Topic: Important , Find And Recover Bitoin is backdoor soft (Read 630 times)

It's even on softpedia. They need warning that it's dodgy, it needs removing from that site as fast as possible. It's also on a few other software distribution sites like softroy, downloadtopc, and spotpig, but I have never heard of those before. Softpedia's massive, it's one of the best known download sites.

edit

I reported it as malware to softpedia and linked here.

http://www.softpedia.com/get/System/Back-Up-and-Recovery/Bitcoin-find-and-recover.shtml

It would seem that the "Bitcoin Find and Recover" github has been deleted (removed?)... The entire "Alex-Jaeger" account seems to have disappeared from Github... so I suspect that it is indeed the culprit. My instinct is telling me that the guy managed to steal some wallets and has deleted the github before people find the exploits in the the code...

The OpenSSL binary you linked is relatively trustworthy as HI-TEC99 has thoroughly illustrated. I have used it myself without issue.

It looks like looks like racezefi has indeed got hold of some wallets

Sorry for you loss, but hopefully this will serve as a reminder for people that they need to be ULTRA paranoid about running software that does anything related to their bitcoins/wallets/private keys... if you didn't check the code and compile it yourself, but choose to run precompiled binaries, you are potentially exposing yourself to the loss of all of your coins! 

Regarding the software called "Bitcoin find & recover", I never advised you or anyone else to try it. I did make a post advising someone to try software called btcrecover, because the community has been using it for years without any problems I'm aware of.

The btcrecover software was created by a hero member called btchris. A multitude of high ranking members here recommend it including a highly trusted legendary member called shorena. Here's an example.


Shorena tested it and included a screenshot of the test in this post from 2015.

https://bitcointalksearch.org/topic/m.12523175

The "Bitcoin find & recover" software was created by a low rank member called racezefi who has only made 72 posts. I'm sorry you got hacked, but I never recommended trusting and installing any software created by racezefi.

This is the post I made recommending trying btcrecover, it doesn't even mention trying racezefi's "Bitcoin find & recover" software.



I found this post by racezefi which claims his software enhances btcrecover, and I'm sorry you trusted it, but I didn't recommend trying it.

I'm sorry to hear your computer was hacked. However, I doubt it was the openssl installer binary file link I posted in a tutorial that infected your computer because I ran it myself and have had no problems. This link is to a virustotal scan of it that says it's clean. Although that doesn't conclusively prove anything it's a good indication.

https://www.virustotal.com/en/file/08c9a3ad60239dca835966dd38005cd19bf16d641bbb5853dd889900ada5fe2f/analysis/1490906637/

The link I posted was suggested by the openssl wiki. Openssl does not provide windows binaries (executable/runnable files), instead it provides links to third party products on its wiki. This is a quote from its website explaining this. That page contains a link to the wiki page which displays a list of links to third party binaries .

https://www.openssl.org/community/binaries.html


This is a quote from the wiki page that displays links to third party windows binaries.

https://wiki.openssl.org/index.php/Binaries


This screenshot of that wiki page shows a link to the fulgan.com site that the openssl binary I linked to came from.



This screenshot is of the openssl binary downloads available at fulgan.com with the link I posted highlighted at the bottom.

https://indy.fulgan.com/SSL/



This is the link to the fulgan.com openssl binary I posted.

https://indy.fulgan.com/SSL/openssl-1.0.2k-x64_86-win64.zip

There are independent waybackmachine historical snapshots of the fulgan.com website going back to 2003. That site has been providing windows openssl binaries for years without any complaints of them being infected that I'm aware of. If there were any complaints I'm sure that openssl would quickly remove the link to that site from its wiki. You can view the historical snapshots of the windows binary download page here.

https://web.archive.org/web/20030701000000*/https://indy.fulgan.com/SSL/

Hello , i want to advice everyone , againts download one of two download one is pasted every by member HI-TEC99 to download from link https://indy.fulgan.com/SSL/openssl-1.0.2k-x64_86-win64.zip & Find and Recover Bitcoin soft , one of them contains some virus, today my computer was hacked . Poloniex account emptied and multibit classic wallets emptied.
I highly suspect it will be Find and Recover Bitcoin , because it scanned all my computer and backed up all wallets .




If it's encrypted you can still get the private key, but it's more complicated. These instructions should work.

Download this and extract it.

https://indy.fulgan.com/SSL/openssl-1.0.2k-x64_86-win64.zip

Put the extracted folder in your C: drive root folder.

Put your encrypted wallet file in the same folder.

Open the windows command prompt by selecting run as administrator.

Type the line below into it and press your enter key/

cd /openssl-1.0.2k-x64_86-win64

Type the line below into it, but replace Untitled.key with your encrypted key file's name and password with your password, then press enter.

openssl enc -d -p -aes-256-cbc -a -in Untitled.key -out Unencrypted.txt -pass pass:password

Open the newly created Unencrypted.txt file in notepad to get your private key.

In the example file below the private key is the bit in red.