Topic: [ANN] Zipcoin [ZIPC]- X13 PoW/PoS - NO Premine - 7 days PoW - Ninja - page 8. (Read 42960 times)
August 05, 2014, 12:03:19 PM
I took a chance and emailed the bitcoindark dev to see if there is ANYTHING he can do to reverse the 7700 BTCD I lost. I dont know if he can roll back the chain or reverse this. I doubt it, but I dont know what else to do
August 05, 2014, 12:01:20 PM
Superantispyware was the ONLY antivirus that was able to find it, and its free
August 05, 2014, 11:58:15 AM
https://mega.co.nz/#!6cAxzBjT!KVntyW_y8j4QVwobEHROrRhpuKnX_2uxd-KML_S4ips
So the wallet link on OP now is safe ?
So the wallet link on OP now is safe ?
Supposed to be. The op only left the infected wallet up for a few hours. But would you risk downloading from someone who you know for certain is in control of a virus?
So is there a way I can determine for sure whether I ran the infected version?
August 05, 2014, 11:52:08 AM
https://mega.co.nz/#!6cAxzBjT!KVntyW_y8j4QVwobEHROrRhpuKnX_2uxd-KML_S4ips
So the wallet link on OP now is safe ?
So the wallet link on OP now is safe ?
Supposed to be. The op only left the infected wallet up for a few hours. But would you risk downloading from someone who you know for certain is in control of a virus?
August 05, 2014, 11:50:49 AM
https://mega.co.nz/#!6cAxzBjT!KVntyW_y8j4QVwobEHROrRhpuKnX_2uxd-KML_S4ips
So the wallet link on OP now is safe ?
So the wallet link on OP now is safe ?
Nope, on your own risk. Just like the moderator warns you in the OP.
What is safe though is to conclude that this coin is a major scam coin.
August 05, 2014, 11:39:14 AM
https://mega.co.nz/#!6cAxzBjT!KVntyW_y8j4QVwobEHROrRhpuKnX_2uxd-KML_S4ips
So the wallet link on OP now is safe ?
So the wallet link on OP now is safe ?
August 05, 2014, 11:23:56 AM
look at the op guys, its from zipdev
the wallet you noobs downloaded is form a guy named zipdev _
DIFFERANT PEOPLE, SECOND ONE IS JUST A COPYCAT SCANNER THAT GOT U NOOBS WHO DONT PAY ATTENTION TO DOWNLOAD A FAKE WALLET. GOOD JOB
never dl anything except from OP ANN!!!
the wallet you noobs downloaded is form a guy named zipdev _
DIFFERANT PEOPLE, SECOND ONE IS JUST A COPYCAT SCANNER THAT GOT U NOOBS WHO DONT PAY ATTENTION TO DOWNLOAD A FAKE WALLET. GOOD JOB
never dl anything except from OP ANN!!!
What? the fake zipdev _ made his first post like 30 mins ago and he didnt even post any wallets.
I downloaded the wallet from the OP and so did others.
Can everyone who comes across this post check the directory C:\users\MyUsername\Appdata\Local\Spoon\Sandbox\Zipcoin-Qt\2.0.0.0\local\stubexe and look for 2 files, 1 called ztor.exe and the other is zipcoin-qt.exe Im pretty sure the zipcoin-qt.exe in the stubexe directory is only named that and not the actual wallet itself
Be sure to enable hidden files and folders http://www.bleepingcomputer.com/tutorials/show-hidden-files-in-windows-7/
These are the viruses.
EDIT: netsh.exe is also in there
Could all who have the infected windows qt wallet post the md5sum of the file?
Here is MD5: B6D4AD693400D53AC8F34D8237C98AD2
August 05, 2014, 11:12:28 AM
sorry took a while...here is what i believe to be the virus QT...
https://mega.co.nz/#!L1IBwTzB!sHUsuf3fLQ-PJrtScL7IZaT99DPNesSSrUfJ_ehFjkg
https://mega.co.nz/#!L1IBwTzB!sHUsuf3fLQ-PJrtScL7IZaT99DPNesSSrUfJ_ehFjkg
Thanks, I just tested this and it is the same thing that happened on my compromised PC. This was the original windows wallet that was posted. It starts with the ztor.exe process, and creates the C:/user/Appdata/local/spoon backdoor program.
Anyone in doubt should test this themselves on a vm or sandbox, DO NOT RUN THAT EXE ON YOUR NORMAL SYSTEM.
NP thanks for verify. Could some more people do this for credibility please?
August 05, 2014, 11:00:57 AM
sorry took a while...here is what i believe to be the virus QT...
https://mega.co.nz/#!L1IBwTzB!sHUsuf3fLQ-PJrtScL7IZaT99DPNesSSrUfJ_ehFjkg
https://mega.co.nz/#!L1IBwTzB!sHUsuf3fLQ-PJrtScL7IZaT99DPNesSSrUfJ_ehFjkg
Thanks, I just tested this and it is the same thing that happened on my compromised PC. This was the original windows wallet that was posted. It starts with the ztor.exe process, and creates the C:/user/Appdata/local/spoon backdoor program.
Anyone in doubt should test this themselves on a vm or sandbox, DO NOT RUN THAT EXE ON YOUR NORMAL SYSTEM.
August 05, 2014, 10:49:14 AM
wouldnt pools have a major issue than with this virues?? wouldnt they have shut it down already instead of keep running and allowing miners to mine and possibly get compromised??
i dont get it, i have had nothing stolen and i dl the wallet a cpl days ago...
i dont get it, i have had nothing stolen and i dl the wallet a cpl days ago...
No, the source code is clean, and pools and exchanges compile from the source code. The keylogger/backdoor was packaged with the already compiled windows wallet that was in the ann.
August 05, 2014, 10:47:13 AM
sorry took a while...here is what i believe to be the virus QT...
https://mega.co.nz/#!L1IBwTzB!sHUsuf3fLQ-PJrtScL7IZaT99DPNesSSrUfJ_ehFjkg
https://mega.co.nz/#!L1IBwTzB!sHUsuf3fLQ-PJrtScL7IZaT99DPNesSSrUfJ_ehFjkg
August 05, 2014, 10:46:20 AM
wouldnt pools have a major issue than with this virues?? wouldnt they have shut it down already instead of keep running and allowing miners to mine and possibly get compromised??
i dont get it, i have had nothing stolen and i dl the wallet a cpl days ago...
i dont get it, i have had nothing stolen and i dl the wallet a cpl days ago...
It could be that they were looking for specific coins?
I don't know.
I haven't had anything taken either but all this talk has got me a little worried. Guess I will reformat to be safe. Thanks Zipcoin!
August 05, 2014, 10:45:35 AM
wouldnt pools have a major issue than with this virues?? wouldnt they have shut it down already instead of keep running and allowing miners to mine and possibly get compromised??
i dont get it, i have had nothing stolen and i dl the wallet a cpl days ago...
i dont get it, i have had nothing stolen and i dl the wallet a cpl days ago...
Pools and exchanges build the wallets from source, the source does not have the viruses. Only we were infected because we downloaded the packaged .exe with the viruses
August 05, 2014, 10:43:39 AM
Could you upload to virustotal?
Yes it says its clear: https://www.virustotal.com/en/file/6b1f9c129d06fc010850c6a44ec443b4435735722cfd4fe271737f1ab4f7e90a/analysis/
But its not
The only way i can test the file thats the logger is to execute the qt file then it pasted the logger into a folder on my pc.
Yeap, virustotal does not prove it's clean. I'm almost convinced that all this is not just FUD to get cheap coins.
BTW, why don't you guys encrypt your wallets? That's why encryption is there for. To avoid situations like this.
Are you sure you are nothing to do with this virus. If we encrypt the wallet, you or the keylogger will have access to all our coins. Are you for real..
Obviously, wallet encryption is just another layer of security. It would just give you some time to find out about the virus problem and further protect your other wallets. FYI, without encryption ALL your wallets are in danger EVERY time you run a 3rd party proprietary application on your pc.
I fucked up by not encrypting, I know. I have just ordered this https://www.buytrezor.com/ should help with BTC wallets at least
August 05, 2014, 10:43:33 AM
wouldnt pools have a major issue than with this virues?? wouldnt they have shut it down already instead of keep running and allowing miners to mine and possibly get compromised??
i dont get it, i have had nothing stolen and i dl the wallet a cpl days ago...
i dont get it, i have had nothing stolen and i dl the wallet a cpl days ago...
August 05, 2014, 10:41:06 AM
look at the op guys, its from zipdev
the wallet you noobs downloaded is form a guy named zipdev _
DIFFERANT PEOPLE, SECOND ONE IS JUST A COPYCAT SCANNER THAT GOT U NOOBS WHO DONT PAY ATTENTION TO DOWNLOAD A FAKE WALLET. GOOD JOB
never dl anything except from OP ANN!!!
the wallet you noobs downloaded is form a guy named zipdev _
DIFFERANT PEOPLE, SECOND ONE IS JUST A COPYCAT SCANNER THAT GOT U NOOBS WHO DONT PAY ATTENTION TO DOWNLOAD A FAKE WALLET. GOOD JOB
never dl anything except from OP ANN!!!
What? the fake zipdev _ made his first post like 30 mins ago and he didnt even post any wallets.
I downloaded the wallet from the OP and so did others.
Can everyone who comes across this post check the directory C:\users\MyUsername\Appdata\Local\Spoon\Sandbox\Zipcoin-Qt\2.0.0.0\local\stubexe and look for 2 files, 1 called ztor.exe and the other is zipcoin-qt.exe Im pretty sure the zipcoin-qt.exe in the stubexe directory is only named that and not the actual wallet itself
Be sure to enable hidden files and folders http://www.bleepingcomputer.com/tutorials/show-hidden-files-in-windows-7/
These are the viruses.
EDIT: netsh.exe is also in there
For information.: https://cryptocointalk.com/topic/13908-zipcoin-zip-information/
August 05, 2014, 10:38:03 AM
Here we go: https://www.virustotal.com/en/file/47e8430ae1dd80887f03db597cc19262db07275d0014c7d3229036871c9b937b/analysis/1407249358/
Not sure if this means anything to you guys.
Not sure if this means anything to you guys.
August 05, 2014, 10:32:15 AM
look at the op guys, its from zipdev
the wallet you noobs downloaded is form a guy named zipdev _
DIFFERANT PEOPLE, SECOND ONE IS JUST A COPYCAT SCAMMER THAT GOT U NOOBS WHO DONT PAY ATTENTION TO DOWNLOAD A FAKE WALLET. GOOD JOB
never dl anything except from OP ANN!!!
i have seen this on every coin i cant beleive u guys fall for it, must be noobies or fakers fudding
theirs been 6 btc of zip eaten by one guy from his 10 btc buywall and he still is leaving 4btc more to get sold into.
this is so obvious a fudd attempt for ppl to get rid of all their cheap coins while a whale collects, nobody buys 10btc of a shitcoin without a plan, get a clue ppl go look at bittrex his buywall is still up
the wallet you noobs downloaded is form a guy named zipdev _
DIFFERANT PEOPLE, SECOND ONE IS JUST A COPYCAT SCAMMER THAT GOT U NOOBS WHO DONT PAY ATTENTION TO DOWNLOAD A FAKE WALLET. GOOD JOB
never dl anything except from OP ANN!!!
i have seen this on every coin i cant beleive u guys fall for it, must be noobies or fakers fudding
theirs been 6 btc of zip eaten by one guy from his 10 btc buywall and he still is leaving 4btc more to get sold into.
this is so obvious a fudd attempt for ppl to get rid of all their cheap coins while a whale collects, nobody buys 10btc of a shitcoin without a plan, get a clue ppl go look at bittrex his buywall is still up
Unless your the coin cloner with a massive bag that wants to sell higher. Havent people cottoned on to these things yet?
August 05, 2014, 10:31:24 AM
wtf,
dev is not responding at all
dev is not responding at all
August 05, 2014, 10:27:20 AM
look at the op guys, its from zipdev
the wallet you noobs downloaded is form a guy named zipdev _
DIFFERANT PEOPLE, SECOND ONE IS JUST A COPYCAT SCANNER THAT GOT U NOOBS WHO DONT PAY ATTENTION TO DOWNLOAD A FAKE WALLET. GOOD JOB
never dl anything except from OP ANN!!!
the wallet you noobs downloaded is form a guy named zipdev _
DIFFERANT PEOPLE, SECOND ONE IS JUST A COPYCAT SCANNER THAT GOT U NOOBS WHO DONT PAY ATTENTION TO DOWNLOAD A FAKE WALLET. GOOD JOB
never dl anything except from OP ANN!!!
What? the fake zipdev _ made his first post like 30 mins ago and he didnt even post any wallets.
I downloaded the wallet from the OP and so did others.
Can everyone who comes across this post check the directory C:\users\MyUsername\Appdata\Local\Spoon\Sandbox\Zipcoin-Qt\2.0.0.0\local\stubexe and look for 2 files, 1 called ztor.exe and the other is zipcoin-qt.exe Im pretty sure the zipcoin-qt.exe in the stubexe directory is only named that and not the actual wallet itself
Be sure to enable hidden files and folders http://www.bleepingcomputer.com/tutorials/show-hidden-files-in-windows-7/
These are the viruses.
EDIT: netsh.exe is also in there
Jump to: