Topic: MINING.ML malware (Read 1105 times)
That asshole hacked this account, he didn't change the password luckily. Now I have bad rep
So do you need to download a software from the website www.mining.ml or is it just enough to visit this website?
Thanks!
Thanks!
Download the software. It's simply a .NET Framework, don't worry if you haven't run it.
Ok, so if I just entered the site, I have nothing to worry about?
Thanks for the help!
Nothing to worry about. Original domain: http://www.nutrilonexport.com/
So do you need to download a software from the website www.mining.ml or is it just enough to visit this website?
Thanks!
Thanks!
Download the software. It's simply a .NET Framework, don't worry if you haven't run it.
Ok, so if I just entered the site, I have nothing to worry about?
Thanks for the help!
So do you need to download a software from the website www.mining.ml or is it just enough to visit this website?
Thanks!
Thanks!
Download the software. It's simply a .NET Framework, don't worry if you haven't run it.
So do you need to download a software from the website www.mining.ml or is it just enough to visit this website?
Thanks!
Thanks!
Thanks for posting the info, I really wonder what the Mods are doing ... Usually they ban/delete everything but those malware attempts seem to stay forever...
It must be a bot set up to post that link on a ton of threads. I have seen it posted just randomly around and always report the post, not sure if it ever gets banned though.
I had reported a bunch of them a few days ago, and the admins must have ignored it because it brought my accuracy down almost 10%.
This is the bastard...
https://bitcointalksearch.org/user/chozin-405566
At least one of his accounts
LOLLOLLOL
What a sad bastard
[img]http://puu.sh/jxHbd/f2b2976983.png[ /img]
Its a robber accounthttps://bitcointalksearch.org/user/chozin-405566
At least one of his accounts
LOLLOLLOL
What a sad bastard
[img]http://puu.sh/jxHbd/f2b2976983.png[ /img]
I report 3-4 message and mods dont delete it :/ please mods, ban him now
Useless. he is posting from new accounts(but still old accounts at forum) all the time. I guess the virus gets the infected ones bt account too that's how he can get old accounts to post from
actually I reported already that guy twice, the post got deleted.
But yes that guy should be banned
But yes that guy should be banned
it is a virus, reported a few days ago, as ocminer says nothing happend
I have suspected it has more than a miner inside, I didn't run it of course. Luckily I have reported it today so that nobody falls in that shit.
This is the bastard...
https://bitcointalksearch.org/user/chozin-405566
At least one of his accounts
LOLLOLLOL
What a sad bastard
[img]http://puu.sh/jxHbd/f2b2976983.png[ /img]
Its a robber accounthttps://bitcointalksearch.org/user/chozin-405566
At least one of his accounts
LOLLOLLOL
What a sad bastard
[img]http://puu.sh/jxHbd/f2b2976983.png[ /img]
I report 3-4 message and mods dont delete it :/ please mods, ban him now
it is a virus, reported a few days ago, as ocminer says nothing happend
I can't imagine people click on those links.
I hope people don't click on those links.
I hope people don't click on those links.
Yes they do unfortuantely.. Otherwise those scammers wouldn't invest so much energy in such stuff...
I can't imagine people click on those links.
I hope people don't click on those links.
I hope people don't click on those links.
Thanks for posting the info, I really wonder what the Mods are doing ... Usually they ban/delete everything but those malware attempts seem to stay forever...
It must be a bot set up to post that link on a ton of threads. I have seen it posted just randomly around and always report the post, not sure if it ever gets banned though.
I had reported a bunch of them a few days ago, and the admins must have ignored it because it brought my accuracy down almost 10%.
Same for me, reported some - nothing happened...
Thanks for posting the info, I really wonder what the Mods are doing ... Usually they ban/delete everything but those malware attempts seem to stay forever...
It must be a bot set up to post that link on a ton of threads. I have seen it posted just randomly around and always report the post, not sure if it ever gets banned though.
I had reported a bunch of them a few days ago, and the admins must have ignored it because it brought my accuracy down almost 10%.
I have never seen a scammer with a closed account. Maybe they want to keep them, who knows.
Thanks for posting the info, I really wonder what the Mods are doing ... Usually they ban/delete everything but those malware attempts seem to stay forever...
It must be a bot set up to post that link on a ton of threads. I have seen it posted just randomly around and always report the post, not sure if it ever gets banned though.
I had reported a bunch of them a few days ago, and the admins must have ignored it because it brought my accuracy down almost 10%.
Thanks for posting the info, I really wonder what the Mods are doing ... Usually they ban/delete everything but those malware attempts seem to stay forever...
This is the bastard...
https://bitcointalksearch.org/user/chozin-405566
At least one of his accounts
LOLLOLLOL
What a sad bastard
https://bitcointalksearch.org/user/chozin-405566
At least one of his accounts
LOLLOLLOL
What a sad bastard
I do not know where to post this, so please move if it's the wrong place
After I saw the software here: https://bitcointalksearch.org/topic/--1150125
I decided to take a look at it.
Of course it installs a miner in your computer + a keylogger. Furthermore, it calls another executable after decrypting it via RunPE. A quick scan on Malwr showed the domain where it sends the stuff:
https://malwr.com/analysis/MzdjMjlmMzBkYzVhNGY2MjljNTE2OTQyYTljOTQwYjk/
Everything was protected with ConfuserEx so that AVs don't detect most of it.
The domain is: pownedfag.pw IP: 87.208.65.27.
Take care and do not download that shit.
Regards,
After I saw the software here: https://bitcointalksearch.org/topic/--1150125
I decided to take a look at it.
Of course it installs a miner in your computer + a keylogger. Furthermore, it calls another executable after decrypting it via RunPE. A quick scan on Malwr showed the domain where it sends the stuff:
https://malwr.com/analysis/MzdjMjlmMzBkYzVhNGY2MjljNTE2OTQyYTljOTQwYjk/
Everything was protected with ConfuserEx so that AVs don't detect most of it.
The domain is: pownedfag.pw IP: 87.208.65.27.
Take care and do not download that shit.
Regards,
Jump to: