Topic: Claymore's Dual Ethereum AMD+NVIDIA GPU Miner v15.0 (Windows/Linux) - page 104. (Read 6590565 times)

I seriously believe it's a coincidence.
He has one of the most popular mining software on the market and about 15 minutes of every day that you run his software it mines for HIM. That's the developer fee. Now multiply that for every mining machine running his software. I think he's set dude. I don't think he needs to bother hacking into your computer to steal your crypto. No offense, but what makes YOU so special that would attract HIM to steal from you? Nobody else on here is accusing him of stealing from him, right? If we all had that in common this place would be blowing up with complaints.
Something to add:
Occam's razer. Your vulnerability is likely the weakest point in your security.
Example: Do you use a VPN when logging onto message boards like this one? If not, this someone might have admin/mod access (that isn't necessarily an admin/mod) and has your ip address. Now that person knows you're into crypto so you probably have some crypto accounts or wallets stored on your computer.

Example #2: And it doesn't even have to be forums that someone gets your ip address. It could also be seeding torrents. If you download/seed torrents those are other vulnerabilities. An unknown people have your ip address and although the odds of one of those people wanting to do something malicious is slim the odds are great that SOMEBODY at SOME POINT will.


So how to hack someone with an IP address? Well... nmap the ip address and look for ports open. My weakest point was RDP as it turned out. Check out how to hack RDP and you'll find tons of stuff! It's actually kinda scary how easy it can be! That's why I took quick action to lock my shit down.

With your IP address I can get your approximate location, maybe even your name/email, recent torrents that you've downloaded/seeded, open ports which will tell me what you do online (play games, IIS/FTP, remote access, etc).

There are also issues with some browser extensions:

Example: Here we have a very harmless (we thought) browser extension. It's nothing more than a downloader. Want to download something on Mega? It's a very useful download manager. https://www.bleepingcomputer.com/news/security/mega-chrome-extension-hacked-to-steal-login-credentials-and-cryptocurrency/
That's why I uninstalled ALL of the browsers on my mining machines and computers. I don't take any chances anymore. The one computer that I'm using now doesn't even have any access to crypto.
I set up a different e-mail address (normalemail.crypto@gmail.com) and while I was at it I set one up for my online purchases (normalemail.orders@gmail.com) which is only done on my laptop and cellphone (damn Amazon addiction.)

I'm not trying to dare a hacker but there's no way that even if they DID manage to hack the computer that I'm using that they would be able to do anything except mess up my social media and delete some files. If they did acquire my passwords through keylogger then they would only have access to non-crypto related crap. They could probably get into my banks/credit cards, etc but that stuff can be disputed and even cancelled. No permanent harm. But as you've discovered that once they're into your wallet... it's gone.

Another piece of advice, stop using your wallet! They might have your private keys. By continuing to use your old wallet you could pretty much be paying them without knowing it and they're just waiting for the perfect time to clean you out again.

So unless you have some solid proof please stop accusing a hardworking developer. Accusations on here without evidence is defamation and libel. It literally make HIM a victim. If you have (or think you have) sufficient evidence then go to law enforcement. Good luck with that.

BTW, with mining profitability starting to regain popularity I'd definitely be on your guard. We're all potential victims.

Hello im amd vega farmer using nicehash as im all for BTc , I´v been using Trm on CNR since Btc started to raise my profitability goes down since most of cryptos cant keep up with btc .. but ethernium handles it better and as of now the profitability is near CNR 
soon im sure i be depentable on claymore so i just wanted to know the max  hashrates i can achieve with my vegas 56 flashed to 64  using memory timing  drivers 18.5.1

+1

to Binary100100
It already taught me.

You think this is a coincidence - I doubt it.

That's great! Thanks for the response Claymore. I look forward to using what you whip up for these rx 5700 xt cards. 

I write miners since 2014 and I have some good reputation and earnings in this area, so I don't have any reasons to write viruses and I don't need your coins, I already have enough of them.


Yes I'm checking this card, but I need a few days to see what hashrate it can achieve.

+1

I think whole ETH community is waiting for this 

Hey Claymore any input or any sort of work going on to get the new rx 5700xt mining on your platform? Thanks!

I'm sure there are a lot of people that can share stories. I'll consider it.
I forgot to mention another thing that I do as well... should be a no-brainer though... change your IP address assigned by your ISP. Do this by changing the mac address on the router. Reboot if necessary. So if someone is trying to do a MITM (man in the middle attack) or trying to crack your computers by brute-force then make it tougher for them by changing your IP address every once in a while.

This is a very informative and experience-filled post; I think you should make a new thread (maybe in Beginners & Help section?) and express this experience of yours there, so that it may reach more people and create more awareness.

I've been hacked... twice.
Both times they used RDP to access. The first time they just used my Google password and cleaned out some of my trading platform wallets (Nicehash, Gemini, Binance, etc) because I had my passwords saved on Chrome. Really stupid! I only lost a couple hundred bucks though. But I should have taken better action than changing my passwords because that's all I did. The second time it was because Chrome Remote Desktop! (That was another dumb idea. Almost as dumb as having everything stored to my Exodus wallet.)
What I think happened the first time was someone cracked my Google account (again). With that they were able to access my machines... to include the one with my Exodus wallet. They logged on, installed a keylogger and logged off. They logged on again later once they acquired my password for Exodus and cleaned me out. They I had over 30LTC stored in it.
It had nothing to do with Claymore though because I didn't have it installed on my machine with Exodus.

So now....

I use Awesome Miner to manager my rigs on a separate machines (I don't have any internet browsers on it or anything else) and my rigs don't have anything saved to it. I mine with MiningPoolHub and everything is paid out to my Ledger hardware wallet. All trading platforms I access with only one machine (which I turn on and off only as needed) and my cellphone. My mining rigs and the machine with Awesome Miner are all connected to a VPN router. I won't say that it's impossible to hack but it's definitely a lot more secure than before. I have changed the RDP access ports (no longer 3389) I also have Pulseway installed on my primary machine (that I'm on now) and whenever an RDP connection is logged in Windows event logger (Event ID's 1149) it sends an alert to my phone. Of course I updated the firewall settings on both of my routers (primary router and my VPN router) so that a remote connection can only be made by ONE machine (white listed for the one with Awesome Miner running.)

Still... I don't tempt fate. I shut down everything that I don't need and I run anti-virus (ESET) and MalwareBytes daily.

Conclusion:
Use this as a learning experience. I heard stories of being hacked and losing everything but I never really learned anything from anyone because "It'll never happen to me. I'm a nobody."
Some optimism though: At least you were hacked today instead of next month when you have even more to lose. I wouldn't even bother trying to pursue the hacker/thief because even if you could identify him/her there's nothing your local law enforcement will do. Assuming you could prove it, it would be a tough case to fight in court.

Advice:
If you NEED to use a wallet (such as Exodus) then store it only on a virtual machine and then shut it down when you don't need it. And obviously never store your passwords on Chrome or any other browser. (I can't believe I did that.)

Not in a mining machine eh..


Your Home PC were compromised, Probably that information were already gathered even before downloading CM app, when you run the application it was already confirmed on your PC's open ports. Sorry for the loss

But for some reason this happened immediately after downloading Claymore's Dual Ethereum AMD+NVIDIA GPU Miner v14.7

Not. On your home computer.

thanks for the version 14.7

sorry for ur loss, but claymore has nothing to do with it!! JAXX has been hacked before and its never clever to store our crypto in such wallets!!! keyloggers can be infected by many sites/links, and MEGA NZ doesnt have a good rumor either!

Securing your wallet is owners responsibility, and WTH you are storing your wallet in your mining machine??

there is no virus inside the zipped Clay folder, there should be an issue somewhere else, you got infected by some other app
I'm sorry for your lost bro, no one can help you to get back your cryptos, Jaxx support can do nothing here