Pages:
Author

Topic: Report Malware and Suspicious Links here so Mods can take Action ! - page 11. (Read 36997 times)

sr. member
Activity: 294
Merit: 433
HODL - BTC
Newbie accounts spread the virus on meta boards and local india boards with Trading AI Tool.

user: ddoxer889 - Please ban this user and lock the thread.
ANN: Trading AI Tool / Trading AI Tool

Code:
[url=https://transfer.sh/MadLG7DuLG/Trading%20AI%20Tool.zip]https://transfer.sh/MadLG7DuLG/Trading%20AI%20Tool.zip[/url]

Virustotal: https://www.virustotal.com/gui/url/88da53b771ed7fa6392a003168cedf076e78eede18d8a426bd583219a7396e51/detection
legendary
Activity: 3136
Merit: 3213
And again we have a new Fake Ann Thread with a new Fake Github Malware download Link for Capybara coin !

Fake Github Files was just uploaded 40 Minutes ago.

Fake Github : github.com/xaMWVUnT/capybara/
Real Github : github.com/Capybaraworld/

Account : Dmengeon2  <--- Please ban or Lock that Account and delete the Thread
Registered since October 31, 2017 , Hacked or sold Account

Fake Ann Thread :  Capybara coin - scrypt animal coin (Not another animal coin)

Wallets
Windows:
Code:
https://github.com/xaMWVUnT/capybara/blob/main/capybara-win64.zip

Virustotal : https://www.virustotal.com/gui/file/5ab74c83f8df2dd95e83e220bb2b0e3bf63b24aa7043b5cdd38f4ca7f6360ae0/behavior
Code:
C:\Windows\Supremo.exe
C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe

When you install the Fake Github download file it will create a lot of bad things.
One of them is the File C:\Windows\Supremo.exe that is a Remote Control Program

This post is also a reference for the Github Report !
legendary
Activity: 3136
Merit: 3213
And we have another new Fake Ann Thread with an Fake Github download Link for Nevermore !

Fake Github : github.com/thelifebeautifulguru
Real Github : github.com/evrmoreorg

Account : Krissh_369  <--- Please ban or Lock that Account and delete the Thread
This user recently woke up from a long period of inactivity.
Registered since April 21, 2020 , hacked or sold Account

Fake Ann Thread : [ANN] Nevermore - blockchain for DeFI (Fork Evrmore) (GPU mining)

Wallets
Windows:
Code:
https://github.com/thelifebeautifulguru/Nvrmore/releases/download/2.1.0/nevermore-v2.1.0-win64.zip

For More Information:
discord.gg/4csauGuvw3

Original Ann Thread : [ANN] Evrmore [EVR] Blockchain | ProgPoW GPU Mining | The Ravencoin fork for DeF

Account : hans_schmidt

For More Information:
https://github.com/evrmoreorg
discord.gg/4csauGuvw3

This post is also a reference for the Github Report !
legendary
Activity: 3136
Merit: 3213
And we have new Fake Ann Topics with Malware download Links again , now with Short Links !

The Short Links are directing to the Fake Github Account download page!
Windows:
Code:
https://shorturl.at/dzET7

With http://getlinkinfo.com you will get all the Information you need and you see the Fake Github Account !
GetLinkInfo for that used Short Link : Result

Fake Github : github.com/nikitonum
Real Github : github.com/nikitonium

Account : mah0099  <--- Please ban or Lock that Account and delete the Thread
This user recently woke up from a long period of inactivity.
Registered since August 02, 2020 , hacked or sold Account

Fake Ann Thread :  [ANN] SUB - sub network for workspace (Mineable)

Windows:
Code:
https://shorturl.at/dzET7



And again a new Fake Ann with a new Fake Github Account showed up this time for BlackCode !

Fake Github just got created 1 Hour ago and looks like it got already deleted.

Fake Github : github.com/BlackCodeBlockchain

Virustotal Malware and Trojan detections : https://www.virustotal.com/gui/file/bc2b3e767d1c973f8a1d5f70fa44f3bef1cda849e8520aca17833ba8833d956e/behavior
Files that will get installed here again:
LINKS
Code:
Github: https://github.com/BlackCodeBlockchain/CoreWallets/releases/tag/2.1.2

This post is also a reference for the Github Report !
copper member
Activity: 588
Merit: 926
The Fake Github Account was just created 1 Hour ago.

Can I ask you a question? How do you determine the time and date when a Github account was created? I found three threads created by the accounts you marked in red and I wanted to see the time the accounts were created on Github, but I didn't see that information there.

https://bitcointalksearch.org/topic/--5473646
https://bitcointalksearch.org/topic/--5473647
https://bitcointalksearch.org/topic/--5473645
legendary
Activity: 3136
Merit: 3213
And we have a new Fake Ann Thread with a new Fake Github Account for Subi Network !

The Fake Github Account was just created 1 Hour ago.

Fake Github : github.com/VirtualRealityProject
Real Github : github.com/subinetwork

Account : alinyous  <--- Please ban or Lock that Account and delete the Thread
Looks like this Account got hacked or sold , Registered since May 25, 2018.

Fake Ann Thread :  [ANN] VRT - virtual reality project (Ghostrider/Exchange 20/11/2023)

Subi Network's combination of public and private blockchain technologies for unparalleled gaming experiences in virtual reality
WALLETS
Windows:
Code:
https://github.com/VirtualRealityProject/VRNetwork/releases/download/1.1.2.4/subi-win-1.1.2.4.zip

Original Website : https://subinetwork.com/

Quote
Subi Network combine public and private blockchain technologies to create unparalleled gaming experiences based on virtual reality.
Source : https://subinetwork.com/

This post is also a reference for the Github Report !
legendary
Activity: 3136
Merit: 3213
And we have again a new Fake Ann Thread with a new Fake Github Account with Malware download Link for ARSAGILITY !

The Fake Github Account was just created 20 Minutes ago.

Fake Github : github.com/Arsagility
Real Github : github.com/arsa-hub

Account : Daniel323  <--- Please ban or Lock that Account and delete the Thread
Looks like this Account got hacked or sold , Registered since February 17, 2022

Fake Ann Thread :  [ANN] ARSAGILITY - secure, private and instant [Ghostrider]

Coin Name: ARSAGILITY
Wallets
Windows:
Code:
https://github.com/Arsagility/arsg/releases/download/2.7.14.72/arsa-win-2.7.14.72.zip
Our socials
site: https://arsagility.org/

Virustotal : https://www.virustotal.com/gui/file/ce19e2ef68373ab6f7b18d2fd25c0da193f7bd14f591509aa82c03b24783de44/detection

Original Ann Thread :  [ANN] ARGY - Arsa Core of ARSAGILITY ~ Come and Join The Game

Account : gharrison

Coin Name: ARSAGILITY
Github: https://github.com/arsa-hub/arsa
Websites: https://arsagility.org/



And we have again a new Fake Ann with a new Fake Github Account for USA Coin !

The Fake Github was just created 2 Hours ago.

Fake Github : github.com/US-Coin
Real Github : github.com/usacoin

Account : psertakil  <--- Please ban or Lock that Account and delete the Thread
This user recently woke up from a long period of inactivity.

Fake Ann Thread : [ANN] USA Coin - New Reality Of Wealth


Virustotal : https://www.virustotal.com/gui/file/b2fba44034dbeafeb92e1fb6143e332e2486114e586b853f37a748c3366cd7ec/detection

This post is also a reference for the Github Report ![/b]
legendary
Activity: 3136
Merit: 3213
And there is again a new Fake Ann Thread with a new Fake Github Account with Malware for DoubleNode !

The Fake Github Account was just created 1 Hour ago.

Fake Github : github.com/DoubleNodeCoin
Real Github : github.com/DoubleNode

Account : Henrique250  <--- Please ban or Lock that Account and delete the Thread
The Account is Registered since September 08, 2017 without any post , possible Hacked or sold Account.

Fake Ann Thread :  [Pre-ANN] DoubleNode - experimental mining project [ProgPow/MN]

Wallet
Code:
https://github.com/DoubleNodeCoin/Experimental/releases/download/1.1.1/doublenodecore.zip

A testnet is currently being conducted to test all systems. Coins mined on the testnet will be transferred to the mainnet in a 1:1 ratio
First Red Flag
is that normaly no Coins mined from the testnet will be transferred to the mainnet.

Next Red Flag is:
When you install the Github download file it will create a lot of bad things.
One of them is the File C:\Windows\Supremo.exe that is a Remote Control Program.
Virsutotal : https://www.virustotal.com/gui/file/79c7262e1335c522daa70fc65fb58b1435b28e0bbf2b21a88d6c03f8135a4da5/behavior



And again there is another new Fake Ann with a new Fake Github Account for nikitonium !

Fake Github was created 1 Hour ago.

Fake Github : github.com/nikitoniums
Real Github : github.com/nikitonium

Account : mrhakas565  <--- Please ban or Lock that Account and delete the Thread
Looks like the Account got hacked.

Fake Ann Thread :  [ANN] WBS - without blockchain and compromise system (CPU algo)

Our wallets
Code:
Windows: https://github.com/nikitoniums/nikito-wbs/releases/download/2.0.2.3/nikitonium-core-2.0.2.3.zip
Linux: https://github.com/nikitoniums/nikito-wbs/releases/download/2.0.2.3/ubuntu-nikitonium-2.0.2.3.tar.gz

Our socials
Website: https://nikitonium.com/
Discord: https://discord.gg/QFSvSuvgGq

Original Ann Thread : [ANN] WITHOUT A BLOCKCHAIN, $NIKI CANNOT EXIST

Account : nikitonium


This post is also a reference for the Github Report !
legendary
Activity: 3136
Merit: 3213
And we have again a new Fake Ann Thread with an Fake Github Account for nikitonium !

Fake Github was just created 5 Hours ago.

Fake Github : github.com/nikitonum
Real Github : github.com/nikitonium

Account : voelker  <--- Please ban or Lock that Account and delete the Thread
Registered on January 31, 2016 and today first post , possible hacked or sold Account

Fake Ann Thread : [ANN] [NIK] Nikitonum - Secure Cryptocurrency Blockchain (Ghostrider)

Windows:
Code:
https://github.com/nikitonum/nikito/releases/download/2.0.2.3/windows-nikito-2.0.2.3.zip

Original Ann Thread : [ANN] WITHOUT A BLOCKCHAIN, $NIKI CANNOT EXIST

Account : nikitonium


This post is also a reference for the Github Report !
legendary
Activity: 3136
Merit: 3213
And we have a new Fake Ann with an Fake Github Malware download Link for Etica !

Fake github : github.com/etilca
Real Github : github.com/etica

Account : Redox778  <--- Please ban or Lock that Account and delete the Thread
Looks like that Account got hacked as the last year it just posted in the Bountie section.

Fake Ann Thread :  [ANN] ETICA - open source medical research (Rework blockchain/ETChash)

Code:
https_://github.com/etilca/etlca-gui/releases/download/1.0.7/Windows-eticawallet-1.0.7.zip/

Original Ann Thread : [ETI] Etica - A cryptocurrency for Open Source medical research

Account : etica




And again from a other User posted the same Fake Ann and Fake Github  !

Account : tasin78  <--- Please ban or Lock that Account and delete the Thread
Looks like this Account also got hacked or sold.

Fake Ann Thread : ETICA COIN - open source protocol for medical research (etchash)

Wallets
Code:
https://github.com/etilca/etlca-gui/releases/download/1.0.7/Windows-eticawallet-1.0.7.zip


This post is also a reference for the Github Report !
legendary
Activity: 3136
Merit: 3213
This user appears again with his fake ANN, even though he has been tagged by you, at least I am reporting again here so that this user is banned.
Thanks for keeping your eyes open and reporting this kind of posts and topics.
Yeah it was late when i saw that user and just tagged him and reported the thread , would have written it the other day but you was faster.
Oh and can you please use the code function and edit your last posts so that nobody can click on the Links , would be nice.

Looks like after a short break they starting again to post there Malware shit Links , but i am ready.

Although I could be wrong though and this account really is hacked but that's unlikely since the hacker won't really get anything out of hacking this account wouldn't they?
They dont care about the Accounts or what is related to them , they just want to spread there Fake Malware Links and sometimes somenody falls in that trap.
Then they can use this Account again and doing the same with it and on top of that they get all his coins if they lucky.
sr. member
Activity: 1666
Merit: 426
This user has 282 activities and suddenly spreads a trojan with a fake ANN, maybe this account was hacked.
I've checked the 5 pages of his post and it's just bounty related posts so I might not be too inclined to believed that this account is hacked, there's not a lot of effort invested in this account so it's easy for him to just use it to share a Trojan, if I were on that person's shoes and there's an opportunity for me to do it with an account that has some significant activity to hide my intentions (sharing links in the posts most of the time so it's likely that someone will click on my links without thinking about it.), I would probably do it too. Although I could be wrong though and this account really is hacked but that's unlikely since the hacker won't really get anything out of hacking this account wouldn't they?
sr. member
Activity: 294
Merit: 433
HODL - BTC
This user appears again with his fake ANN, even though he has been tagged by you, at least I am reporting again here so that this user is banned.

ANN Fake: [ANN] [OGR] OgreCoin (Ghostrider)
User: vesko_savov - Please ban this user and lock the thread.

legendary
Activity: 3136
Merit: 3213
There was recently a fake Ann with a trojan in the Github download.

Fake Gituhub: github.com/AgloranProject
User: Lonyee665 - This user has 282 activities and suddenly spreads a trojan with a fake ANN, maybe this account was hacked.
ANN Fake: [ANN] [AGL] Agloran - perfect health area [FiroPow/Fast exchanges]

Virustotal : https://www.virustotal.com/gui/file/278356ef057c422d04bc8d4d46e5c05ebac66b6b1cccfb8b5738aed161dd8385
Yeb you are right its a Fake Ann Topic with a new Fake Github Account with malware download Link !
The Fake Github Account was just created 39 Minutes ago

The downloaded File also create and starts the same PhoenixMinerReborn.exe as the last 2 other Fake Ann downloads.
Code:
C:\Users\user\AppData\Local\Temp\IXP000.TMP\PhoenixMinerReborn.exe
Source : https://www.virustotal.com/gui/file/278356ef057c422d04bc8d4d46e5c05ebac66b6b1cccfb8b5738aed161dd8385/behavior
sr. member
Activity: 294
Merit: 433
HODL - BTC
There was recently a fake Ann with a trojan in the Github download.

Fake Gituhub: github.com/AgloranProject
User: Lonyee665 - This user has 282 activities and suddenly spreads a trojan with a fake ANN, maybe this account was hacked.
ANN Fake: [ANN] [AGL] Agloran - perfect health area [FiroPow/Fast exchanges]

Virustotal : https://www.virustotal.com/gui/file/278356ef057c422d04bc8d4d46e5c05ebac66b6b1cccfb8b5738aed161dd8385

legendary
Activity: 3136
Merit: 3213
We have another Fake Ann with an Fake Github Account that have a Trojan and Malware download Link for OgreCoin !

The Fake Github was just created 2 Hours ago.

Fake Github : github.com/Ogrecoin

Account : jfedirolaret  <--- Please ban or Lock that Account and delete the Thread
This user recently woke up from a long period of inactivity.
The Account is Registered since October 03, 2021 , hacked or sold Account

Fake Ann Thread :  [ANN] [OGR] OgreCoin - meme token destroyer, WHOAAA (Ghostrider)

Ogre wallet
Code:
https://github.com/Ogrecoin/OgreOgre/releases/tag/0.0.1

Virsutotal Link : https://www.virustotal.com/gui/file/11606965da6486074fb915e7e80078180f1403c5a7e859a3b323c35b93b8d722?nocache=1

The strange thing here is the behavior of the File when it gets installed and started.
It create this file here and starts it when the Fake Wallet file gets started.
Code:
C:\Users\\AppData\Local\Temp\IXP000.TMP\PhoenixMinerReborn.exe
Source : https://www.virustotal.com/gui/file/11606965da6486074fb915e7e80078180f1403c5a7e859a3b323c35b93b8d722/behavior



And the same Fake Ann and a Fake Github Account we got here for ARMATA  !


The Fake Github Account was just created 16 Hours ago.

Fake Github : github.com/ArmataProject

Account : Taretionks  <--- Please ban or Lock that Account and delete the Thread
This user recently woke up from a long period of inactivity.
The Account is Registered since October 03, 2021 , hacked or sold Account

Our Github
Code:
https://github.com/ArmataProject/Armata

Virustotal : https://www.virustotal.com/gui/file/c89f4761d9c3d70068a16521911391aa9efebdb796f26744a92f08702c71d6fb/detection

And same here there will be a file created with name PhoenixMinerReborn.exe
Code:
C:\Users\\AppData\Local\Temp\IXP000.TMP\PhoenixMinerReborn.exe
Source : https://www.virustotal.com/gui/file/c89f4761d9c3d70068a16521911391aa9efebdb796f26744a92f08702c71d6fb/behavior

This post is also a reference for the Github Report !
legendary
Activity: 3136
Merit: 3213
One comrade here is spamming with his miner, in which virustotal detected a trojan. I don't know if the fact that only two virustotal antivirus engines detected a trojan in this file is enough.
Its enough and the detections from Virustotal are not false positive and you was right to report them here.
Thanks for keeping your eyes open , i also reported posts from all 2 Users and they are already deleted.
I also reanalyzed the file again on Virustotal and it got now 3 detections , thanks again for let me know about that.
legendary
Activity: 3136
Merit: 3213
And we have a new Fake Miner Topic with a new Fake download Github Account Link with Malware for Pooler CPUMiner !

The Fake Github Account was created 3 days ago.

Fake Github : github.com/poooIer/cpuminer
Real Github : github.com/pooler/cpuminer

Account : BitTargetPlus  <--- Please ban or Lock that Account and delete the Thread
Its a new Fake Account from the Hackers and was just Registered yesterday.

Fake Miner Thread :
The latest release of Pooler CPUMiner v2.5.2 is now available.

Current Version: 2.5.2 (Okt 19, 2023)
Code:
https://github.com/poooIer/cpuminer/blob/v2.5.2
There is no new Version of that CpuMiner!

Original CpuMiner Thread :  An (even more) optimized version of cpuminer (pooler's cpuminer, CPU-only)

Account :  pooler

Current Version: 2.5.1 (Jun 25, 2020)
https://github.com/pooler/cpuminer

This post is also a reference for the Github Report !
Pages:
Jump to: