Pages:
Author

Topic: Report Malware and Suspicious Links here so Mods can take Action ! - page 11. (Read 36657 times)

sr. member
Activity: 1498
Merit: 416
This user has 282 activities and suddenly spreads a trojan with a fake ANN, maybe this account was hacked.
I've checked the 5 pages of his post and it's just bounty related posts so I might not be too inclined to believed that this account is hacked, there's not a lot of effort invested in this account so it's easy for him to just use it to share a Trojan, if I were on that person's shoes and there's an opportunity for me to do it with an account that has some significant activity to hide my intentions (sharing links in the posts most of the time so it's likely that someone will click on my links without thinking about it.), I would probably do it too. Although I could be wrong though and this account really is hacked but that's unlikely since the hacker won't really get anything out of hacking this account wouldn't they?
sr. member
Activity: 294
Merit: 433
HODL - BTC
This user appears again with his fake ANN, even though he has been tagged by you, at least I am reporting again here so that this user is banned.

ANN Fake: [ANN] [OGR] OgreCoin (Ghostrider)
User: vesko_savov - Please ban this user and lock the thread.

legendary
Activity: 3136
Merit: 3213
There was recently a fake Ann with a trojan in the Github download.

Fake Gituhub: github.com/AgloranProject
User: Lonyee665 - This user has 282 activities and suddenly spreads a trojan with a fake ANN, maybe this account was hacked.
ANN Fake: [ANN] [AGL] Agloran - perfect health area [FiroPow/Fast exchanges]

Virustotal : https://www.virustotal.com/gui/file/278356ef057c422d04bc8d4d46e5c05ebac66b6b1cccfb8b5738aed161dd8385
Yeb you are right its a Fake Ann Topic with a new Fake Github Account with malware download Link !
The Fake Github Account was just created 39 Minutes ago

The downloaded File also create and starts the same PhoenixMinerReborn.exe as the last 2 other Fake Ann downloads.
Code:
C:\Users\user\AppData\Local\Temp\IXP000.TMP\PhoenixMinerReborn.exe
Source : https://www.virustotal.com/gui/file/278356ef057c422d04bc8d4d46e5c05ebac66b6b1cccfb8b5738aed161dd8385/behavior
sr. member
Activity: 294
Merit: 433
HODL - BTC
There was recently a fake Ann with a trojan in the Github download.

Fake Gituhub: github.com/AgloranProject
User: Lonyee665 - This user has 282 activities and suddenly spreads a trojan with a fake ANN, maybe this account was hacked.
ANN Fake: [ANN] [AGL] Agloran - perfect health area [FiroPow/Fast exchanges]

Virustotal : https://www.virustotal.com/gui/file/278356ef057c422d04bc8d4d46e5c05ebac66b6b1cccfb8b5738aed161dd8385

legendary
Activity: 3136
Merit: 3213
We have another Fake Ann with an Fake Github Account that have a Trojan and Malware download Link for OgreCoin !

The Fake Github was just created 2 Hours ago.

Fake Github : github.com/Ogrecoin

Account : jfedirolaret  <--- Please ban or Lock that Account and delete the Thread
This user recently woke up from a long period of inactivity.
The Account is Registered since October 03, 2021 , hacked or sold Account

Fake Ann Thread :  [ANN] [OGR] OgreCoin - meme token destroyer, WHOAAA (Ghostrider)

Ogre wallet
Code:
https://github.com/Ogrecoin/OgreOgre/releases/tag/0.0.1

Virsutotal Link : https://www.virustotal.com/gui/file/11606965da6486074fb915e7e80078180f1403c5a7e859a3b323c35b93b8d722?nocache=1

The strange thing here is the behavior of the File when it gets installed and started.
It create this file here and starts it when the Fake Wallet file gets started.
Code:
C:\Users\\AppData\Local\Temp\IXP000.TMP\PhoenixMinerReborn.exe
Source : https://www.virustotal.com/gui/file/11606965da6486074fb915e7e80078180f1403c5a7e859a3b323c35b93b8d722/behavior



And the same Fake Ann and a Fake Github Account we got here for ARMATA  !


The Fake Github Account was just created 16 Hours ago.

Fake Github : github.com/ArmataProject

Account : Taretionks  <--- Please ban or Lock that Account and delete the Thread
This user recently woke up from a long period of inactivity.
The Account is Registered since October 03, 2021 , hacked or sold Account

Our Github
Code:
https://github.com/ArmataProject/Armata

Virustotal : https://www.virustotal.com/gui/file/c89f4761d9c3d70068a16521911391aa9efebdb796f26744a92f08702c71d6fb/detection

And same here there will be a file created with name PhoenixMinerReborn.exe
Code:
C:\Users\\AppData\Local\Temp\IXP000.TMP\PhoenixMinerReborn.exe
Source : https://www.virustotal.com/gui/file/c89f4761d9c3d70068a16521911391aa9efebdb796f26744a92f08702c71d6fb/behavior

This post is also a reference for the Github Report !
legendary
Activity: 3136
Merit: 3213
One comrade here is spamming with his miner, in which virustotal detected a trojan. I don't know if the fact that only two virustotal antivirus engines detected a trojan in this file is enough.
Its enough and the detections from Virustotal are not false positive and you was right to report them here.
Thanks for keeping your eyes open , i also reported posts from all 2 Users and they are already deleted.
I also reanalyzed the file again on Virustotal and it got now 3 detections , thanks again for let me know about that.
legendary
Activity: 3136
Merit: 3213
And we have a new Fake Miner Topic with a new Fake download Github Account Link with Malware for Pooler CPUMiner !

The Fake Github Account was created 3 days ago.

Fake Github : github.com/poooIer/cpuminer
Real Github : github.com/pooler/cpuminer

Account : BitTargetPlus  <--- Please ban or Lock that Account and delete the Thread
Its a new Fake Account from the Hackers and was just Registered yesterday.

Fake Miner Thread :
The latest release of Pooler CPUMiner v2.5.2 is now available.

Current Version: 2.5.2 (Okt 19, 2023)
Code:
https://github.com/poooIer/cpuminer/blob/v2.5.2
There is no new Version of that CpuMiner!

Original CpuMiner Thread :  An (even more) optimized version of cpuminer (pooler's cpuminer, CPU-only)

Account :  pooler

Current Version: 2.5.1 (Jun 25, 2020)
https://github.com/pooler/cpuminer

This post is also a reference for the Github Report !
legendary
Activity: 3136
Merit: 3213
In this case you are not right BABY SHOES !

The Github you have posted is no Fake one and what you see in the Virustotal scan detection here
https://www.virustotal.com/gui/file/e5fd4a1d67f8366c67117a3a0a64385b4177adf4b66e45ae622d5e34a579c466?nocache=1 is a false postive detection one for miners.

This one here is fine and original Ann Thread:
SquishyCoin
Code:
https://github.com/sqcndev/SquishyCoin/releases/tag/v0.7.2
[ANN] Squishy Coin (SQCN) PoW / PoS | Equihash 200,9 --- June 23, 2023

This one here is for sure a Fake one and i guess soon there will be an fake github link edited in there.
sr. member
Activity: 294
Merit: 433
HODL - BTC
There is an old thread in June still not reported, because their site is active and also the shitcoin is traded on the Xeggex exchange after making a deeper search by checking the downloaded wallet and then checking in Virustotal detected Malware.
Even worse, they tried to create a new ANN with a new account to spread it, fortunately now we are reporting them.

Account name
ReactiveBitcoin Create Today
SquishyCoin 

ANN
[Re-ANN] [SQCN] SquishyCoin - rework and update coin [Equihash 200,9]
[ANN] Squishy Coin (SQCN) PoW / PoS | Equihash 200,9 --- June 23, 2023

Fake GitHub
Code:
https://github.com/sqcndev/SquishyCoin/releases/tag/v0.7.2

Detected
Code:
https://www.virustotal.com/gui/file/e5fd4a1d67f8366c67117a3a0a64385b4177adf4b66e45ae622d5e34a579c466?nocache=1

legendary
Activity: 3136
Merit: 3213
Another one with a newbie account makes malware spread by continuing to create ANNs that are locked. I will not get tired of reporting them.
Yes you are right with the last Fake Ann , the Fake Github github.com/SirkonaCoin was just created 4 Hours ago.
Nice to hear that you dont get tired of reporting them , thats for sure a big help fighting against this things.
Looks like they got not anymore hacked Accounts that they can use as the last ones new Accounts.
sr. member
Activity: 294
Merit: 433
HODL - BTC
Yes you are right as i have written a post earlier its always helpfull to collect the Fake Threads and there Links.
Its good to have some help against the Hackers and Malware spreading hacked User Accounts .
Yes we must continue to report in every thread that is suspicious of spreading malware here, most of what I find are newbie accounts that have just been registered.
Another one with a newbie account makes malware spread by continuing to create ANNs that are locked. I will not get tired of reporting them.

Account name: SirkonaMoment
ANN: [ANN] [KRS] Sirkona - safety communication [ProgPow]

Don't click
Code:
https://github.com/SirkonaCoin/Sirkona/releases/download/1.0.0/SirkonaProject-win-v1.0.0.zip
legendary
Activity: 3136
Merit: 3213
~~~~~~
Thanks afor keeping your eyes open and that reported the threads and things , i was just on the mobile earlier when i tagged the Account.
Yes you are right as i have written a post earlier its always helpfull to collect the Fake Threads and there Links.
Its good to have some help against the Hackers and Malware spreading hacked User Accounts .
sr. member
Activity: 294
Merit: 433
HODL - BTC
Spreading Malware with fake ANN Although it has been tagged by @Lafu today but I think it is necessary to report here and action,

Account name SirenaMoon - ban
Thread: [ANN] [SRN] SirenaProject - collective help for profit [FiroPOW/Mineable now] & [ANN] [SRN] SirenaProject - collective help for profit [Mineable now]

Code:
https://github.com/SirenaProject/SirenaCoin/blob/main/SirenaProject-main.zip

Check on Virustotal which detected Malware


Additional edits
Malware spreading fraudsters have created new accounts by creating the same thread and with the thread locked.

Account name CoronelsN

ANN
[ANN] [NSR] SIR - crypto messenger for communication (FiroPOW/Fast start)
sr. member
Activity: 294
Merit: 433
HODL - BTC
It seems that these gangs are not tired of continuing to spread malware by spreading it in self-moderated threads.
With accounts created in 2021 created simultaneously and now waking up again to spread it.

Account name:
Fatendisto - Create October 01, 2021, 06:38:54 PM
vikolkolpet - Create October 01, 2021, 06:40:37 PM
hafuterkina - Create October 01, 2021, 06:42:27 PM
jugujikolesad - Create October 01, 2021, 06:49:15 PM
Kerikostaw - Create October 01, 2021, 06:53:15 PM


ANN
Berto Coin - Your Very Own 3D Printed Bitcoin
Alfalah Coin - The Ultimate Crypto Innovation for Charity & Local Businesses
PID Coin - Empowering Internet Users with Personal Data Ownership
Modic Coin (MODIC) - Your Modern Investment Coin
StefanCoin - Your Politically Correct, Decentralized Coin


Fake Github
Code:
https://github.com/berto-coin/berto-coin/releases/tag/v1.2.0
https://github.com/Alfalah-Coin/Core/releases/tag/v1.1.3
https://github.com/Pid-Coin/Core/releases/tag/v1.1.1
https://github.com/Modic-Coin/modic-coin/releases/tag/v1.3.3
https://github.com/Stefan-Coin/Core/releases/tag/v1.0.2
The file size is the same as yesterday above


Checking on Virustotal detected a trojan virus/malware
Code:
https://www.virustotal.com/gui/file/1d5a517283b717ceb309b1a524de9e34d3ae9553f5111ba4b87be1c907e7e9a3
https://www.virustotal.com/gui/file/c47fde0015a1f5f3d39ffb4522b54f37c3528833ccca7b24e2839c9077388b3a?nocache=1
https://www.virustotal.com/gui/file/1362f6dd1a93d80b8134512f2848890b812326feb3c55b0cd95e1f6a4b38653c?nocache=1
https://www.virustotal.com/gui/file/a512218aa9ce5b4dd1619679d34ed8d944c08348ed5009840ac2721f37f4b088?nocache=1
https://www.virustotal.com/gui/file/4810f16c9f6dec19a9fe38405634a893cf12cbb1f78dfa84232356a84591a6df?nocache=1
sr. member
Activity: 294
Merit: 433
HODL - BTC
Found fake threads by spreading viruses from apps downloaded from fake GitHub,

ANN: https://bitcointalksearch.org/topic/--5467770
Account: tawaresder

Fake GitHub: (Created 41 minutes ago)
Code:
https://github.com/bitxor-coin/bitxor-coin/releases/tag/v1.0.3


Virustotal: https://www.virustotal.com/gui/file/545d03832a26a05559d378c2669c97e5af0a84303c3830b701afad496dc88559




ANN: https://bitcointalksearch.org/topic/--5467768
Account: Ujetanokilk

Fake GitHub: (Made a few hours ago)
Code:
https://github.com/thewebers-coin/thewebers-coin/releases/tag/v1.0.1
Virustotal: https://www.virustotal.com/gui/file/24e7c50efa47ecbd08a1e556b5c3e034b5e6f4d5c09fa7146865021bb12052ef





ANN: https://bitcointalksearch.org/topic/--5467764
Account: ikopreditero

Fake GitHub:
Code:
https://github.com/Scrooge-Coin/Scrooge-Coin/releases/tag/v1.2.1


Virustotal: https://www.virustotal.com/gui/file/c625324960a6c20b41472c901c6521a9bc92d75edaf0f42a45c93892fe1f5b11




ANN: https://bitcointalksearch.org/topic/--5467771
Account: gattokoter

Fake GitHub:
Code:
https://github.com/Capy-Coin/Core/releases/tag/v1.2.2


Virustotal: https://www.virustotal.com/gui/file/bf3e4c13e6f965d38d88087e8ef861d9acf2d8eb9398178e679c19d28214d2b7?nocache=1




ANN: https://bitcointalksearch.org/topic/--5467759
Account: likkosader

Fake GitHub:
Code:
https://github.com/Shmingus-Coin/Core/releases/tag/v1.1.0


Virustotal: https://www.virustotal.com/gui/file/c6bf52a2d0904e1ec337401ddebd782885e505ffc126f4a8838678d6ef2793bf
legendary
Activity: 3136
Merit: 3213
I discovered a fake topic here with a link to github. And there I downloaded and checked the file that this comrade advertises.
To Lafu, is that right?
Awesome light_warrior , nice catch on all that fake links and fake topics and thanks for keep your eyes open and reporting them and write in here.
Yes it is right how you have posted in here the last one and it helps a lot if i or the moderators or anybody else searching for.
Its easier to hunt the hackers down with that records in the future.
copper member
Activity: 588
Merit: 926
I discovered a fake topic here with a link to github. And there I downloaded and checked the file that this comrade advertises. Virustotal shows that this file is not safe. There's a trojan in there.

Link to topic - Litecoin Core integration/staging tree

The comrade who posted the topic - lafotihgyt Banned

Link to github

Code:
https://github.com/lite-coin/lite-coin/releases/tag/v1.3.3

Link to Virustotal

To Lafu, is that right?

UPD

I also found several other topics with the same content. The file names are different, but the content is the same

1. Commie Coin - Your Ticket to Financial Equality

Code:
https://github.com/commie-coin/commie-coin/releases/tag/v1.3.3

2. ServicesCoin - Empowering Small Businesses

Code:
https://github.com/services-coin/core/releases/tag/v1.1.3

3. CryptoNote Cryptocurrency Protocol Reference

Code:
https://github.com/medical-coin/core/releases/tag/v1.1.0
legendary
Activity: 3136
Merit: 3213
And we have a new Fake Ann Thread with a new Fake Github Account download link with Malware for Luckcoin!

Fake Github : github.com/luck-network

Account : CoinQuest  <--- Please ban or Lock that Account and delete the Thread
Last post from that Account was back in January 12, 2021 , hacked or sold Account

Fake Ann Thread : [ANN][2POW] Luck - A new consensus algorithm to eliminate large mining pools

Wallet
Code:
https://github.com/luck-network/LUCKcoin/releases

Original Ann Thread : [ANN][2POW] Luck - A new consensus algorithm to eliminate large mining pools

Account : Sherlock.Holmes

This post is also a reference for the Github Report !
Pages:
Jump to: