Topic: Dracula Coin is a wallet stealing virus!!! WATCH OUT!! (Read 2229 times)
thank you for the information, i'll be more careful now in choosing altcoins and do a lot of research before investing so that i can avoidbeing hacked
a very interesting thread,
if running alt coins , in particular with a dev. that has a reputation such as this always use virtual machine
virtual box is free
if you are not into linux , run windows inside of windows, you can 'create' several vm's
the person above , curious the same person who was responsible for this was involved with razor....
i remember some other questionable people involved with that coin....
i truly feel bad for anyone who is a victim of a theft like this, it is shameful
also what the op stated about these 'wallets' being clean on virus total ect....
remember virus total can expose 'known' maliscious code......
if the crook uses a known virus and changes a few things around...............well.......... it is not going to come up hot....
even if you compile the wallets yourself...... unless you read through and carefully understand the code this can happen,
if anyone can point me to a link of the original github source code that had this 'virus' aka 'keylogger' in it I would like to inspect it closer.
Curious if they used similar techniques as I have seen used in the past or not....
good thread.
if running alt coins , in particular with a dev. that has a reputation such as this always use virtual machine
virtual box is free
if you are not into linux , run windows inside of windows, you can 'create' several vm's
the person above , curious the same person who was responsible for this was involved with razor....
i remember some other questionable people involved with that coin....
i truly feel bad for anyone who is a victim of a theft like this, it is shameful
also what the op stated about these 'wallets' being clean on virus total ect....
remember virus total can expose 'known' maliscious code......
if the crook uses a known virus and changes a few things around...............well.......... it is not going to come up hot....
even if you compile the wallets yourself...... unless you read through and carefully understand the code this can happen,
if anyone can point me to a link of the original github source code that had this 'virus' aka 'keylogger' in it I would like to inspect it closer.
Curious if they used similar techniques as I have seen used in the past or not....
good thread.
I don't have the source code but I do still have the original infected file all zipped up just the way it came
Thanks vegasguy for sharing this, it's much appreciated.
I wish it were free software though :S
I wish it were free software though :S
a very interesting thread,
if running alt coins , in particular with a dev. that has a reputation such as this always use virtual machine
virtual box is free
if you are not into linux , run windows inside of windows, you can 'create' several vm's
the person above , curious the same person who was responsible for this was involved with razor....
i remember some other questionable people involved with that coin....
i truly feel bad for anyone who is a victim of a theft like this, it is shameful
also what the op stated about these 'wallets' being clean on virus total ect....
remember virus total can expose 'known' maliscious code......
if the crook uses a known virus and changes a few things around...............well.......... it is not going to come up hot....
even if you compile the wallets yourself...... unless you read through and carefully understand the code this can happen,
if anyone can point me to a link of the original github source code that had this 'virus' aka 'keylogger' in it I would like to inspect it closer.
Curious if they used similar techniques as I have seen used in the past or not....
good thread.
if running alt coins , in particular with a dev. that has a reputation such as this always use virtual machine
virtual box is free
if you are not into linux , run windows inside of windows, you can 'create' several vm's
the person above , curious the same person who was responsible for this was involved with razor....
i remember some other questionable people involved with that coin....
i truly feel bad for anyone who is a victim of a theft like this, it is shameful
also what the op stated about these 'wallets' being clean on virus total ect....
remember virus total can expose 'known' maliscious code......
if the crook uses a known virus and changes a few things around...............well.......... it is not going to come up hot....
even if you compile the wallets yourself...... unless you read through and carefully understand the code this can happen,
if anyone can point me to a link of the original github source code that had this 'virus' aka 'keylogger' in it I would like to inspect it closer.
Curious if they used similar techniques as I have seen used in the past or not....
good thread.
He is one of the guys doing it.He has been real busy as of late.Don't ask this fucker for any help and don't buy anything he has to offer or your taking a big risk.I cant even mine anymore I cant find any clean downloads every time I download a mining app Like Multiminer/cudaminer/ccminer/bfgminer its infected with trojan.Thats how he got into my system a second time after I cleaned or thought I cleaned out infection now all that shit is just deleted.I dont know how to complie my own apps or I would do just what Nate Wools told me to do.I have ALWAYS had a big problem understand the cmd line it just confuses and befuddles me.I was trying to save up a bit to get my car fixed and to take some online classes on this crypto thing to learn how to compile my own apps and to set up pools.Im sick of relying on other pools to mine at and downloading infected shit.
Alts Has increasingly been to spread viruses. Thanks for the warning!
Use https://www.virustotal.com/
Use https://www.virustotal.com/
"I Vant To Suck Your Coin."
Jeez...the scammer must have a sick sense of humour.
Jeez...the scammer must have a sick sense of humour.
Infoirmation forwarded to all concerned parties.
HI!
This is short info. I will sleep few hours and give you more.
We found hacker with one of your CCB transaction.
Login: BuzzBuzz
Email: [email protected] (you can find a lot inresting info in google with this email, good for investigation)
IP adresses (probably proxy/vpn): 2.49.238.233, 92.99.158.27, 94.57.10.39, 31.215.122.14, 92.99.166.31, 2.49.255.193, 86.97.250.141
(Almost all ips are from Emirates, example - http://whois.domaintools.com/2.49.238.233
I don't now is it vpn/proxy, or real adresses. I will check it. )
Reg date: 19:50:49 20-05-2015
One of refferers before auth -
https://bitcointalk.org/index.php?topic=1076331.new
(seems like it's drakula dev)
What was intresting found about "[email protected]" -
https://bitcointalk.org/index.php?topic=500175.455
[email protected] belongs to user hanoosh -
https://bitcointalksearch.org/user/hanoosh-246899
His posts: https://bitcointalksearch.org/user/hanoosh-246899;sa=showPosts
So, hanoosh is hacker and Lion Coin dev - https://bitcointalksearch.org/topic/ann-lion-v20-pos-launched-1707-lion-poker-beta-649055
Unfortunly hanoosh is not active on Bitcointalk now.
Hanoosh GIT page - https://github.com/Hanoosh
Hanoosh on cryptocointalk - https://cryptocointalk.com/topic/12407-lion-lion-information/
Not sure, but seems like he was born in Palestine - https://bitcointalksearch.org/topic/m.7970500
and may be lives now in Emirates.
I will sleep few hours and will try to investigate/send you more information.
HI!
This is short info. I will sleep few hours and give you more.
We found hacker with one of your CCB transaction.
Login: BuzzBuzz
Email: [email protected] (you can find a lot inresting info in google with this email, good for investigation)
IP adresses (probably proxy/vpn): 2.49.238.233, 92.99.158.27, 94.57.10.39, 31.215.122.14, 92.99.166.31, 2.49.255.193, 86.97.250.141
(Almost all ips are from Emirates, example - http://whois.domaintools.com/2.49.238.233
I don't now is it vpn/proxy, or real adresses. I will check it. )
Reg date: 19:50:49 20-05-2015
One of refferers before auth -
https://bitcointalk.org/index.php?topic=1076331.new
(seems like it's drakula dev)
What was intresting found about "[email protected]" -
https://bitcointalk.org/index.php?topic=500175.455
[email protected] belongs to user hanoosh -
https://bitcointalksearch.org/user/hanoosh-246899
His posts: https://bitcointalksearch.org/user/hanoosh-246899;sa=showPosts
So, hanoosh is hacker and Lion Coin dev - https://bitcointalksearch.org/topic/ann-lion-v20-pos-launched-1707-lion-poker-beta-649055
Unfortunly hanoosh is not active on Bitcointalk now.
Hanoosh GIT page - https://github.com/Hanoosh
Hanoosh on cryptocointalk - https://cryptocointalk.com/topic/12407-lion-lion-information/
Not sure, but seems like he was born in Palestine - https://bitcointalksearch.org/topic/m.7970500
and may be lives now in Emirates.
I will sleep few hours and will try to investigate/send you more information.
Thanks for the info.Will def be buying that software when I get the chance.I think I got it all off here.Thought I did started up my 007 wallet and 250 coins went poof lol so was still on here did a scan with panda deleted a buncha stuff.hopefully were clean now but kinda afraid to start up wallets again thumb drive were they on says clean so i don't know
Once I was playing with Keyloggers too, so for you just one notification, actually what keylogger does, alow attacker to have control over the victim PC, but first what attackers do is that they download your saved passwords what you have in firefox, chrome..ect ect so the best protection at first is to encrypt your saved passwords...in Firefox option: Use a master password.
And buy some software, because one time when they connect to your PC they can install any Keylogger, even that what you are tipping on your keyboard can be saved to a .txt file...stay safe
And buy some software, because one time when they connect to your PC they can install any Keylogger, even that what you are tipping on your keyboard can be saved to a .txt file...stay safe
This is for mainly windows systems though isn't it or am I wrong? Also only if you download malware to begin with? I never download on this linux system but do click links now and again, can't get them from just clicking links can you, Has to be downloaded like from one of these crappy wallets mentioned? Thanks anyone who can answer who is in the know. Sorry to hear that vegas about your loss but at least you learnt and it won't happen again and you're helping us who it hasn't happened to which is good!
Yes I'm using Windows ! Yes of course, only if you download malware somewhere, mostly in cracks, small softwares, cracking softwares, they can be hidden anywhere, can be attach at any software, pic...and mostly they are like 325 kb large, so mostly noobs just upload around 325 kb by different name, so be careful when you see some software or crack arround that number.
In Task manager you can find it by the name "server.exe" or "msnm.exe" or any name but those two is by default of that Rat softwares.
Yobit is the only Exchange with DRA. They will be happy when they will hear this. LOL
EDIT: They are using Linux...So no problem for them.
EDIT: They are using Linux...So no problem for them.
Once I was playing with Keyloggers too, so for you just one notification, actually what keylogger does, alow attacker to have control over the victim PC, but first what attackers do is that they download your saved passwords what you have in firefox, chrome..ect ect so the best protection at first is to encrypt your saved passwords...in Firefox option: Use a master password.
And buy some software, because one time when they connect to your PC they can install any Keylogger, even that what you are tipping on your keyboard can be saved to a .txt file...stay safe
And buy some software, because one time when they connect to your PC they can install any Keylogger, even that what you are tipping on your keyboard can be saved to a .txt file...stay safe
This is for mainly windows systems though isn't it or am I wrong? Also only if you download malware to begin with? I never download on this linux system but do click links now and again, can't get them from just clicking links can you, Has to be downloaded like from one of these crappy wallets mentioned? Thanks anyone who can answer who is in the know. Sorry to hear that vegas about your loss but at least you learnt and it won't happen again and you're helping us who it hasn't happened to which is good!
Thanks for the warning, nice catch!
Once I was playing with Keyloggers too, so for you just one notification, actually what keylogger does, alow attacker to have control over the victim PC, but first what attackers do is that they download your saved passwords what you have in firefox, chrome..ect ect so the best protection at first is to encrypt your saved passwords...in Firefox option: Use a master password.
And buy some software, because one time when they connect to your PC they can install any Keylogger, even that what you are tipping on your keyboard can be saved to a .txt file...stay safe
And buy some software, because one time when they connect to your PC they can install any Keylogger, even that what you are tipping on your keyboard can be saved to a .txt file...stay safe
Thanks. Like I said in the Dracula Ann before it imploded. "Coming to suck my btc".
Thanks for the information these keyloggers are so annoying.
Agreed especially if they get your passwords. Disaster. 
tyvm for great info
Thanks for the information these keyloggers are so annoying.
Im not ashamed to say I was a victim of a keylogger on August 2nd 2014. They cleaned out EVERYTHING, my biggest holding was 7700 BTCD (Bitcoindark). +/- $37,000 . I SWORE I would never go through this again 
It is beyond depressing Nobody can understand , unless youve been though it, its devastating If you want details on my story https://bitcointalk.org/index.php?topic=721306.270;imode . I know the pain, and I dont want it to happen to you guys too . Think about all the money you spend on crypto, and you DONT have THE most important part, a good antikeylogger.
Vegas
It is beyond depressing Nobody can understand , unless youve been though it, its devastating If you want details on my story https://bitcointalk.org/index.php?topic=721306.270;imode . I know the pain, and I dont want it to happen to you guys too . Think about all the money you spend on crypto, and you DONT have THE most important part, a good antikeylogger.Vegas
Jump to: