My .5 BTC loan offer is still on the table as well. 0% interest.
I thought I PM'd you? Maybe I just accidentally solicited a random bitcointalk user
I will take you up on your offer Jonald. thanks
Topic: I've been hacked, and now I'm screwed (Can anyone help with a loan?) - page 5. (Read 12890 times)
June 24, 2014, 12:57:55 AM
My .5 BTC loan offer is still on the table as well. 0% interest.
I thought I PM'd you? Maybe I just accidentally solicited a random bitcointalk user
I will take you up on your offer Jonald. thanks
legendary
Activity: 1302
Merit: 1008
Core dev leaves me neg feedback #abuse #political
June 23, 2014, 09:12:19 PM
So far Noella and I have received loans from...
Kind words & Support have come flooding in!
So far Noella & I have received...
nwfella BTC0.02 @ 0% Interest (thx buddy
)
bigtimespaghetti BTC0.10 @ 0% Interest (you the man!)
eternalgloom BTC0.50 @ 0% Interest (I could kiss you on the mouth!
)
I'd like to take the opportunity to thank you guys so very much. I knew the community would help me out! It's not 14BTC, but it's a fucking great start
Thanks again guys
Kind words & Support have come flooding in!
So far Noella & I have received...
nwfella BTC0.02 @ 0% Interest (thx buddy
)bigtimespaghetti BTC0.10 @ 0% Interest (you the man!
)eternalgloom BTC0.50 @ 0% Interest (I could kiss you on the mouth!
)I'd like to take the opportunity to thank you guys so very much. I knew the community would help me out! It's not 14BTC, but it's a fucking great start
Thanks again guys
My .5 BTC loan offer is still on the table as well. 0% interest.
June 23, 2014, 09:05:33 PM
I've posted in the other thread my offer to help.
June 23, 2014, 08:47:31 PM
So far Noella and I have received loans from...
Kind words & Support have come flooding in!
So far Noella & I have received...
nwfella BTC0.02 @ 0% Interest (thx buddy)
bigtimespaghetti BTC0.10 @ 0% Interest (you the man!)
eternalgloom BTC0.50 @ 0% Interest (I could kiss you on the mouth!)
I'd like to take the opportunity to thank you guys so very much. I knew the community would help me out! It's not 14BTC, but it's a fucking great start
Thanks again guys
Kind words & Support have come flooding in!
So far Noella & I have received...
nwfella BTC0.02 @ 0% Interest (thx buddy
)bigtimespaghetti BTC0.10 @ 0% Interest (you the man!
)eternalgloom BTC0.50 @ 0% Interest (I could kiss you on the mouth!
)I'd like to take the opportunity to thank you guys so very much. I knew the community would help me out! It's not 14BTC, but it's a fucking great start
Thanks again guys
June 23, 2014, 05:16:04 PM
Nothing can protect you against bad behavior like willingly downloading and executing an exe.
Perhaps I should clarify.
I have no idea where the original Trojan on my PC came from. I'll list what happened once they got into my laptop.
They got into teamviewer.
they then went to
http://69.31.136.5/defaults/sendspace-pop.html
then went
http://aff.trafficjmp.com/geo/preset/162/1/0/0
Then went to some of my bookmarks
then went to
https://www.sendspace.com/file/cwyxow
which downloaded said trojan.
at about the same time they went to my website's provider and uploaded via FTP
Quote
A few minutes ago, our anti-virus scanner reported that a malicious file has
been uploaded to your 1&1 webspace.
WARNING thebitcoinmuseum.com/coinwidget/404.php WARNING
They told me that it came from IP 119.81.27.176been uploaded to your 1&1 webspace.
WARNING thebitcoinmuseum.com/coinwidget/404.php WARNING
That's all I have so far...
June 23, 2014, 02:33:31 PM
This basically means that the hacker is Spanish, or at least speaks spanish. We're onto something.
If we can get some IPs that would be useful.
Not particularly, there is other Spanish speaking countries. If we can get some IPs that would be useful.
It would help greatly to know where is the file originated from. Link/forum/email etc.
June 23, 2014, 02:23:02 PM
Correct me if I am wrong but svchost.exe is actually a windows file.
You have mentioned windows defender before and I am pretty sure that windows defender uses svchost.exe
Perhaps it was infected?
You have mentioned windows defender before and I am pretty sure that windows defender uses svchost.exe
Perhaps it was infected?
The original service host (svchost) file is legit and it's signed by microsoft. and to make malicious files less suspicious hackers sometimes rename their files to match legit ones. So if you see it outside C:\Windows\System32 then that's not the real one.
In this case svchost acts like an archive file (zip or rar) and it's self extracting 3 files: dialected.exe, file.bin, and "Nuevo imagen de mapa de bits.bmp"
"Nuevo imagen de mapa de bits" is the translation of "New bitmap image" in spanish.
I am not sure the dialected.exe file is malicious, it's tagged by two antivirus engines but i can't analyze it, it keeps crashing inside the virtual machine.
This basically means that the hacker is Spanish, or at least speaks spanish. We're onto something.
If we can get some IPs that would be useful.
June 23, 2014, 11:04:10 AM
So could this be a weakness on windows defender?
Not being able to block malicious software?
Windows defender doesn't protect you from all bad things http://thenextweb.com/microsoft/2012/11/09/windows-8-protected-from-85-of-malware-detected-in-the-past-six-months-right-out-the-box/Not being able to block malicious software?
And that's not only windows defender, you shouldn't rely on anti-virus software to fully protect you anyway, they do some protection but it's not 100% secure.
The senior vice president for information security of Symantec (who make Norton antivirus) said that antivirus is dead, it's not as good as it used to be, antivirus did get better but so did the malicious hackers.
Nothing can protect you against bad behavior like willingly downloading and executing an exe.
June 23, 2014, 10:42:48 AM
Correct me if I am wrong but svchost.exe is actually a windows file.
You have mentioned windows defender before and I am pretty sure that windows defender uses svchost.exe
Perhaps it was infected?
You have mentioned windows defender before and I am pretty sure that windows defender uses svchost.exe
Perhaps it was infected?
The original service host (svchost) file is legit and it's signed by microsoft. and to make malicious files less suspicious hackers sometimes rename their files to match legit ones. So if you see it outside C:\Windows\System32 then that's not the real one.
In this case svchost acts like an archive file (zip or rar) and it's self extracting 3 files: dialected.exe, file.bin, and "Nuevo imagen de mapa de bits.bmp"
"Nuevo imagen de mapa de bits" is the translation of "New bitmap image" in spanish.
I am not sure the dialected.exe file is malicious, it's tagged by two antivirus engines but i can't analyze it, it keeps crashing inside the virtual machine.
So could this be a weakness on windows defender?
Not being able to block malicious software?
June 23, 2014, 10:39:34 AM
Correct me if I am wrong but svchost.exe is actually a windows file.
You have mentioned windows defender before and I am pretty sure that windows defender uses svchost.exe
Perhaps it was infected?
You have mentioned windows defender before and I am pretty sure that windows defender uses svchost.exe
Perhaps it was infected?
The original service host (svchost) file is legit and it's signed by microsoft. and to make malicious files less suspicious hackers sometimes rename their files to match legit ones. So if you see it outside C:\Windows\System32 then that's not the real one.
In this case svchost acts like an archive file (zip or rar) and it's self extracting 3 files: dialected.exe, file.bin, and "Nuevo imagen de mapa de bits.bmp"
"Nuevo imagen de mapa de bits" is the translation of "New bitmap image" in spanish.
I am not sure the dialected.exe file is malicious, it's tagged by two antivirus engines but i can't analyze it, it keeps crashing inside the virtual machine.
June 23, 2014, 09:58:39 AM
Correct me if I am wrong but svchost.exe is actually a windows file.
You have mentioned windows defender before and I am pretty sure that windows defender uses svchost.exe
Perhaps it was infected?
You have mentioned windows defender before and I am pretty sure that windows defender uses svchost.exe
Perhaps it was infected?
June 23, 2014, 03:41:24 AM
Then transferred a file that I've identified as a Trojan. I think I may have tracked it on to the secure pc.
I am sorry for your loss.And if you can upload and send me that file via PM i could know who is behind that hack.
Here is a link to the file
WARNING! TROJAN! WARNING! TROJAN! WARNING! TROJAN!
http://wikisend.com/download/420034/svchost.exe
WARNING! TROJAN! WARNING! TROJAN! WARNING! TROJAN!
It's an extractable archive
June 23, 2014, 12:00:38 AM
0.5 BTC sent to 17uWCajedEVHJgds2Fzm752By1YVG4wPN2
https://blockchain.info/tx/09a0ed294ee21836a8610a4dbb80cc4a871fb87b8297105801bf464ec1db4ab8
https://blockchain.info/tx/09a0ed294ee21836a8610a4dbb80cc4a871fb87b8297105801bf464ec1db4ab8
June 22, 2014, 11:55:50 PM
Oh yeah. Forgot to add that part too. No stress on timeline getting it back here either
I would be able to provide you with a loan of 0.50 btc
Since these are special circumstances, you can take as much time as you want to pay me back, and I do not want any interest.
I am moving some coins right now, but when everything is confirmed, I will send the 0.50 btc to you.
Edit: I will send when you confirm this is ok for you.
Since these are special circumstances, you can take as much time as you want to pay me back, and I do not want any interest.
I am moving some coins right now, but when everything is confirmed, I will send the 0.50 btc to you.
Edit: I will send when you confirm this is ok for you.
Insert sappy, girly quote here....
Thank you guys, you both rock
June 22, 2014, 11:37:31 PM
14 BTC big amount. wish you can get back again
June 22, 2014, 10:58:33 PM
We could start a gamble-gang for you? everybody just bet .5 :X
Whats a gamble gang, it sounds interesting!
June 22, 2014, 10:44:54 PM
Oh yeah. Forgot to add that part too. No stress on timeline getting it back here either
I would be able to provide you with a loan of 0.50 btc
Since these are special circumstances, you can take as much time as you want to pay me back, and I do not want any interest.
I am moving some coins right now, but when everything is confirmed, I will send the 0.50 btc to you.
Edit: I will send when you confirm this is ok for you.
Since these are special circumstances, you can take as much time as you want to pay me back, and I do not want any interest.
I am moving some coins right now, but when everything is confirmed, I will send the 0.50 btc to you.
Edit: I will send when you confirm this is ok for you.
Thank you so much guys! You got no idea how much every little bit helps
Once loaned I'll pop it on the front page with status etc
June 22, 2014, 10:04:51 PM
We could start a gamble-gang for you? everybody just bet .5 :X
June 22, 2014, 06:59:55 PM
Oh yeah. Forgot to add that part too. No stress on timeline getting it back here either
June 22, 2014, 06:30:33 PM
I would be able to provide you with a loan of 0.50 btc
Since these are special circumstances, you can take as much time as you want to pay me back, and I do not want any interest.
I am moving some coins right now, but when everything is confirmed, I will send the 0.50 btc to you.
Edit: I will send when you confirm this is ok for you.
Since these are special circumstances, you can take as much time as you want to pay me back, and I do not want any interest.
I am moving some coins right now, but when everything is confirmed, I will send the 0.50 btc to you.
Edit: I will send when you confirm this is ok for you.
Jump to: