Topic: GMiner v3.24 Ergo+KASPA+ZIL/KAWPOW/Equihash/Cortex - page 34. (Read 306650 times)

So is this miner compromised?
It is better not to use it until there is an official response from Zminer777?

You can guess.  The files came from a self-extracting SFX that was embedded in the miner.exe file.  I noticed it when entering the properties, because there was an additional tab and inscriptions in Russian.  The process was supposed to be unnoticeable and probably assumed that he would be digging to the indicated address until I didn't realize it, but that the latest windows updates did not allow it - I caught it.  You may not be able to redirect the signal directly because devfee targets compiled fields.  I also emphasize that copies on NiceHash so I use BTC address.  There are different possibilities, but let's wait for what the dev says.  I will also add that I did not change the IP or the Windows dosing password, I did not notice any more attempts despite this fact.

Yeah... Why no new releases and nothing actions from few days? Maybe a holidays, but maybe not? I not find nothing new problems this type never again. Oh i forget to tell - attacker is from russia probably, becouse i see Russian description of sfx packer . I dont think so that any not Russian use any apps in Russian language 😉 but in fact, i don't know from where is programmer of gminer

https://i.ibb.co/Tg0wN6Y/beam1080ti.jpg
Here is an example of how gminer should work. BeamHash III 1080Ti. When will full-fledged mining be available to all users of your miner?

It is your shitcoin wallets that you/we miners that should be secured/look into first.

one look at the mining pool data and you are already investigating an anomaly/issue, while..wallets will go from x-amount to 0-zero in an instant.

I assume you already have your hardware wallets since crypto is here in quite a while.

for shitcoin wallets that are not hardware wallet supported yet- at least use neo's safekeys (put it in your startup), it is another layer of security 

There are no such hidden files what he shared on the official package.
And why he would replace any address in a visible way when the miner can join to other pool or change upstream without a notice.

I believe it is a false claim.

@Zminer777 -- PLEASE COMMENT ON THIS "HACK" CLAIM--

My miners are all in Linux, but there exists the possibility of truth in this claim.  It needs to be addressed by the code author.

The claim itself, true or false, may be damaging to the reputation of Gminer.       --scryptr

I will leave this without comment. please forgive me so I checked the system for intrusion and found no suspicious activity. forgive also for x instead of walking past it indifferently and fucking others - I took the time to warn you. Forgive me also for pointing to a commander, because I logically think - if there was a system hack - the attacker instead of creating a self-extracting archive replacing the file - would just switch the excavators to his pool without waiting for it to do it for him. the peak of rudeness

there are suspicions that the official github was hacked

But you seem to be ignoring that its your system that is compromised.  This isnt really anything to do with gminer.  If others come forward after you pointing out this problem then ill buy it.  I dont see it on my systems at all.

You directly start out with warning people to be careful about this software. 
Then roll right into stating that the update to gminer seems to have phantom replaced your wallet on your 500 rigs. 

So you tell me..which is more likely...gminer has gone rogue and every miner but you missed it or your system has been compromised?  Think about the single machine miner running it or say the guy with a few rigs....you think that level hobbyist wounldnt notice a difference in earnings.   

I would be checking the heck outta my farm for intrusion since nobody else is noticing this.   Especially if they changed it back. 

@Zminer777 Any comment on this?

This is not a complaint against GMiner, but an official warning that this is happening with GMiner in order that those who read it - make sure everything is OK and you are not being robbed!
You say I only showed a piece of code .... what else would you like to see? Apart from the files that I was able to screen and the content of the only executable code that arises - nothing else exists! Why did I suggest checking GMiner users? Because I use a connection via secured IP addresses in the cloud - scattered in different parts of the world, which further improves communication between computers directly with the Pool. I cut a part of the code on the screen, but only to the extent that, as I can see, it turns out to be quite important now: on all computers (completely unconnected with each other) the GMinera executable has a total of three different names (e.g. miner1.exe, miner2.exe , miner5.exe). In the bat file (which I posted this code), each of the above files was indicated so that they would be replaced and named the same, so the attacker knew perfectly well the names! It is also strange that after posting this post - this problem no longer occurs? However, I advise you to be careful, because perhaps this is the only reason why, as I mentioned earlier - the code by this passionate thief - did not work as it should :-)

That is a very serious charge you level at Gminer. 



Youve shown almost nothing except some script and claim Gminer is stealing from you.  WOW....if you are wrong how will you make this right with gminer?  If you are correct why am i not seeing this on my 27 rigs?  Why isnt anyone else?  Since you run windows this may well be your systems are compromised.  Have you considered this?

WARNING! I recommend that everyone be careful about this software! Today, after updating a few machines, I decided to upgrade gmmer exe files to the latest version while uploading the latest windows updates! What I saw exceeded my wildest expectations! Only and solely because of the script author's ineptitude - I was able to detect it thanks to the fact that as a result of running the .bat file - there were multiple attempts to run the script and it did not result in what the scammer wanted to achieve! The file names and the wallet address have been crafted so that I don't know! The file was replaced with the same .exe and BTC address with beginning resembling my real address! There is no way someone hacked the machines, because they are blocked for incoming traffic, and besides, I make sure that everything is up-to-date and safe, so the perpetrator knows what address the excavator is launched to and what file names are in my case ! The properties of the .exe file showed that it is a self-extracting sfx archive! Maybe I could not be wrong, but over 500GPU with significant power - in today's rate, it could be tempting to start dishonest actions of the author of this software! We demand source codes! Below is a .bat dump that I managed to get and the file scheme! I advise everyone to check that you have the latest updates installed and that your security has not been compromised, and how your latest release will behave after updates and restarting your computer! best regards




BTW... My BTC Wallet is starting by "1mtcmhuh...."

No navi support for aeternity / bittube?
Polaris works fine.

Happy new update!

But RTX cards lost hashrate with 2.20 version. Its higher with 2.19. Can you please check that?

Thanx for the update, pushed it up!

GMiner v2.20 available for download

v2.20
+ improved cuckarooz29 performance on GTX cards

Telegram group: https://t.me/gminer_equihash
Telegram beta test group: https://t.me/gminer_beta

Download links:
GitHub: https://github.com/develsoftware/GMinerRelease/releases/tag/2.20

no