Pages:
Author

Topic: Backdoor in 1337 wallet...?! - page 2. (Read 1785 times)

legendary
Activity: 2282
Merit: 1051
unnamed.Exchange, join the Cool Kids!!!
November 11, 2015, 02:49:08 AM
#12
evil Haxxors around ....  Grin Grin Grin Grin Grin Grin Grin
full member
Activity: 182
Merit: 100
★YoBit.Net★ 350+ Coins Exchange & Dice
November 11, 2015, 02:43:02 AM
#11
Some |-|4><><0|2 in the past got hit by an overdose of creativity and named his backdoor/tool box of the trade 1337 as well. So MBAM, and maybe some other AV, gets a bit upset because of the name of the thing. Rename it and the actual keys, a selection of the usual ones found in wallets for settings, in that group just pass the test.

Anyway only MBAM reports this fact, Avast Antivirus with the last update doesn't tell anything about the qt wallet... And anyway i agree that maybe is just a coincidence and we don't need to worry about
sr. member
Activity: 346
Merit: 250
November 11, 2015, 02:33:43 AM
#10
Some |-|4><><0|2 in the past got hit by an overdose of creativity and named his backdoor/tool box of the trade 1337 as well. So MBAM, and maybe some other AV, gets a bit upset because of the name of the thing. Rename it and the actual keys, a selection of the usual ones found in wallets for settings, in that group just pass the test.
full member
Activity: 182
Merit: 100
★YoBit.Net★ 350+ Coins Exchange & Dice
November 11, 2015, 01:44:23 AM
#9
At this point i will move my 1337 wallet to a virtual machine and record any activity.... let's hope that the OP is just making some fud because isn't something that can be denied easly
legendary
Activity: 2282
Merit: 1051
unnamed.Exchange, join the Cool Kids!!!
November 11, 2015, 01:42:52 AM
#8
TillKoeln, just wanted to state that I have nothing against you!
I've traded many of your coins in the past & had no problems similar to this.

no Problem.  but the coin is allright 2 weeks old ^^  i wouldnt say that the Problem is inside the 1337 wallet.
you are the first one who has any Problems. maybe you should scan your whole System.


but maybe i am a Super Haxxor which is smarter than VirusTotal ^^  who knows .



hero member
Activity: 532
Merit: 500
Offer escrow, receive negative trust
November 11, 2015, 01:21:25 AM
#7
Now the download clean...but prior to posting this, it wasn't....

People must always draw their own conclusions, but why would a backdoor suddenly show up ONLY in my 1337 wallet, out of the 20+ wallets on my PC - 99% of which are of higher volume/popularity?  I haven't downloaded anything since the 1337 wallet - it doesn't make sense that something would magically, yet deliberately infect this specific directory....

TillKoeln, just wanted to state that I have nothing against you!

I've traded many of your coins in the past & had no problems similar to this.


Just very, very odd...never seen something like this before.

Want to make sure everyone else checks their stuff as well!
legendary
Activity: 2282
Merit: 1051
unnamed.Exchange, join the Cool Kids!!!
sr. member
Activity: 444
Merit: 250
November 10, 2015, 07:32:35 PM
#5
So then apparently this is proof there are some haxzorz running with this? Wink

Nope, it is  some sort of hidden treasure design for those who will install and run the wallet.  Cheesy
legendary
Activity: 1540
Merit: 1011
FUD Philanthropist™
November 10, 2015, 06:17:45 PM
#4
well that shows us a registry key flagged on your windows machine..
could have come from anywhere ..did you google it ?
i advise taking the wallet you mentioned and uploading it to VirusTotal.
post us the link to the result and maybe a link to the wallet (one of us can check it out)
jr. member
Activity: 41
Merit: 1
November 10, 2015, 05:05:30 PM
#3
So then apparently this is proof there are some haxzorz running with this? Wink
legendary
Activity: 1246
Merit: 1000
November 10, 2015, 04:22:40 PM
#2
A coin name l337 just screams "hidden virus!"
hero member
Activity: 532
Merit: 500
Offer escrow, receive negative trust
November 10, 2015, 03:50:54 PM
#1
Just found this today:



any explanations?

edit: not pointing any fingers; curious if anyone else has seen this too.  could be from anywhere
Pages:
Jump to: