Report Malware and Suspicious Links here so Mods can take Action !

Lafu

legendary

Activity: 3178

Merit: 3295

We have again a new Fake Ann Thread with an Malware download Link from an Fake Github and Webpage and copied from Pepecoin this time its Shibacoin !

The Fake Github was created 20 Hours ago.

Fake Github : github.com/shibacoinppc/shibacoin

Fake Webpage :

Code:

https://shibainucoin.net/

Fake Wallet download from the Webpage:

Code:

https://shibainucoin.net/wp-content/uploads/2024/12/shibacoin-qt.zip

If you download the Wallet File instant Windows Defender will get activated and gives you a warning.

There is a Trojan in that Wallet File:

Code:

Trojan:Script/Wacatac.H!ml

Virustotal : https://www.virustotal.com/gui/file/a5fa2f90ca03d52c41875c4f07574ea6e921845c8a1dd9a7b5e1d24d6d3ca495/detection

Trojan:Script/Wacatac.H!ml

Quote from: ?? on ??

Shibacoin pow scrypt coin

Code:

Website: https://shibainucoin.net/
Github: https://github.com/shibacoinppc/shibacoin

This post is also a reference for the Github Report !

N.O

full member

Activity: 336

Merit: 208

One more member rank sold/hacked account posted Fake Ann topic with malicious download links for STRONG$ Coin.

Account Link: Makingsure <<<

Fake ANN thread: [ANN] [STR$] STRONG$ Coin - kHeavyHash | PoW please remove this topic

Quote from: Makingsure on December 20, 2024, 04:53:57 AM

Code:

[b]Windows:[/b] https://github.com/Strongs-release/STRONGS/releases/download/1.0.1/STRONG.-v.1.0.1-Release-Win64.zip
[b]Linux:[/b] https://github.com/Strongs-release/STRONGS/releases/download/1.0.1/STRONGS.-v.1.0.1-Release-Linux.tar.gz

This post is used as reference for Github Report!

Mitchell

copper member

Activity: 3948

Merit: 2201

Verified awesomeness ✔

Quote from: Ambatman on December 19, 2024, 02:08:46 AM

[...]

I don't know if this is the thread for this
But these are some suspicious users that shared same suspicious link.
I think there was a thread or something of Mitchell to report Spam similar to these.

It has been reported and could be removed anytime soon.

Thank you for reporting. We were discussing it in this topic: This Free Amazon Giftcards Method spammers.. New scam has been added to my bot.

Ambatman

sr. member

Activity: 490

Merit: 397

Playbet.io - Crypto Casino and Sportsbook

I don't know if this is the thread for this
But these are some suspicious users that shared same suspicious link.
I think there was a thread or something of Mitchell to report Spam similar to these.

It has been reported and could be removed anytime soon.

Edited : they are Back again
https://bitcointalksearch.org/topic/get-anything-from-g2a-for-free-5523377

Lafu

legendary

Activity: 3178

Merit: 3295

And again we have a new Fake Ann Thread with an Fake Website and where you have the Fake Wallet Malware download this time for True Pepe Coin (TPC) !
Same pattern as it was for the other Fake Websites and Wallet downloads.

Fake Github : github.com/True-Pepe/Pepe-Core

Fake Website:

Code:

https://truepepe.com/

Fake Wallet download on the Website:

Code:

https://palegreen-cheetah-217044.hostingersite.com/wp-content/uploads/2024/12/truepepe-qt-windows.zip

The Fake Wallet File has the same shit in it as the other got , shady things !

Code:

The sandbox Zenbox flags this file as: MALWARE TROJAN EVADER RAT

Drops script at startup location
Bad Opsec Defaults Sacrificial Processes With Improper Arguments
Dot net compiler compiles file from suspicious location
Suspicious DNS Query for IP Lookup Service APIs
PowerShell Script Run in AppData
Startup Folder File Write

ET MALWARE Observed Malicious SSL Cert (Quasar CnC)
ET MALWARE Generic AsyncRAT Style SSL Cert
(http_inspect) invalid status line
ET INFO External IP Lookup Domain in DNS Lookup (ipwho .is)

StartupProfileData-Interactive
powershell.exe.log
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\RegAsm.exe.log
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tempup.url
C:\Users\user\Documents\20241218\PowerShell_transcript.040965.JDM0d755.20241218190013.txt

Win64:Evo-gen [Trj]

Source : https://www.virustotal.com/gui/file/11fef0ecf812a7bc626148b8bfaaf36c226e9c37f715815a958413bdccae9ca4/behavior

Account : TruePepe <--- Please ban or Lock that Account and delete the Thread
The Account was just created yesterday

Fake Ann Thread : [ANN] 🌟 True Pepe Coin (TPC) - Where Memes Meet Majesty! 🌟
As always the Thread is self-moderated

Quote from: ?? on ??

True Pepe Coin (TPC)

Code:

[b]Windows Wallet:[/b] https://truepepe.com/#wallets
[b]Linux Wallet:[/b] https://truepepe.com/#wallets
[b]Website:[/b] https://truepepe.com

This post is also a reference for the Github Report !

LoyceV

legendary

Activity: 3290

Merit: 16489

Thick-Skinned Gang Leader and Golden Feather 2021

Newbie Jordan19ward posted this archived post:

Quote from: LoyceV on December 18, 2024, 09:17:18 AM

Quote from: ?? on ??

you may check this video of opening wallet.dat without passphrase

That's not how encryption works. The spam on Youtube has a link to a "Bitcoin Core Wallet - Cracked". That's either malware, or trying to sell fake software. Or both. Either way, don't do it.

The Youtube video is 2 hours old.

$crypto$

legendary

Activity: 2394

Merit: 1049

Smart is not enough, there must be skills

Quote from: Lafu on December 14, 2024, 09:47:42 AM

And again there is another new Fake Ann with a new Fake Github donwload Link with Malware , copy and pasted from DigitalNode !

Another one came a FAKE thread with a malicious download via GitHub, and the same copy from DigitalNode.

Account: wahyuagung26 please ban
Ann FAKE: [ANN] DigitalNode [XDT] - PoW/PoS, Masternodes, Untraceable encrypted messaging

Quote from: wahyuagung26 on December 16, 2024, 07:54:33 AM

Code:

[b]Windows:[/b] https://github.com/DigitalNode-main/Wallet-GUI/releases/download/2.0.1/DigitalNode-qt.win64.zip
[b]Linux:[/b] https://github.com/DigitalNode-main/Wallet-GUI/releases/download/2.0.1/DigitalNode-qt.linux.arm64

Official link thread:
ANN] DigitalNote [XDN] - PoW/PoS, Masternodes, Untraceable encrypted messaging
Real Github : github.com/DigitalNoteXDN

Lafu

legendary

Activity: 3178

Merit: 3295

And again there is another new Fake Ann with a new Fake Github donwload Link with Malware , copy and pasted from DigitalNode !

Fake Github Wallet download was just created 5 Hours ago.

Fake Github : github.com/phlddsy/DigitalNote
Real Github : github.com/DigitalNoteXDN

Code:

The sandbox CAPE Sandbox flags this file as: MALWARE
The sandbox Zenbox flags this file as: MALWARE TROJAN EVADER RAT

Startup Folder File Write
Potential Raspberry Robin Registry Set Internet Settings ZoneMap
ET MALWARE Remcos 3.x Unencrypted Checkin
ET MALWARE Remcos 3.x Unencrypted Server Response

Malware.SwollenFile!1.E38A (CLASSIC)
W32.Adware.Gen

Source : https://www.virustotal.com/gui/file/0a7ab7dcd3f0ff7ae5bbbbf52f293526be78500d48eeef01809758b6bd95ee3e

Account : Yanisumin <--- Please ban or Lock that Account and delete the Thread
Registered since February 25, 2016,
Last post was back in September 22, 2018 , Hacked or sold Account

They just copied and pasted from Original Ann and changed some things!
Fake Ann Thread : [ANN] DigitalNode [XDT] - PoW/PoS, Masternodes, Untraceable encrypted messaging

Quote from: Yanisumin on December 14, 2024, 07:04:00 AM

DigitalNode

Code:

[b]Windows:[/b] https://github.com/phlddsy/DigitalNote/releases/download/2.0.1/DigitalNode-qt.win64.zip
[b]Linux:[/b] https://github.com/phlddsy/DigitalNote/releases/download/2.0.1/DigitalNote-qt.linux.arm64

Original Ann Thread : [ANN] DigitalNote [XDN] - PoW/PoS, Masternodes, Untraceable encrypted messaging

This post is also a reference for the Github Report !

lovesmayfamilis

legendary

Activity: 2072

Merit: 4265

✿♥‿♥✿

Quote from: $crypto$ on December 14, 2024, 03:34:52 AM

Quote from: N.O on December 13, 2024, 08:17:39 AM

Another Sold/Hacked account was posted TYPEX Ann topic with Malware download links.

Another fake thread and possibly hacked hero account.

Account: knightkon Please Ban
Ann Fake: [ANN] [TYPX] TYPEX - A secure & untraceable blockchain with AI applications

Quote from: ?? on ??

Code:

[b]Windows: [/b][url=https://github.com/RadiumXMain/Typex/releases/download/1.5.2/Typex-win64-v.1.5.2.zip]https://github.com/typex-coin/Typex/releases/download/1.5.2/Typex-win64-v.1.5.2.zip[/url]

Quote from: Lafu on December 12, 2024, 11:57:33 AM

every help and report is appreciated.

Yes, always use this link reference to report to Github, and now it has been reported, let's wait for the update, even though it takes a while, at least we have tried.

another
https://bitcointalksearch.org/topic/ann-typx-typex-a-secure-untraceable-blockchain-with-ai-applications-5522760

$crypto$

legendary

Activity: 2394

Merit: 1049

Smart is not enough, there must be skills

Quote from: N.O on December 13, 2024, 08:17:39 AM

Another Sold/Hacked account was posted TYPEX Ann topic with Malware download links.

Another fake thread and possibly hacked hero account.

Account: knightkon Please Ban
Ann Fake: [ANN] [TYPX] TYPEX - A secure & untraceable blockchain with AI applications

Quote from: ?? on ??

Code:

[b]Windows: [/b][url=https://github.com/RadiumXMain/Typex/releases/download/1.5.2/Typex-win64-v.1.5.2.zip]https://github.com/typex-coin/Typex/releases/download/1.5.2/Typex-win64-v.1.5.2.zip[/url]

Quote from: Lafu on December 12, 2024, 11:57:33 AM

every help and report is appreciated.

Yes, always use this link reference to report to Github, and now it has been reported, let's wait for the update, even though it takes a while, at least we have tried.

N.O

full member

Activity: 336

Merit: 208

Another Sold/Hacked account was posted TYPEX Ann topic with Malware download links.

Account Link: martina14 <<<< Please Ban this account

Fake ANN thread: [ANN] [TYPX] TYPEX - A secure & untraceable blockchain with AI applications please remove this topic

Quote from: martina14 on December 13, 2024, 08:13:25 AM

Code:

[b]Windows: [/b][url=https://github.com/RadiumXMain/Typex/releases/download/1.5.2/Typex-win64-v.1.5.2.zip]https://github.com/typex-coin/Typex/releases/download/1.5.2/Typex-win64-v.1.5.2.zip[/url]

This post is used as reference for Github Report!

Lafu

legendary

Activity: 3178

Merit: 3295

Quote from: N.O on December 12, 2024, 11:39:54 AM

@Lafu check it and take action against this account if I am right.

Quote from: m3hm3t on December 12, 2024, 11:14:47 AM

Code:

https://github.com/RadiumXMain/

https://www.virustotal.com/gui/file/6f0339a6b64c89b81ef74c06bd75e87da449f0ccd860e550f3e222957b040f03/detection

There is nothing that i have to check , because you are right already and all github/RadiumXMain downloads you will be find are Malware download Links.
Just simple , all you will be see and find with that Fake Github you can report and the User Accounts that posting it are hacked or sold to 100%.
But thanks for keeping your eyes open and for your help against this Malware Hacking Shit from them , every help and report is appreciated.

N.O

full member

Activity: 336

Merit: 208

We have found a new Fake Ann thread with fake GitHub account with malware download Please @Lafu check it and take action against this account if I am right.

Suspicious thing is that last post is created in May 2109 before publish fake Ann thread of TYPEX

Account Link: m3hm3t (sold/hacked account)

Fake ANN thread: [ANN] [TYPX] TYPEX - A secure & untraceable blockchain with AI applications

Quote from: m3hm3t on December 12, 2024, 11:14:47 AM

Code:

[b]Windows: [/b][url=https://github.com/RadiumXMain/Typex/releases/download/1.5.2/Typex-win64-v.1.5.2.zip]https://github.com/typex-coin/Typex/releases/download/1.5.2/Typex-win64-v.1.5.2.zip[/url]

https://www.virustotal.com/gui/file/6f0339a6b64c89b81ef74c06bd75e87da449f0ccd860e550f3e222957b040f03/detection

This post will use as reference for GitHub Report!

Lafu

legendary

Activity: 3178

Merit: 3295

We have a new Fake Ann Thread with an Fake Github Malware download and also an Fake Website where they copy and pasted from another Webpage DogWifTools !

The Fake Github was just created 2 Hours ago

Fake Github : github.com/dogwiftools-72

Fake Website :

Code:

https://dogwiftools.fun/

Original Website :

Code:

https://dogwiftools.com/

The Fake Demo Bot from the Github is Malware:

Code:

Malware.SwollenFile!1.E38A (CLASSIC)
Trojan:W32/GenInflated.B

Source : https://www.virustotal.com/gui/file/a8da6062da485f2af3cae7f28d86f87ee775b7925feb39303570d1bf1c59abaa/detection

Account : PlataOcrypto <--- Please ban or Lock that Account and delete the Thread
The Account is Registered since December 24, 2021, and the last post back in June 07, 2022, Hacked or sold Account

Fake Ann Thread : [SOFT] RugPool maker | Solana | DogWifTools | Buys, Sells, Volume Bot
The Thread is self-moderated as always from the Hackers.

Quote from: PlataOcrypto on December 12, 2024, 04:00:08 AM

Introducing DogWifTools
Free 72 hours version:

Code:

https://github.com/dogwiftools-72/DWT-test/releases/download/1.0.0/dogwiftools-v1.0.0-demo72h.zip
https://dogwiftools.fun
https://x.com/dogwiftools

And another Account has written the same Fake Website already on 30. November with also an Fake Github Link !

Fake Github : github.com/dogwiftools-demo/DOGWIFTOOLS

Account : bitquad <--- Please ban or Lock that Account and delete the Thread
Registered since November 13, 2019 , Hacked or sold Account

Fake Ann Thread 1 : [SOFT] DogWifTools: Micro Buys, Bundled Buys, Micro Sells, Volume Bot Features
Fake Ann Thread 2 : [SOFT]DogWifTools: Micro Buys, Bundled Buys, Micro Sells, Volume Bot Features
Also here the Threads are self-moderated

Quote from: ?? on ??

Introducing DogWifTools
Free 72 hours version:

Code:

https://github.com/dogwiftools-demo/DOGWIFTOOLS/releases/download/1.0.0/dogwiftools-v1.0.0-demo72h.zip
https://dogwiftools.fun
https://x.com/dogwiftools

This post is also a reference for the Github Report !

N.O

full member

Activity: 336

Merit: 208

We have found a new Fake Ann topic for STRONG$ Coin with virus Links Copper member Published it.

Account Link: kratosDAO <<<< Please Ban this account

Fake ANN thread: [ANN] [STR$] STRONG$ Coin - kHeavyHash | PoW please remove topic

Quote from: kratosDAO on December 12, 2024, 05:52:55 AM

Code:

[b]Windows:[/b] https://github.com/Strongs-release/STRONGS/releases/download/1.0.1/STRONG.-v.1.0.1-Release-Win64.zip
[b]Linux:[/b] https://github.com/Strongs-release/STRONGS/releases/download/1.0.1/STRONGS.-v.1.0.1-Release-Linux.tar.gz

This post is used as reference for Github Report!

N.O

full member

Activity: 336

Merit: 208

One more sold/hacked junior account published Malware Download links for STRONG$ Coin

Account Link: bali_2 <<<< Please Ban this account

Fake ANN thread: [ANN] [STR$] STRONG$ Coin - kHeavyHash | PoW please remove this topic

Quote from: bali_2 on December 10, 2024, 05:54:25 AM

Code:

[b]Windows:[/b] https://github.com/Strongs-release/STRONGS/releases/download/1.0.1/STRONG.-v.1.0.1-Release-Win64.zip
[b]Linux:[/b] https://github.com/Strongs-release/STRONGS/releases/download/1.0.1/STRONGS.-v.1.0.1-Release-Linux.tar.gz

This post is used as reference for Github Report!

Edited: 11 Dec

Senior sold/hacked account published new Fake Ann thread for STRADA.

Account Link: Frinky Please Ban this account

Fake ANN thread: [ANN] STRADA - POW Heavyhash | Masternode please remove this topic

Quote from: ?? on ??

Code:

[b]STRADA Wallet for Windows :[/b] [url=https://github.com/RadiumXMain/Strada/releases/download/1.03/Strada-win64-v.1.0.3.zip]https://github.com/Strada-dv/Strada/releases/download/1.01/Strada-win64-v.1.0.3.zip[/url]

Ms_Mining

member

Activity: 205

Merit: 43

✔️ Telegram @miningrelease

Account: Koioss <= Please Banned
Fake Ann topic: [ANN] STRADA - POW Heavyhash | Masternode

Quote from: Koioss on December 10, 2024, 06:27:18 AM

Wallet Download:

Code:

[b]STRADA Wallet for Windows :[/b] [url=https://github.com/RadiumXMain/Strada/releases/download/1.03/Strada-win64-v.1.0.3.zip]
https://github.com/Strada-dv/Strada/releases/download/1.01/Strada-win64-v.1.0.3.zip[/url]

Lafu

legendary

Activity: 3178

Merit: 3295

And again he have an Fake Ann Thread with an Fake Website Link where you can download a Malware Wallet File this time for Slimo !

Fake Webpage :

Code:

https://slimocore.com

Fake Github : github.com/SlimoCore/Slimo

Fake Wallet download on the Webpage :

Code:

https://dodgerblue-grasshopper-619575.hostingersite.com/wp-content/uploads/2024/12/slimo-qt-windows.zip

And again if you download that Wallet file and install and start it a lot of things will be happen:

Files that will be droped

Code:

StartupProfileData-Interactive
powershell.exe.log
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\RegAsm.exe.log
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tempup.url
:\Users\user\Documents\20241210\PowerShell_transcript.405464.2SddcTIx.20241210003155.txt

On top of that its again full of Malware and Trojan shit:

Code:

Zenbox flags this file as: MALWARE TROJAN EVADER RAT

Drops script at startup location
Bad Opsec Defaults Sacrificial Processes With Improper Arguments
Dot net compiler compiles file from suspicious location
Suspicious DNS Query for IP Lookup Service APIs
PowerShell Script Run in AppData
Startup Folder File Write
Dynamic .NET Compilation Via Csc.EXE

ET MALWARE Observed Malicious SSL Cert (Quasar CnC)
ET MALWARE Generic AsyncRAT Style SSL Cert
ET INFO External IP Lookup Domain in DNS Lookup

Win64:Evo-gen [Trj]

Source : https://www.virustotal.com/gui/file/93c17b482bf0bf274580744e57b27c70ffbbe1d14bb0c312e66f62e99ffa7c60/behavior

Account : Aingmangel <--- Please ban or Lock that Account and delete the Thread
This user recently woke up from a long period of inactivity.
This Account is Registered since October 04, 2021, Hacked or sold Account

Fake Ann Thread : [ANN] Slimo - Let's get slimy together!

Quote from: Aingmangel on December 08, 2024, 08:11:25 PM

Slimo

Code:

https://github.com/SlimoCore/Slimo
https://slimocore.com
https://slimocore.com/#wallets

This post is also a reference for the Github Report !

N.O

full member

Activity: 336

Merit: 208

We found a new Fake Ann thread with Malware Download links in both versions Window and Linux for STRONG$ Coin.

Account Link: Mubarrak95 <<<< Please Ban this account or lock

Fake ANN thread: [ANN] [STR$] STRONG$ Coin - kHeavyHash | PoW please remove that topic

Quote from: Mubarrak95 on December 08, 2024, 10:55:59 AM

Code:

[b]Windows:[/b] https://github.com/Strongs-release/STRONGS/releases/download/1.0.1/STRONG.-v.1.0.1-Release-Win64.zip
[b]Linux:[/b] https://github.com/Strongs-release/STRONGS/releases/download/1.0.1/STRONGS.-v.1.0.1-Release-Linux.tar.gz

This post is used as reference for Github Report!

Edited: 9 Dec/2024

Another hacked or sold member rank posted virus download links STRONG$ Coin.

Account Link: budi12 <<<< Please Ban this account

Fake ANN thread: [ANN] [STR$] STRONG$ Coin - kHeavyHash | PoW

Quote from: ?? on ??

Code:

[b]Windows:[/b] https://github.com/Strongs-release/STRONGS/releases/download/1.0.1/STRONG.-v.1.0.1-Release-Win64.zip
[b]Linux:[/b] https://github.com/Strongs-release/STRONGS/releases/download/1.0.1/STRONGS.-v.1.0.1-Release-Linux.tar.gz

This post is used as reference for Github Report!

Lafu

legendary

Activity: 3178

Merit: 3295

And again he have an Fake Ann Thread with an Fake Website Link where you can download a Malware Wallet File for Viltracoin (VLC) !

Fake Webpage :

Code:

https://viltrac.com/

Fake Github : github.com/viltra-network

Fake Wallet download on the Webpage :

Code:

https://download.viltrac.com/files/viltracoin-qt.zip

If you download that Wallet and install and start it a lot of things will be happen:

Files that will be droped

Code:

StartupProfileData-Interactive
powershell.exe.log
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\RegAsm.exe.log
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tempup.url
C:\Users\user\Documents\20241201\PowerShell_transcript.783875.VpVKuWe3.20241201085041.txt

On top of that its full of Malware and Trojan shit:

Code:

Zenbox flags this file as: MALWARE TROJAN EVADER RAT

Drops script at startup location
Bad Opsec Defaults Sacrificial Processes With Improper Arguments
Dot net compiler compiles file from suspicious location
Suspicious DNS Query for IP Lookup Service APIs
PowerShell Script Run in AppData
Startup Folder File Write

ET MALWARE Observed Malicious SSL Cert (Quasar CnC)
ET MALWARE Generic AsyncRAT Style SSL Cert
ET INFO External IP Lookup Domain in DNS Lookup
SURICATA STREAM excessive retransmissions

A Variant Of Generik.USQOLA
Win64:Evo-gen [Trj]

Source : https://www.virustotal.com/gui/file/0c904ce53aeca5d0e078e752c24dc3bed47b74d22f9158b6b4fb56d55c178ae0/detection

Account : Sventreste <--- Please ban or Lock that Account and delete the Thread
This user recently woke up from a long period of inactivity.
This Account is Registered since October 04, 2021, Hacked or sold Account

Fake Ann Thread : [ANN] Viltracoin (VLC): Redefining Decentralized Finance!

Quote from: ?? on ??

Viltracoin (VLC)

Code:

[b]Website:[/b] https://viltrac.com
[b]Github:[/b] https://github.com/viltra-network/viltracoin

This post is also a reference for the Github Report !

Topic: Report Malware and Suspicious Links here so Mods can take Action ! (Read 37843 times)