be noobies or fakers fudding
theirs been 6 btc of zip eaten by one guy from his 10 btc buywall and he still is leaving 4btc more to get sold into.
this is so obvious a fudd attempt for ppl to get rid of all their cheap coins while a whale collects, nobody buys 10btc of a shitcoin without a plan, get a clue ppl go look at bittrex his buywall is still up

Unless your the coin cloner with a massive bag that wants to sell higher. Havent people cottoned on to these things yet?
legendary
Activity: 1330
Merit: 1000
wtf,

dev is not responding at all
sr. member
Activity: 252
Merit: 250
look at the op guys, its from zipdev
the wallet you noobs downloaded is form a guy named zipdev _
DIFFERANT PEOPLE, SECOND ONE IS JUST A COPYCAT SCANNER THAT GOT U NOOBS WHO DONT PAY ATTENTION TO DOWNLOAD A FAKE WALLET. GOOD JOB
never dl anything except from OP ANN!!!

What? the fake zipdev _ made his first post like 30 mins ago and he didnt even post any wallets.

I downloaded the wallet from the OP and so did others.

Can everyone who comes across this post check the directory C:\users\MyUsername\Appdata\Local\Spoon\Sandbox\Zipcoin-Qt\2.0.0.0\local\stubexe and look for 2 files, 1 called ztor.exe and the other is zipcoin-qt.exe Im pretty sure the zipcoin-qt.exe in the stubexe directory is only named that and not the actual wallet itself
Be sure to enable hidden files and folders http://www.bleepingcomputer.com/tutorials/show-hidden-files-in-windows-7/
These are the viruses.

EDIT: netsh.exe is also in there
Pages:
Jump to: