Report Malware and Suspicious Links here so Mods can take Action !

N.O

full member

Activity: 392

Merit: 235

We have found a new Fake Ann topic for Canva and hacked/sold account posted it.

Account link: cellinec <<<< Please Ban this account

Fake Ann topic: [ANN][CANN] Canvas: Redefining Decentralized Digital Finance please remove topic

Quote from: ?? on ??

Code:

[b]Wallet[/b] https://github.com/Canvas-Core/Canvas/releases/download/1.0.4/Canva-v1.0.4-win64.zip

This post is used as reference for Github Report!

Original Canva Ann Topic: https://bitcointalk.org/index.php?topic=5526058.new#new

logfiles

copper member

Activity: 2198

Merit: 1837

🌀 Cosmic Casino

Hello Mods, these accounts have been discovered to advertise phishing/malicious site on their Signature space and website area. I request you to ban them so that some unsuspecting members may not click on the links in the signature space unknowingly as the signatures will be wiped off

More details about the accounts getting hacked and the weird behavior - https://bitcointalksearch.org/topic/--5526385

Quote from: ?? on ??

Accounts involved:
1. Kittygalore
2. t3xasdolly
3. Mr.John19
4. endut15

Lafu

legendary

Activity: 3220

Merit: 3509

And we have again a new Fake Ann Thread with an Fake Github and an Malware download Link for [SOFT]DogWifTools !

The Fake Github was created just 4 Hours ago.

Fake Github : github.com/DogWifToolsBundler

I downloaded the File there and got an instant Warning from Windows that it is a Virus or Malware!

Last time they posted that Fake Demo DogWifTools it was :

Code:

Malware.SwollenFile!1.E38A (CLASSIC)
Trojan:W32/GenInflated.B

You can read that here : https://bitcointalksearch.org/topic/m.64838824

Account : Dtales <--- Please ban or Lock that Account and delete the Thread
Registered since September 04, 2014.
Last time that Account posted was back in February 03, 2023 , Hacked or sold Account

Fake Ann Thread 1 : [SOFT]DogWifTools: Micro Buys, Bundled Buys, Micro Sells, Volume Bot Features
Fake Ann Thread 2 : [SOFT]DogWifTools: Micro Buys, Bundled Buys, Micro Sells, Volume Bot Features
Both Threads are self moderated

Quote from: Dtales on January 15, 2025, 07:47:44 AM

DogWifTools
FREE 72 HOURS VERSION

Code:

https://github.com/DogWifToolsBundler/DWT/releases/download/1.6.1/DOGWifTools-v1.6.1.zip

This post is also a reference for the Github Report !

N.O

full member

Activity: 392

Merit: 235

Today another three sold/hacked account posted Fake Ann topic of these coins; STRONG, Lamba and Medusa.

Account link: judaspriest <<< Please Ban this account

Fake Ann topic: [ANN] Limba KawPow Masternode

Quote from: ?? on ??

Code:

[b]Windows:[/b]  https://github.com/Limba-blockchain/Limba/releases/download/2.21/Limba-Setup-win64-v2.21.zip

Account link: waONE <<< Please Ban this account

Fake Ann topic: [ANN] [STR$] STRONG$ Coin - kHeavyHash | PoW

Quote from: waONE on January 11, 2025, 03:16:54 AM

Code:

[b]Windows: [/b]
https://github.com/STRONGS-blockchain/STRONGS/releases/download/1.0.2/STRONGS-win64-v1.0.2.zip

Account link: ningrum <<< Please Ban this account

Fake Ann topic: [ANN] Medusa Coin - POW + POS + Masternode

Quote from: ningrum on January 11, 2025, 03:23:59 AM

Code:

[b]Windows:[/b] https://github.com/medusa-main/Medusa/releases/download/1.0.1/Medusa-Windows.zip

[b]Linux:[/b] https://github.com/medusa-main/Medusa/releases/download/1.0.1/Medusa-Linux.tar

This post is used as reference for Github Report!

N.O

full member

Activity: 392

Merit: 235

Another we have found a new fake ANN thread and hacked/sold account published it with malware links for LIMBA

Account link: rodmouvi <<<< Please Ban this account

Fake Ann topic: [ANN] Limba KawPow Masternode please remove this topic

Quote from: rodmouvi on January 10, 2025, 08:18:06 AM

Code:

[b]Windows:[/b]  https://github.com/Limba-blockchain/Limba/releases/download/2.21/Limba-Setup-win64-v2.21.zip

This post is used as reference for Github Report!

Lafu

legendary

Activity: 3220

Merit: 3509

The Account : BlueWings also got Hacked and posted that Fake Ann Limba KawPow Masternode !
A proof for that you can read here : https://ninjastic.space/search?topic_id=5525861.0

The Account is Registered since December 03, 2017, and the last post was made in April 05, 2020,
The Fake Ann was edited , but should be deleted and the Account locked or banned so that he cant post new Fake Anns.

$crypto$

legendary

Activity: 2394

Merit: 1049

Smart is not enough, there must be skills

Quote from: N.O on January 09, 2025, 07:36:46 AM

This post is used as reference for Github Report!

Yes, like this Github was only created 44 minutes ago and after that they spread it on the forum.

This thread has been reported to the moderators for immediate removal and a ban on posting.

Will report this github account with this reference.

N.O

full member

Activity: 392

Merit: 235

We have found a new fake ANN thread and hacked/sold account posted it with malware links for LIMBA

Account link: sann111 <<<< Please Ban this account

Fake Ann topic: [ANN] Limba KawPow Masternode please remove this topic

Quote from: ?? on ??

Code:

[b]Windows:[/b]  https://github.com/Limba-blockchain/Limba/releases/download/2.21/Limba-Setup-win64-v2.21.zip

This post is used as reference for Github Report!

Ambatman

sr. member

Activity: 518

Merit: 433

Playbet.io - Crypto Casino and Sportsbook

https://bitcointalksearch.org/topic/i-just-won-20-at-freebitcoin-5525794

Possible spam and malicious link
Was reported and deleted but has been posted again.

Lafu

legendary

Activity: 3220

Merit: 3509

And we have another new Fake Ann Thread with an Malware download Link and Fake Github for [BNRM] Binarium !

The Fake GIthub was just created 5 days ago.
Fake Github : github.com/Binarium-release

Account : RenBct <--- Please ban or Lock that Account and delete the Thread
The Account is Registered since July 27, 2017 , and the last post back in July 04, 2020
Hacked or sold Account.

Fake Ann Thread : [ANN] [BNRM] Binarium -100% POW CPU/GPU Minable (GhostRider) | SmartNodes

Quote from: RenBct on January 08, 2025, 06:51:49 AM

Binarium
Wallet:

Code:

https://github.com/Binarium-release/Binarium/releases/download/2.1.1/Binarium-win64-v2.1.1.zip

This post is also a reference for the Github Report !

$crypto$

legendary

Activity: 2394

Merit: 1049

Smart is not enough, there must be skills

Binarium fake thread

Account: RenBct please ban Already banned
Fake ANN: [ANN] [BNRM] Binarium -100% POW CPU/GPU Minable (GhostRider) | SmartNodes

Quote from: RenBct on January 08, 2025, 06:51:49 AM

Code:

[b]Windows:[/b] https://github.com/Binarium-release/Binarium/releases/download/2.1.1/Binarium-win64-v2.1.1.zip

Please report the Github account again. Edit still trying to report to github several times with this reference.

$crypto$

legendary

Activity: 2394

Merit: 1049

Smart is not enough, there must be skills

Another fake thread + possible account sold or hacked.

Account: SaveOurSea Please ban
Fake ANN: [ANN] Medusa Coin - POW + POS + Masternode

Quote from: SaveOurSea on January 07, 2025, 06:09:31 AM

Code:

[b]Windows:[/b] https://github.com/medusa-main/Medusa/releases/download/1.0.1/Medusa-Windows.zip
[b]Linux:[/b] https://github.com/medusa-main/Medusa/releases/download/1.0.1/Medusa-Linux.tar

Will report this Github again so it can be blocked immediately.

Edit
Fake thread comes again. please ban

account: Crypto_Tribunal
Fake ANN: [ANN] Medusa Coin - POW + POS + Masternode

Quote from: Crypto_Tribunal on January 07, 2025, 08:04:54 AM

Code:

[b]Wallets[/b]

[b]Windows:[/b] https://github.com/medusa-main/Medusa/releases/download/1.0.1/Medusa-Windows.zip
[b]Linux:[/b] https://github.com/medusa-main/Medusa/releases/download/1.0.1/Medusa-Linux.tar

$crypto$

legendary

Activity: 2394

Merit: 1049

Smart is not enough, there must be skills

Fake threads and accounts hacked or sold by spreading Malware viruses via Github downloads.

Fake ANN: [ANN] [BNRM] Binarium -100% POW CPU/GPU Minable (GhostRider) | SmartNodes
Account: Valovut

Quote from: Valovut on January 04, 2025, 06:57:19 AM

Code:

[b]Windows:[/b] https://github.com/Binarium-release/Binarium/releases/download/2.1.1/Binarium-win64-v2.1.1.zip

The Github account was created yesterday and just created the repository an hour ago.
Just reported it, hopefully it will be acted upon sooner.

Another fake thread

Fake ANN: [ANN] Medusa Coin - POW + POS + Masternode
Account: Valovut

Quote from: Valovut on January 04, 2025, 07:31:59 AM

Code:

[b]Windows:[/b] https://github.com/medusa-main/Medusa/releases/download/1.0.1/Medusa-Windows.zip
[b]Linux:[/b] https://github.com/medusa-main/Medusa/releases/download/1.0.1/Medusa-Linux.tar

This Github account has been reported as well and this link is for reference.

N.O

full member

Activity: 392

Merit: 235

Another Full member hacked/sold account was published fake Ann topic for Medusa Coin.

Account link: crafty <<<< Please ban account

Fake Ann topic: [ANN] Medusa Coin - POW + POS + Masternode please remove topic

Quote from: ?? on ??

Code:

[b]Windows:[/b] https://github.com/medusa-main/Medusa/releases/download/1.0.1/Medusa-Windows.zip
[b]Linux:[/b] https://github.com/medusa-main/Medusa/releases/download/1.0.1/Medusa-Linux.tar

This post is used as reference for Github Report!

Another sold/hacked account posted Fake Ann topic with virus Links for Binarium.

Account link: superstarbtc <<<

Fake Ann topic: [ANN] [BNRM] Binarium -100% POW CPU/GPU Minable (GhostRider) | SmartNodes

Quote from: ?? on ??

Code:

[b]Windows:[/b] https://github.com/Binarium-release/Binarium/releases/download/2.1.1/Binarium-win64-v2.1.1.zip

This post is used as reference for Github Report!

N.O

full member

Activity: 392

Merit: 235

We have found a new Fake Ann topic with virus wallet for Medusa Coin and hacked/sold account was posted

Account link : boymuhammad <<<< Please Ban this account

Fake Ann topic: [ANN] Medusa Coin - POW + POS + Masternode please remove this topic

Original topic: https://bitcointalksearch.org/topic/--5520901

Quote from: boymuhammad on December 29, 2024, 03:45:03 AM

Code:

[b]Windows:[/b] https://github.com/medusa-main/Medusa/releases/download/1.0.1/Medusa-Windows.zip
[b]Linux:[/b] https://github.com/medusa-main/Medusa/releases/download/1.0.1/Medusa-Linux.tar

This post is used as reference for Github Report!

Lafu

legendary

Activity: 3220

Merit: 3509

And i was right and now i have the evidence that its a Fake Ann with an Fake Webpage and Malware Wallet download for [LNGC] Longcoin !

The Fake Github is only 4 days old.

Fake Github : github.com/long-network

Fake Webpage and Fake Wallet download Link there :

Code:

https://long-network.com/
https://services-long-network-com.preview-domain.com/wp-content/uploads/2024/12/longcoin.7z
https://services-long-network-com.preview-domain.com/wp-content/uploads/2024/12/longcoin-qt-linux.tar.gz

Zenbox flags this file as: MALWARE TROJAN EVADER RAT

Code:

Drops script at startup location
Bad Opsec Defaults Sacrificial Processes With Improper Arguments
Dot net compiler compiles file from suspicious location
Suspicious DNS Query for IP Lookup Service APIs
PowerShell Script Run in AppData
Startup Folder File Write

ET MALWARE Observed Malicious SSL Cert (Quasar CnC)
ET MALWARE Generic AsyncRAT Style SSL Cert
ET INFO Observed DNS Query to Commonly Abused Preview Domain (preview-domain .com)
ET INFO External IP Lookup Domain in DNS Lookup (ipwho .is)
SSLBL: Malicious SSL certificate detected (QuasarRAT C&C)

C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-Interactive
C:\Users\user\AppData\Local\Temp\RegAsm.exe
C:\Users\user\Documents\20241226\PowerShell_transcript.019635._nBkIR+H.20241226130004.txt
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tempup.url

Win64:Evo-gen [Trj]

Source : https://www.virustotal.com/gui/file/ef27c49ed817f7b8f55dfbe4accd1493473004dbcda3ea699b10a2ea6f855e12/behavior

Account : long-network <--- Please ban or Lock that Account and delete the Thread
The Account is just 3 Days old

Fake Ann Thread : [ANN] [LNGC] Longcoin: Empowering Global Collaboration and Innovation
The Fake Ann is also self-moderated as always from the Hackers.

Quote from: ? on December 25, 2024, 07:17:22 PM

[LNGC] Longcoin:

Code:

https://long-network.com
https://long-network.com/#wallets
https://github.com/long-network/core

This post is also a reference for the Github Report !

btc_angela

hero member

Activity: 2660

Merit: 551

Quote from: Lafu on December 26, 2024, 01:43:54 PM

Just posting this here now to have watch on that Ann Thread as it looks like it is a Fake Ann!

Same scheme as always from the Hackers with an sefl-moderated Thread and a cheap random Webpage.
Also the Github link in the thread was just created 2 days ago .

Account : long-network
The Account is just 1 Day old

Suspicious Thread : [ANN] [LNGC] Longcoin: Empowering Global Collaboration and Innovation

Quote from: ? on December 25, 2024, 07:17:22 PM

[LNGC] Longcoin:

Code:

https://long-network.com
https://long-network.com/#wallets
https://github.com/long-network/core

Suspicious Webpage and download Link there :

Code:

https://long-network.com/
https://services-long-network-com.preview-domain.com/wp-content/uploads/2024/12/longcoin.7z
https://services-long-network-com.preview-domain.com/wp-content/uploads/2024/12/longcoin-qt-linux.tar.gz

As the File there cant be downloaded for some reason i cant check it and there is no proof for a Malware Wallet.

But all suspicious evidence and the same sheme is here , will be watching this Thread.

I did try to run it on Virustotal and here are the results:

https://www.virustotal.com/gui/url/e2beaf2224688bdb6b68cc926c4517e1011b51b6786343968b36d455c934386e

https://www.virustotal.com/gui/url/48701549c28f62b50f147c451de8ae5cc5be236572e5d040e95230d9d9fbfb01

And Windows Defender automatically delete it when I try to download and check.

So it has been flag by both, so definitely that links has malware in it.

Lafu

legendary

Activity: 3220

Merit: 3509

Just posting this here now to have watch on that Ann Thread as it looks like it is a Fake Ann!

Same scheme as always from the Hackers with an sefl-moderated Thread and a cheap random Webpage.
Also the Github link in the thread was just created 2 days ago .

Account : long-network
The Account is just 1 Day old

Suspicious Thread : [ANN] [LNGC] Longcoin: Empowering Global Collaboration and Innovation

Quote from: ? on December 25, 2024, 07:17:22 PM

[LNGC] Longcoin:

Code:

https://long-network.com
https://long-network.com/#wallets
https://github.com/long-network/core

Suspicious Webpage and download Link there :

Code:

https://long-network.com/
https://services-long-network-com.preview-domain.com/wp-content/uploads/2024/12/longcoin.7z
https://services-long-network-com.preview-domain.com/wp-content/uploads/2024/12/longcoin-qt-linux.tar.gz

As the File there cant be downloaded for some reason i cant check it and there is no proof for a Malware Wallet.

But all suspicious evidence and the same sheme is here , will be watching this Thread.

Crypto Library

hero member

Activity: 1036

Merit: 933

Find your Digital Services at- cryptolibrary.pro

Quote from: Mitchell on December 23, 2024, 07:10:28 AM

Quote from: Crypto Library on December 22, 2024, 12:33:21 PM

I got one! Spreading the phishing link. It's looks like new strategy they just put the qr codes on the website and that directly asked to open the apps.

[...]

The QR codes are harmless. They just contain `bitcoin:` / `dogecoin:` URI's, which will trigger your wallet apps to open. Totally normal and expected (and not phishing/harfuml).

It is however begging and not allowed. Tongue

My mistake,,,, yea I am seeing that it's only begging.
Actually, at the first look it was suspicious for me and when I checked with the virus-total and see that the 1st qr bring me to open my wallet I thought it's a phishing link........
by the way thanks, It will remind me to look out more deeply these things on the next time .

Mitchell

copper member

Activity: 3948

Merit: 2201

Verified awesomeness ✔

Quote from: Crypto Library on December 22, 2024, 12:33:21 PM

I got one! Spreading the phishing link. It's looks like new strategy they just put the qr codes on the website and that directly asked to open the apps.

[...]

The QR codes are harmless. They just contain `bitcoin:` / `dogecoin:` URI's, which will trigger your wallet apps to open. Totally normal and expected (and not phishing/harfuml).

It is however begging and not allowed. Tongue

Topic: Report Malware and Suspicious Links here so Mods can take Action ! (Read 38479 times)