Bitcoin Forum>Economy>Trading Discussion>Scam Accusations
Author

Topic: DarkPay coin - fake project, malicious wallet! (Read 311 times)

morvillz7z
legendary
Activity: 2212
Merit: 2061
Join the world-leading crypto sportsbook NOW!
DarkPay coin - fake project, malicious wallet!
April 20, 2019, 05:49:22 PM
#9
I'm sorry to bump my own thread but it's easier for me to then report this sorry soab.

The same story, he makes a new account, copy-pastes some random ANN and sneaks a malicious wallet inside.

MaBug

Code:
Date Registered: Today at 10:32:47 PM
Last Active: Today at 10:55:35 PM

[ANN] Allvor: cryptocurrency for e-commerce powered by the XRP Ledger - (archived)

Original Allvor ANN - https://bitcointalksearch.org/topic/ann-allvor-cryptocurrency-for-e-commerce-powered-by-the-xrp-ledger-3218546

do not click/or download:
Code:
https://bitbucket.org/astingl/allvor/downloads/ToastWallet-2.5.8.7z



https://www.virustotal.com/#/url/de241762ac640d8d38db9d43d11fc80a254f0afc8069565bfe7111db0f721f6f/detection
morvillz7z
legendary
Activity: 2212
Merit: 2061
Join the world-leading crypto sportsbook NOW!
Re: DarkPay coin - fake project, malicious wallet!
April 18, 2019, 07:20:49 PM
#8
This guy obviously isn't stopping anytime soon. He made a brand new account just to start another ANN with an infected wallet inside.

Hezacez

Code:
Date Registered: April 18, 2019, 09:44:49 PM
Last Active: April 18, 2019, 09:49:47 PM

QXAN Coin POW|POS|MN - listed on Crex24 - ORIGINAL QUANTIS CODE before FORK ! - (archived)

Original QXAN ANN - https://bitcointalksearch.org/topic/qxan-coin-powposmn-listed-on-crex24-original-quantis-code-before-fork-5100233

do not click/or download:
Code:
Windows CLI + GUI (64-bit):
https://bitbucket.org/astingl/qxan/downloads/quantis.windows-qt.zip



https://www.virustotal.com/#/file/2004c91c7ae0ecca292ef3fe15983bb03cf4df98ae49a12bfb93c78903570d5c/detection


morvillz7z
legendary
Activity: 2212
Merit: 2061
Join the world-leading crypto sportsbook NOW!
Re: DarkPay coin - fake project, malicious wallet!
April 17, 2019, 04:55:41 PM
#7
Update:

Apparently, KillRoy2005 is not his only alt account, I found another one - morthar.

[ANN][ZUS]Zeleus - fast transactions, anonymity, rapid development[CNv8/CPU]; (archived)

This time virustotal detects: https://i.ibb.co/Y49vHNd/zml.jpg

and a user report:
Quote from: ?? on ??
dont use it its a password stealer
i try it windows defender block it


PWS:Win32/Mocrt.A!MTB
Alert level: severe
Status:quarantine
Category:password stealer
Details:this program is dangerous password stealer


For some odd reason, s107n decided to bump a masternode project with a plagiarized post, what's even funnier is that only bumping bots that I reported last year use the copied text. I'm not sure if a connection exists between the two, but it definitely feels weird.

Copy:
Quote from: s107n on April 17, 2019, 12:27:04 PM
I need to know more about this project on how this things worked so that I can see whether it has the ability to be successful. This project is still new and to make things clearly we should research more about their whole team and the developers

(archived)

Original:
Quote from: James1977 on March 15, 2018, 12:05:44 AM
I need to know more about this project on how this things worked so that I can see whether it has the ability to be successful. This project is still new and to make things clearly we should research more about their whole team and the developers

(archived)
ICOEthics
sr. member
Activity: 392
Merit: 892
Re: DarkPay coin - fake project, malicious wallet!
April 17, 2019, 10:03:33 AM
#6
Quote from: morvillz7z on April 17, 2019, 09:52:08 AM
Check the post above yours in "Report plagiarism (copy/paste) here.".  Grin

Hopefully, this time mods ban him but seeing how stubborn/persistent he is with fake projects/ANNs, I won't be surprised to spot more of these alt accounts trying to push infected qt wallets again.

Ooops... sorry... deleted... I just clicked reply and... deleted now.  Smiley

I think those idiots are in a deep stage of anger/hate. Trying to f*** people in this forum with their virus etc..
Maybe someone killed their pet project and they are very upset.


morvillz7z
legendary
Activity: 2212
Merit: 2061
Join the world-leading crypto sportsbook NOW!
Re: DarkPay coin - fake project, malicious wallet!
April 17, 2019, 09:52:08 AM
#5
Check the post above yours in "Report plagiarism (copy/paste) here.".  Grin

Hopefully, this time mods ban him but seeing how stubborn/persistent he is with fake projects/ANNs, I won't be surprised to spot more of these alt accounts trying to push infected qt wallets again.
ICOEthics
sr. member
Activity: 392
Merit: 892
Re: DarkPay coin - fake project, malicious wallet!
April 17, 2019, 09:38:31 AM
#4
Profile - https://bitcointalksearch.org/user/killroy2005-1172103  (tagged by Morvillz7z as s107n alt's)

ANN - https://bitcointalksearch.org/topic/ann-stc-bitcoin-for-common-man-powscryptno-ico-5132751
archive: http://web.archive.org/web/20190417132852/https://bitcointalksearch.org/topic/ann-stc-bitcoin-for-common-man-powscryptno-ico-5132751

Plagiarized ANN

copied from here: https://bitcointalksearch.org/topic/ann-stoc-satoshi-bitcoin-for-common-man-2971102

morvillz7z
legendary
Activity: 2212
Merit: 2061
Join the world-leading crypto sportsbook NOW!
Re: DarkPay coin - fake project, malicious wallet!
April 16, 2019, 07:29:24 PM
#3
Mods cleaned up almost everything but they didn't ban him. I guess it's "hard" to prove a malware within a wallet. Anyway, in return that dumb shit posted another ann with the same self-extracting keylogger which I'm now reporting. Hopefully, they get rid of this idiot once and for all (not that he won't make another account tomorrow...Undecided).

[ANN][TRY] Tyron - experimental cryptocurrency [CNv8/POW][NO ICO]; archived

suchmoon
legendary
Activity: 3654
Merit: 8909
https://bpip.org
Re: DarkPay coin - fake project, malicious wallet!
April 16, 2019, 01:04:09 PM
#2
Make sure to report to mods too... should be banned for spreading malware.
morvillz7z
legendary
Activity: 2212
Merit: 2061
Join the world-leading crypto sportsbook NOW!
Re: DarkPay coin - fake project, malicious wallet!
April 16, 2019, 01:01:02 PM
#1
What happened: User creates multiple fake projects and posts a link with malicious wallets inside.

Reference Link: https://github.com/DarkPay-coin/

Announced by: s107n

ANN: https://bitcointalksearch.org/topic/anndpy-darkpay-progress-in-anonymous-payments-equihashpow-5132473

  • User s107n has posted his fifth project within the past two weeks, all projects are fake with only a link to a possibly infected wallet
  • All topics are self-moderated where he deletes every post that exposes him, he also edits his own post and he then deletes github channels

Google cache links does not work but we can clearly see projects name and GitHub link:

[ANN][ZXS]ZEXUS - anonymity, security, rapid development posted on Apr 3, 2019 github link gone!

[ANN][CLK]ClasteK - explerimental cryptocurrency posted on Apr 7, 2019 github link gone!

[ANN][SEA]SaveEarthCoin - salvation at any cost posted on Apr 8, 2019 github link gone!


Archive of the ANN:https://archive.fo/pFXvK

Edit1;

Quote from: suchmoon on April 16, 2019, 01:04:09 PM
Make sure to report to mods too... should be banned for spreading malware.

I did.



https://www.virustotal.com/gui/file/fd7271adefbd4169388e72b0a8b804834a17f60a86815224f6e5f41fbad24c2b/detection

Edit2;

Quote from: lulworm on April 16, 2019, 09:02:56 AM
You deleted my post and i'll post again cos atm i've nothing doing.
Scamming people and hacking is an offense and i hope you are aware of that.

Possibly Malicious file ...

After simulation, The wallet creates creates an extra executable file "darkpay.exe" in the roaming folder.
The archive also contains "resource.dll" not sure why but but won't be too far from containing stubs fro encrypted virus.
This action is suspicious considering the fact the the source code isn't uploaded.

I scanned and was clean but don't be fooled with crypters as it can be encrypted to avoid detection from antivirus.

Everyone beware of this binary wallet, i rate it at High risk!
Bitcoin Forum>Economy>Trading Discussion>Scam Accusations
Jump to: