November 21, 2024, 09:57:31 AM

Welcome, Guest

News: Latest Bitcoin Core release: 28.0 [Torrent]

Bitcoin Forum>Other>Meta

Pages:

«
6
7
8
9
10
11
12
13
14
15
»

Author

Topic: Report Malware and Suspicious Links here so Mods can take Action ! - page 11. (Read 36997 times)

BABY SHOES

sr. member

Activity: 294

Merit: 433

HODL - BTC

Newbie accounts spread the virus on meta boards and local india boards with Trading AI Tool.

user: ddoxer889 - Please ban this user and lock the thread.
ANN: Trading AI Tool / Trading AI Tool

Code:

[url=https://transfer.sh/MadLG7DuLG/Trading%20AI%20Tool.zip]https://transfer.sh/MadLG7DuLG/Trading%20AI%20Tool.zip[/url]

Virustotal: https://www.virustotal.com/gui/url/88da53b771ed7fa6392a003168cedf076e78eede18d8a426bd583219a7396e51/detection

Lafu

legendary

Legendary level

Activity: 3136

Merit: 3213

And again we have a new Fake Ann Thread with a new Fake Github Malware download Link for Capybara coin !

Fake Github Files was just uploaded 40 Minutes ago.

Fake Github : github.com/xaMWVUnT/capybara/
Real Github : github.com/Capybaraworld/

Account : Dmengeon2 <--- Please ban or Lock that Account and delete the Thread
Registered since October 31, 2017 , Hacked or sold Account

Fake Ann Thread : Capybara coin - scrypt animal coin (Not another animal coin)

Quote from: ?? on ??

Wallets
Windows:

Code:

https://github.com/xaMWVUnT/capybara/blob/main/capybara-win64.zip

Virustotal : https://www.virustotal.com/gui/file/5ab74c83f8df2dd95e83e220bb2b0e3bf63b24aa7043b5cdd38f4ca7f6360ae0/behavior

Code:

C:\Windows\Supremo.exe
C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe

When you install the Fake Github download file it will create a lot of bad things.
One of them is the File C:\Windows\Supremo.exe that is a Remote Control Program

This post is also a reference for the Github Report !

Lafu

legendary

Legendary level

Activity: 3136

Merit: 3213

And we have another new Fake Ann Thread with an Fake Github download Link for Nevermore !

Fake Github : github.com/thelifebeautifulguru
Real Github : github.com/evrmoreorg

Account : Krissh_369 <--- Please ban or Lock that Account and delete the Thread
This user recently woke up from a long period of inactivity.
Registered since April 21, 2020 , hacked or sold Account

Fake Ann Thread : [ANN] Nevermore - blockchain for DeFI (Fork Evrmore) (GPU mining)

Quote from: ?? on ??

Wallets
Windows:

Code:

https://github.com/thelifebeautifulguru/Nvrmore/releases/download/2.1.0/nevermore-v2.1.0-win64.zip

For More Information:
discord.gg/4csauGuvw3

Original Ann Thread : [ANN] Evrmore [EVR] Blockchain | ProgPoW GPU Mining | The Ravencoin fork for DeF

Account : hans_schmidt

Quote from: hans_schmidt on October 11, 2022, 05:37:50 PM

For More Information:
https://github.com/evrmoreorg
discord.gg/4csauGuvw3

This post is also a reference for the Github Report !

Lafu

legendary

Legendary level

Activity: 3136

Merit: 3213

And we have new Fake Ann Topics with Malware download Links again , now with Short Links !

The Short Links are directing to the Fake Github Account download page!

Quote from: ?? on ??

Windows:

Code:

https://shorturl.at/dzET7

With http://getlinkinfo.com you will get all the Information you need and you see the Fake Github Account !
GetLinkInfo for that used Short Link : Result

Fake Github : github.com/nikitonum
Real Github : github.com/nikitonium

Account : mah0099 <--- Please ban or Lock that Account and delete the Thread
This user recently woke up from a long period of inactivity.
Registered since August 02, 2020 , hacked or sold Account

Fake Ann Thread : [ANN] SUB - sub network for workspace (Mineable)

Quote from: ?? on ??

Windows:

Code:

https://shorturl.at/dzET7

And again a new Fake Ann with a new Fake Github Account showed up this time for BlackCode !

Fake Github just got created 1 Hour ago and looks like it got already deleted.

Fake Github : github.com/BlackCodeBlockchain

Virustotal Malware and Trojan detections : https://www.virustotal.com/gui/file/bc2b3e767d1c973f8a1d5f70fa44f3bef1cda849e8520aca17833ba8833d956e/behavior
Files that will get installed here again:

Quote from: ?? on ??

LINKS

Code:

Github: https://github.com/BlackCodeBlockchain/CoreWallets/releases/tag/2.1.2

This post is also a reference for the Github Report !

light_warrior

copper member

Activity: 588

Merit: 926

Quote from: Lafu on November 10, 2023, 12:12:06 PM

The Fake Github Account was just created 1 Hour ago.

Can I ask you a question? How do you determine the time and date when a Github account was created? I found three threads created by the accounts you marked in red and I wanted to see the time the accounts were created on Github, but I didn't see that information there.

https://bitcointalksearch.org/topic/--5473646
https://bitcointalksearch.org/topic/--5473647
https://bitcointalksearch.org/topic/--5473645

Lafu

legendary

Legendary level

Activity: 3136

Merit: 3213

And we have a new Fake Ann Thread with a new Fake Github Account for Subi Network !

The Fake Github Account was just created 1 Hour ago.

Fake Github : github.com/VirtualRealityProject
Real Github : github.com/subinetwork

Account : alinyous <--- Please ban or Lock that Account and delete the Thread
Looks like this Account got hacked or sold , Registered since May 25, 2018.

Fake Ann Thread : [ANN] VRT - virtual reality project (Ghostrider/Exchange 20/11/2023)

Quote from: ?? on ??

Subi Network's combination of public and private blockchain technologies for unparalleled gaming experiences in virtual reality
WALLETS
Windows:

Code:

https://github.com/VirtualRealityProject/VRNetwork/releases/download/1.1.2.4/subi-win-1.1.2.4.zip

Original Website : https://subinetwork.com/

Quote

Subi Network combine public and private blockchain technologies to create unparalleled gaming experiences based on virtual reality.

Source : https://subinetwork.com/

This post is also a reference for the Github Report !

Lafu

legendary

Legendary level

Activity: 3136

Merit: 3213

And we have again a new Fake Ann Thread with a new Fake Github Account with Malware download Link for ARSAGILITY !

The Fake Github Account was just created 20 Minutes ago.

Fake Github : github.com/Arsagility
Real Github : github.com/arsa-hub

Account : Daniel323 <--- Please ban or Lock that Account and delete the Thread
Looks like this Account got hacked or sold , Registered since February 17, 2022

Fake Ann Thread : [ANN] ARSAGILITY - secure, private and instant [Ghostrider]

Quote from: ?? on ??

Coin Name: ARSAGILITY
Wallets
Windows:

Code:

https://github.com/Arsagility/arsg/releases/download/2.7.14.72/arsa-win-2.7.14.72.zip

Our socials
site: https://arsagility.org/

Virustotal : https://www.virustotal.com/gui/file/ce19e2ef68373ab6f7b18d2fd25c0da193f7bd14f591509aa82c03b24783de44/detection

Original Ann Thread : [ANN] ARGY - Arsa Core of ARSAGILITY ~ Come and Join The Game

Account : gharrison

Quote from: gharrison on June 01, 2023, 07:12:57 PM

Coin Name: ARSAGILITY
Github: https://github.com/arsa-hub/arsa
Websites: https://arsagility.org/

And we have again a new Fake Ann with a new Fake Github Account for USA Coin !

The Fake Github was just created 2 Hours ago.

Fake Github : github.com/US-Coin
Real Github : github.com/usacoin

Account : psertakil <--- Please ban or Lock that Account and delete the Thread
This user recently woke up from a long period of inactivity.

Fake Ann Thread : [ANN] USA Coin - New Reality Of Wealth

Quote from: ?? on ??

https://github.com/US-Coin/Core/releases/tag/v1.0.0

Virustotal : https://www.virustotal.com/gui/file/b2fba44034dbeafeb92e1fb6143e332e2486114e586b853f37a748c3366cd7ec/detection

This post is also a reference for the Github Report ![/b]

Lafu

legendary

Legendary level

Activity: 3136

Merit: 3213

And there is again a new Fake Ann Thread with a new Fake Github Account with Malware for DoubleNode !

The Fake Github Account was just created 1 Hour ago.

Fake Github : github.com/DoubleNodeCoin
Real Github : github.com/DoubleNode

Account : Henrique250 <--- Please ban or Lock that Account and delete the Thread
The Account is Registered since September 08, 2017 without any post , possible Hacked or sold Account.

Fake Ann Thread : [Pre-ANN] DoubleNode - experimental mining project [ProgPow/MN]

Quote from: ?? on ??

Wallet

Code:

https://github.com/DoubleNodeCoin/Experimental/releases/download/1.1.1/doublenodecore.zip

A testnet is currently being conducted to test all systems. Coins mined on the testnet will be transferred to the mainnet in a 1:1 ratio

First Red Flag
is that normaly no Coins mined from the testnet will be transferred to the mainnet.

Next Red Flag is:
When you install the Github download file it will create a lot of bad things.
One of them is the File C:\Windows\Supremo.exe that is a Remote Control Program.
Virsutotal : https://www.virustotal.com/gui/file/79c7262e1335c522daa70fc65fb58b1435b28e0bbf2b21a88d6c03f8135a4da5/behavior

And again there is another new Fake Ann with a new Fake Github Account for nikitonium !

Fake Github was created 1 Hour ago.

Fake Github : github.com/nikitoniums
Real Github : github.com/nikitonium

Account : mrhakas565 <--- Please ban or Lock that Account and delete the Thread
Looks like the Account got hacked.

Fake Ann Thread : [ANN] WBS - without blockchain and compromise system (CPU algo)

Quote from: ?? on ??

Our wallets

Code:

Windows: https://github.com/nikitoniums/nikito-wbs/releases/download/2.0.2.3/nikitonium-core-2.0.2.3.zip
Linux: https://github.com/nikitoniums/nikito-wbs/releases/download/2.0.2.3/ubuntu-nikitonium-2.0.2.3.tar.gz

Our socials
Website: https://nikitonium.com/
Discord: https://discord.gg/QFSvSuvgGq

Original Ann Thread : [ANN] WITHOUT A BLOCKCHAIN, $NIKI CANNOT EXIST

Account : nikitonium

Quote from: nikitonium on November 06, 2023, 11:32:29 AM

Windows :
https://github.com/nikitonium/nikito/releases/download/2.0.2.3/windows-nikito-2.0.2.3.zip

Website: https://nikitonium.com/
Discord: https://discord.gg/QFSvSuvgGq

This post is also a reference for the Github Report !

Lafu

legendary

Legendary level

Activity: 3136

Merit: 3213

And we have again a new Fake Ann Thread with an Fake Github Account for nikitonium !

Fake Github was just created 5 Hours ago.

Fake Github : github.com/nikitonum
Real Github : github.com/nikitonium

Account : voelker <--- Please ban or Lock that Account and delete the Thread
Registered on January 31, 2016 and today first post , possible hacked or sold Account

Fake Ann Thread : [ANN] [NIK] Nikitonum - Secure Cryptocurrency Blockchain (Ghostrider)

Quote from: ?? on ??

Windows:

Code:

https://github.com/nikitonum/nikito/releases/download/2.0.2.3/windows-nikito-2.0.2.3.zip

Original Ann Thread : [ANN] WITHOUT A BLOCKCHAIN, $NIKI CANNOT EXIST

Account : nikitonium

Quote from: nikitonium on November 06, 2023, 11:32:29 AM

Windows :
https://github.com/nikitonium/nikito/releases/download/2.0.2.3/windows-nikito-2.0.2.3.zip

This post is also a reference for the Github Report !

Lafu

legendary

Legendary level

Activity: 3136

Merit: 3213

And we have a new Fake Ann with an Fake Github Malware download Link for Etica !

Fake github : github.com/etilca
Real Github : github.com/etica

Account : Redox778 <--- Please ban or Lock that Account and delete the Thread
Looks like that Account got hacked as the last year it just posted in the Bountie section.

Fake Ann Thread : [ANN] ETICA - open source medical research (Rework blockchain/ETChash)

Quote from: ?? on ??

Code:

https_://github.com/etilca/etlca-gui/releases/download/1.0.7/Windows-eticawallet-1.0.7.zip/

Original Ann Thread : [ETI] Etica - A cryptocurrency for Open Source medical research

Account : etica

Quote from: etica on August 24, 2022, 05:26:42 AM

Wallet
https://github.com/etica/etica-gui/releases

And again from a other User posted the same Fake Ann and Fake Github !

Account : tasin78 <--- Please ban or Lock that Account and delete the Thread
Looks like this Account also got hacked or sold.

Fake Ann Thread : ETICA COIN - open source protocol for medical research (etchash)

Quote from: ?? on ??

Wallets

Code:

https://github.com/etilca/etlca-gui/releases/download/1.0.7/Windows-eticawallet-1.0.7.zip

This post is also a reference for the Github Report !

Lafu

legendary

Legendary level

Activity: 3136

Merit: 3213

Quote from: BABY SHOES on November 03, 2023, 07:01:08 PM

This user appears again with his fake ANN, even though he has been tagged by you, at least I am reporting again here so that this user is banned.

Thanks for keeping your eyes open and reporting this kind of posts and topics.
Yeah it was late when i saw that user and just tagged him and reported the thread , would have written it the other day but you was faster.
Oh and can you please use the code function and edit your last posts so that nobody can click on the Links , would be nice.

Looks like after a short break they starting again to post there Malware shit Links , but i am ready.

Quote from: pinggoki on November 03, 2023, 09:51:22 PM

Although I could be wrong though and this account really is hacked but that's unlikely since the hacker won't really get anything out of hacking this account wouldn't they?

They dont care about the Accounts or what is related to them , they just want to spread there Fake Malware Links and sometimes somenody falls in that trap.
Then they can use this Account again and doing the same with it and on top of that they get all his coins if they lucky.

BABY SHOES

sr. member

Activity: 294

Merit: 433

HODL - BTC

I found two fake ANNs spreading viruses via download links on github!

ANN Fake: [INS] InternetSecurity - protect you from phishing attempts [CPU mining]][ANN] [INS] InternetSecurity - protect you from phishing attempts [CPU mining]
User: js2105 - Please ban this user and lock the thread.

Virustotal: https://www.virustotal.com/gui/file/1aa7a5d6aa38f4e5a4b641ccf6d5d7bdf4a96b86059b457e8cd0b49f00544008/detection

Quote from: ?? on ??

Wallets
Windows: https://github.com/InternetSec/InternetSec/releases/tag/1.2.1
Source: https://github.com/InternetSec/InternetSec/

ANN Fake: [ANN] [BRV] BitcoinRivera - most security system [Scrypt]
User: Bitcoin@111 - Please ban this user and lock the thread.

Virustotal: https://www.virustotal.com/gui/file/c8f05286290cb9bc4f62c0330aed2be4f43da5f6e9c00f87e76117cfcefc5dcc

Quote from: ?? on ??

Wallets
Windows: https://github.com/BitcoinRivera/BRV/releases/download/1.0.0/BitcoinRiveraCore.zip
Linux: coming soon

What we see again is that the file is created with the name PhoenixMinerReborn.exe.
As @Lafu reported here.

Code:

C:\Users\\AppData\Local\Temp\IXP000.TMP\PhoenixMinerReborn.exe

https://www.virustotal.com/gui/file/c8f05286290cb9bc4f62c0330aed2be4f43da5f6e9c00f87e76117cfcefc5dcc/behavior

pinggoki

sr. member

Activity: 1666

Merit: 426

Quote from: BABY SHOES on November 03, 2023, 09:23:22 AM

This user has 282 activities and suddenly spreads a trojan with a fake ANN, maybe this account was hacked.

I've checked the 5 pages of his post and it's just bounty related posts so I might not be too inclined to believed that this account is hacked, there's not a lot of effort invested in this account so it's easy for him to just use it to share a Trojan, if I were on that person's shoes and there's an opportunity for me to do it with an account that has some significant activity to hide my intentions (sharing links in the posts most of the time so it's likely that someone will click on my links without thinking about it.), I would probably do it too. Although I could be wrong though and this account really is hacked but that's unlikely since the hacker won't really get anything out of hacking this account wouldn't they?

BABY SHOES

sr. member

Activity: 294

Merit: 433

HODL - BTC

Quote from: Lafu on November 03, 2023, 08:09:14 AM

Fake Ann Thread : [ANN] [OGR] OgreCoin - meme token destroyer, WHOAAA (Ghostrider)

This user appears again with his fake ANN, even though he has been tagged by you, at least I am reporting again here so that this user is banned.

ANN Fake: [ANN] [OGR] OgreCoin (Ghostrider)
User: vesko_savov - Please ban this user and lock the thread.

Quote from: ?? on ??

Ogre wallet
Github: https://github.com/OgreProject/Ogre/releases/tag/1.0.0
Source: https://github.com/OgreProject/Ogre/blob/main/Ogrecoin-master.zip

Lafu

legendary

Legendary level

Activity: 3136

Merit: 3213

Quote from: BABY SHOES on November 03, 2023, 09:23:22 AM

There was recently a fake Ann with a trojan in the Github download.

Fake Gituhub: github.com/AgloranProject
User: Lonyee665 - This user has 282 activities and suddenly spreads a trojan with a fake ANN, maybe this account was hacked.
ANN Fake: [ANN] [AGL] Agloran - perfect health area [FiroPow/Fast exchanges]

Virustotal : https://www.virustotal.com/gui/file/278356ef057c422d04bc8d4d46e5c05ebac66b6b1cccfb8b5738aed161dd8385

Yeb you are right its a Fake Ann Topic with a new Fake Github Account with malware download Link !
The Fake Github Account was just created 39 Minutes ago

The downloaded File also create and starts the same PhoenixMinerReborn.exe as the last 2 other Fake Ann downloads.

Code:

C:\Users\user\AppData\Local\Temp\IXP000.TMP\PhoenixMinerReborn.exe

Source : https://www.virustotal.com/gui/file/278356ef057c422d04bc8d4d46e5c05ebac66b6b1cccfb8b5738aed161dd8385/behavior

BABY SHOES

sr. member

Activity: 294

Merit: 433

HODL - BTC

There was recently a fake Ann with a trojan in the Github download.

Fake Gituhub: github.com/AgloranProject
User: Lonyee665 - This user has 282 activities and suddenly spreads a trojan with a fake ANN, maybe this account was hacked.
ANN Fake: [ANN] [AGL] Agloran - perfect health area [FiroPow/Fast exchanges]

Virustotal : https://www.virustotal.com/gui/file/278356ef057c422d04bc8d4d46e5c05ebac66b6b1cccfb8b5738aed161dd8385

Lafu

legendary

Legendary level

Activity: 3136

Merit: 3213

We have another Fake Ann with an Fake Github Account that have a Trojan and Malware download Link for OgreCoin !

The Fake Github was just created 2 Hours ago.

Fake Github : github.com/Ogrecoin

Account : jfedirolaret <--- Please ban or Lock that Account and delete the Thread
This user recently woke up from a long period of inactivity.
The Account is Registered since October 03, 2021 , hacked or sold Account

Fake Ann Thread : [ANN] [OGR] OgreCoin - meme token destroyer, WHOAAA (Ghostrider)

Quote from: ?? on ??

Ogre wallet

Code:

https://github.com/Ogrecoin/OgreOgre/releases/tag/0.0.1

Virsutotal Link : https://www.virustotal.com/gui/file/11606965da6486074fb915e7e80078180f1403c5a7e859a3b323c35b93b8d722?nocache=1

The strange thing here is the behavior of the File when it gets installed and started.
It create this file here and starts it when the Fake Wallet file gets started.

Code:

C:\Users\\AppData\Local\Temp\IXP000.TMP\PhoenixMinerReborn.exe

Source : https://www.virustotal.com/gui/file/11606965da6486074fb915e7e80078180f1403c5a7e859a3b323c35b93b8d722/behavior

And the same Fake Ann and a Fake Github Account we got here for ARMATA !

The Fake Github Account was just created 16 Hours ago.

Fake Github : github.com/ArmataProject

Account : Taretionks <--- Please ban or Lock that Account and delete the Thread
This user recently woke up from a long period of inactivity.
The Account is Registered since October 03, 2021 , hacked or sold Account

Quote from: ?? on ??

Our Github

Code:

https://github.com/ArmataProject/Armata

Virustotal : https://www.virustotal.com/gui/file/c89f4761d9c3d70068a16521911391aa9efebdb796f26744a92f08702c71d6fb/detection

And same here there will be a file created with name PhoenixMinerReborn.exe

Code:

C:\Users\\AppData\Local\Temp\IXP000.TMP\PhoenixMinerReborn.exe

Source : https://www.virustotal.com/gui/file/c89f4761d9c3d70068a16521911391aa9efebdb796f26744a92f08702c71d6fb/behavior

This post is also a reference for the Github Report !

Lafu

legendary

Legendary level

Activity: 3136

Merit: 3213

Quote from: light_warrior on October 27, 2023, 02:56:10 PM

One comrade here is spamming with his miner, in which virustotal detected a trojan. I don't know if the fact that only two virustotal antivirus engines detected a trojan in this file is enough.

Its enough and the detections from Virustotal are not false positive and you was right to report them here.
Thanks for keeping your eyes open , i also reported posts from all 2 Users and they are already deleted.
I also reanalyzed the file again on Virustotal and it got now 3 detections , thanks again for let me know about that.

light_warrior

copper member

Activity: 588

Merit: 926

One comrade here is spamming with his miner, in which virustotal detected a trojan. I don't know if the fact that only two virustotal antivirus engines detected a trojan in this file is enough.

bitbooster

https://bitcointalksearch.org/topic/re-ann-bitsense-bounty-distribution-2460715
https://bitcointalksearch.org/topic/bountyairdrop-buzzex-trade-at-up-to-100-discount-and-also-earn-in-revenue-5048062
https://bitcointalksearch.org/topic/annmintmecomcreate-your-own-coin-or-token-for-free-5195589

Link to virustotal

Code:

https://www.dropbox.com/scl/fi/o05mj6j7asredpbpd7kcs/Installer-Install-2023_v3x.1t.zip?rlkey=uvkxs4gid3dmea7ieomkspwhq&dl=1

UPD

Another comrade is circulating the same link

kerncc1

https://bitcointalksearch.org/topic/where-to-fix-your-asic-miners-5297994
https://bitcointalksearch.org/topic/bitcrack-a-tool-for-brute-forcing-private-keys-4453897
https://bitcointalksearch.org/topic/bitcrack-a-tool-for-brute-forcing-private-keys-4453897

Lafu

legendary

Legendary level

Activity: 3136

Merit: 3213

And we have a new Fake Miner Topic with a new Fake download Github Account Link with Malware for Pooler CPUMiner !

The Fake Github Account was created 3 days ago.

Fake Github : github.com/poooIer/cpuminer
Real Github : github.com/pooler/cpuminer

Account : BitTargetPlus <--- Please ban or Lock that Account and delete the Thread
Its a new Fake Account from the Hackers and was just Registered yesterday.

Fake Miner Thread : The latest release of Pooler CPUMiner v2.5.2 is now available.

Quote from: ?? on ??

Current Version: 2.5.2 (Okt 19, 2023)

Code:

https://github.com/poooIer/cpuminer/blob/v2.5.2

There is no new Version of that CpuMiner!

Original CpuMiner Thread : An (even more) optimized version of cpuminer (pooler's cpuminer, CPU-only)

Account : pooler

Quote from: pooler on December 19, 2011, 11:27:00 AM

Current Version: 2.5.1 (Jun 25, 2020)
https://github.com/pooler/cpuminer

This post is also a reference for the Github Report !

Pages:

«
6
7
8
9
10
11
12
13
14
15
»

Bitcoin Forum>Other>Meta

Jump to: