Author

Topic: Harizen users spreading viruses? (Read 404 times)

legendary
Activity: 3416
Merit: 1225
Enjoy 500% bonus + 70 FS
October 04, 2023, 06:44:09 PM
#19
~
Therefore, I highly expect that whoever posted the RadiumX ANN topic, which contains a Trojan, is not the original owner of the account, perhaps another superficial scammer who knows nothing about the forum.

It is good that the topic has been deleted now, and I hope the account will be locked ASAP because it will harm many people who may trust what will be published through Harizen's account.

Yes. It has already been confirmed that his account has been blocked and harizenbanappeal has already started a ban appeal thread in the Meta board. He claims that he did not post the ANN topic with the malware link and that his account was probably hacked.


Harizen claims that its not him he can still log in but there's a notification of ban, his ban appeal depends on how he present his innocence there's an IP login where the forum admin can see the details where he login his IP and the time of his log in if the data shows different information on the time he posted that malware thread then he has a good chance of recovery.
This is unfortunate he is a Legendary member and has a good contribution in many discussions.
legendary
Activity: 1526
Merit: 1359
October 04, 2023, 05:19:43 PM
#18
~
Therefore, I highly expect that whoever posted the RadiumX ANN topic, which contains a Trojan, is not the original owner of the account, perhaps another superficial scammer who knows nothing about the forum.

It is good that the topic has been deleted now, and I hope the account will be locked ASAP because it will harm many people who may trust what will be published through Harizen's account.

Yes. It has already been confirmed that his account has been blocked and harizenbanappeal has already started a ban appeal thread in the Meta board. He claims that he did not post the ANN topic with the malware link and that his account was probably hacked.
staff
Activity: 2436
Merit: 2347
October 04, 2023, 04:05:06 PM
#17
Actually, both of those accounts are banned.
What I see is that only the other account has been BANNED, but the second alt account [lighpulsar07_alt] is still alive: https://bpip.org/Profile?id=1752216
Last Active: October 02, 2023

Who do you trust more, a moderator who sees the real situation or a third-party service (suchmoon, no offense Wink)? And seriously, this has been discussed many times before. BPIP sometimes does not show the real state of affairs regarding user bans. Why this happens, I have no idea.
legendary
Activity: 1890
Merit: 1537
October 04, 2023, 03:12:49 PM
#16
The posted thread from harizen is already deleted and i guess the Account gets locked soon.


I don't know the member, but it's frankly strange. Through Harizen's statistics on BPIP, it turns out that he is an old legendary member and has many achievements and positive feedback from many members, and through Ninjastic, I found through his topics and posts that he is interested in the gambling board and other boards, and I did not find in his previous topics that he had published ANN topics before or any posts related to RadiumX.

Therefore, I highly expect that whoever posted the RadiumX ANN topic, which contains a Trojan, is not the original owner of the account, perhaps another superficial scammer who knows nothing about the forum.

It is good that the topic has been deleted now, and I hope the account will be locked ASAP because it will harm many people who may trust what will be published through Harizen's account.
------
lighpulsar07_alt and alt account of lighpulsar07 that was banned for posting similar malicious links also happened to post the same https://ninjastic.space/post/62933087 but what surprised me is that the mods just deleted the post and did not ban the account.

Actually, both of those accounts are banned.
What I see is that only the other account has been BANNED, but the second alt account [lighpulsar07_alt] is still alive: https://bpip.org/Profile?id=1752216
Last Active: October 02, 2023
staff
Activity: 2436
Merit: 2347
October 04, 2023, 02:49:30 PM
#15
Yeb looks like the Account got hacked , and thanks for that you mentioned me here , i already tagged the Account and reported it to the Moderators.

lighpulsar07_alt and alt account of lighpulsar07 that was banned for posting similar malicious links also happened to post the same https://ninjastic.space/post/62933087 but what surprised me is that the mods just deleted the post and did not ban the account.

Actually, both of those accounts are banned.
legendary
Activity: 1722
Merit: 5937
October 04, 2023, 02:48:05 PM
#14
offordscott for example had his account banned for posting malware. It was quite clear that it was hacked. He appealed against the ban and had even some trusted members vouch for him, but in the end the account remained banned. He probably gave up on the forum after that.
Weird case, imho that account should have been unbanned. I see that person in question didn't really push too much to get his account unbanned (he ant afk day after appeal) and unfortunately that is needed sometimes but I guess he just coulnd't bother with that and decided to leave the forum without fight.

Harizen finally realized realized that his account has been locked and created an appeal thread so hopefully he has more luck and persistence and gets his account back.
legendary
Activity: 2366
Merit: 1272
Heisenberg
October 04, 2023, 10:09:41 AM
#13
Yep, he will most likely get banned but if he was indeed hacked I don't think that it will be that hard to convince mods to unban him. Keep in mind that we are not talking about some unknown low level account but about Legendary with good reputation and history on bitcointalk so it doesn't make any sense to post some low level garbage like this. And it's not like we see something like this before as there were exactly the same cases in the past and members got their accounts back.
I like seeing getting unbanned in this forum at times as a game of roulette

offordscott for example had his account banned for posting malware. It was quite clear that it was hacked. He appealed against the ban and had even some trusted members vouch for him, but in the end the account remained banned. He probably gave up on the forum after that.
legendary
Activity: 3178
Merit: 3295
October 04, 2023, 09:51:39 AM
#12
lighpulsar07_alt and alt account of lighpulsar07 that was banned for posting similar malicious links also happened to post the same https://ninjastic.space/post/62933087 but what surprised me is that the mods just deleted the post and did not ban the account.

It looks like lighpulsar07 used similar login details for both his accounts, making the hacker use his alt account as well

This user (BluOrb) also has posted malicious links before and came back to post a new malicious link. Again, on both occasions the user has not been banned. Do mods have some criteria they follow to ban or not to ban such accounts
Thanks for let me know about this problem about this 2 Accounts , that maybe got forgotten to be banned.
On this way i already have written an PM to mprep and asked whats the case on this 2 Accounts and that they maybe now can get banned.
I guess that they will be get banned soon after the PM and i also made a reference link in the PM to your post.

The posted thread from harizen is already deleted and i guess the Account gets locked soon.
member
Activity: 111
Merit: 69
Alt of @hugeblack
October 04, 2023, 09:47:51 AM
#11
It is better to report that account and banning it with delete ANN. if it has been hacked, Harizen can restore it with ANN .
legendary
Activity: 1722
Merit: 5937
October 04, 2023, 09:42:41 AM
#10
it's going to get banned, and convincing mods to unban it may become hard.
Yep, he will most likely get banned but if he was indeed hacked I don't think that it will be that hard to convince mods to unban him. Keep in mind that we are not talking about some unknown low level account but about Legendary with good reputation and history on bitcointalk so it doesn't make any sense to post some low level garbage like this. And it's not like we see something like this before as there were exactly the same cases in the past and members got their accounts back.
legendary
Activity: 2366
Merit: 1272
Heisenberg
October 04, 2023, 09:32:15 AM
#9
Yeb looks like the Account got hacked , and thanks for that you mentioned me here , i already tagged the Account and reported it to the Moderators.

lighpulsar07_alt and alt account of lighpulsar07 that was banned for posting similar malicious links also happened to post the same https://ninjastic.space/post/62933087 but what surprised me is that the mods just deleted the post and did not ban the account.

It looks like lighpulsar07 used similar login details for both his accounts, making the hacker use his alt account as well

This user (BluOrb) also has posted malicious links before and came back to post a new malicious link. Again, on both occasions the user has not been banned. Do mods have some criteria they follow to ban or not to ban such accounts



Either way, hopefully he realizes soon what happened so he can get control of his account back.
it's going to get banned, and convincing mods to unban it may become hard.
legendary
Activity: 2310
Merit: 4085
Farewell o_e_l_e_o
October 04, 2023, 09:20:26 AM
#8
I know VT has false positives, but what OP posted is true, it's malware. The GitHub is only 2 weeks old with 4 repositories contain different malicious files

The GitHub profile even appears in Lafu's reports - https://bitcointalksearch.org/topic/m.62871485

Thats true but not in this case , BABY SHOES post and he is right the Account got hacked or sold.
I did not check details and only recommended OP to double check.

I only recall that Harizen used be a member in CM campaign and he was there a long time. I have never seen he launched any project so it is a bit strange to see that topic but my feeling is it sounds impossible a trusted member over years, turn to spread malwares. I of course know that even forum VIP and donator members turned to scammers so I don't exclude that chance, just need more checking.

Regarding Harizen, it looks like hacked account as I see no change of password and/or email and it doesn't make much sense to sell Legendary account with solid reputation and that is in a signature campaign. Then again, stranger things have happened here. Either way, hopefully he realizes soon what happened so he can get control of his account back.
Get his account back is not enough and I believe his account will be either banned (by spreading malwares, against forum rules) or locked (by security reason).

This case reminds me about kenzawak.
kenzawak hacked (again)
Account "kenzawak" compromised again
As Halab mentionef, the account is already locked.
Follow the instructions here please: https://bitcointalksearch.org/topic/recovering-hackedlost-accounts-5089777
copper member
Activity: 2338
Merit: 4543
Join the world-leading crypto sportsbook NOW!
October 04, 2023, 09:16:21 AM
#7
There are a lot of red-flags here.  The git for Radium has no repositories to view, no releases to view, and the only link that has any function is the download link.  That's not how any legit coin would start out.  And, as Cantsay mentioned, deleting posts in a self-moderated ann thread is another red-flag.

Speaking of flags, newbie flag created: https://bitcointalk.org/index.php?action=trust;flag=3217
legendary
Activity: 1722
Merit: 5937
October 04, 2023, 09:02:17 AM
#6
So I see that these scammers are still using that "Radium X" for fake ANN threads, like years ago...

Regarding Harizen, it looks like hacked account as I see no change of password and/or email and it doesn't make much sense to sell Legendary account with solid reputation and that is in a signature campaign. Then again, stranger things have happened here. Either way, hopefully he realizes soon what happened so he can get control of his account back.

And yeah, nice catch OP! 
legendary
Activity: 3178
Merit: 3295
October 04, 2023, 08:48:13 AM
#5
User: harizen
A few minutes ago Harizen created a self-moderated thread under the name RadiumX, the site said it was still under maintenance.
What do you think?
Nice catch BABY SHOES and yes the Account for sure got hacked or sold as it has the fake github account in the thread that was used already weeks ago.
Thats why i collect that fake github accounts as its easier to spot , find and research for it.

Virustotal can give you false positive checking results but why did you download it?
Thats true but not in this case , BABY SHOES post and he is right the Account got hacked or sold.

Looks like someone got their account hacked.
The GitHub profile even appears in Lafu's reports - https://bitcointalksearch.org/topic/m.62871485
Yeb looks like the Account got hacked , and thanks for that you mentioned me here , i already tagged the Account and reported it to the Moderators.
hero member
Activity: 700
Merit: 541
Bitcoin Casino Est. 2013
October 04, 2023, 08:44:09 AM
#4
2 weeks old GitHub account files uploaded few hours ago that says a lot. And as if that’s not enough the link in their Ann is a direct download link ( which should bring some concern to users that are conscious of the risk involved in downloading any file from an unknown source).

I just took a look at the site’s info and it turned out that the domain is yet to be registered.


Edit:

They deleted all post that called them either “scam” or “virus” from their threads.
https://ninjastic.space/search?topic_id=5469180
legendary
Activity: 2366
Merit: 1272
Heisenberg
October 04, 2023, 08:37:15 AM
#3
Looks like someone got their account hacked.

Otherwise, why would someone with an account that has such reputation post malware and risk getting permanently banned

Virustotal can give you false positive checking results but why did you download it?

Do you know by doing this, you are taking risk ?

If you have other antivirus softwares, double check with them.

A first shot at false positives
I know VT has false positives, but what OP posted is true, it's malware. The GitHub is only 2 weeks old with 4 repositories contain different malicious files

The GitHub profile even appears in Lafu's reports - https://bitcointalksearch.org/topic/m.62871485

legendary
Activity: 2310
Merit: 4085
Farewell o_e_l_e_o
October 04, 2023, 08:25:53 AM
#2
Then I downloaded it to make sure it checked on virustotal and indicated it looked like a virus in the application.
Virustotal can give you false positive checking results but why did you download it?

Do you know by doing this, you are taking risk ?

If you have other antivirus softwares, double check with them.

A first shot at false positives
sr. member
Activity: 294
Merit: 433
HODL - BTC
October 04, 2023, 08:16:29 AM
#1
User: harizen
ANN: [ANN] RadiumX New PoW coin . No ICO. No Masternode

A few minutes ago Harizen created a self-moderated thread under the name RadiumX, the site said it was still under maintenance.

Then I downloaded it to make sure it checked on virustotal and indicated it looked like a virus in the application.

What do you think?

Jump to: