Report Malware and Suspicious Links here so Mods can take Action ! - page 29.

lovesmayfamilis

legendary

Activity: 2072

Merit: 4265

✿♥‿♥✿

After I discovered the plagiarism of the white paper, their support began to defend themselves, justifying their actions. . But upon further verification, it turned out that the wallet offered by this project also contains viruses.

Quote from: lovesmayfamilis on February 28, 2021, 06:52:56 AM

----------------------------------------------------------------------------------
What happened: Plagiarism whitepaper
https://bitcointalk.org/index.php?action=trust;flag=2650

ANN Thread: https://bitcointalksearch.org/topic/ann-pow-sha-256-bitcoin-black-core-black-coins-5320586
Archive link: https://loyce.club/archive/posts/5645/56454693.html
Profile link: https://bitcointalksearch.org/user/bitcoinblackcore-3103849
Website link: https://bitcoinblackcore.com/
Archive link: https://web.archive.org/web/20210213233405/https://bitcoinblackcore.com/
Whitepaper : https://bitcoinblackcore.com/whitepaper.pdf
Archive link: https://web.archive.org/web/20210228113950/https://bitcoinblackcore.com/whitepaper.pdf

https://www.virustotal.com/gui/file/8fa703462f38989c481d5ebec67066c155e7d23dda002b0daaf6db3f3874cdc1/detection

Lafu

legendary

Activity: 3220

Merit: 3509

Quote from: Mitchell on March 02, 2021, 12:43:33 PM

The bot was down for a while yesterday/this morning, but should be back in full force now

Looks like its working fine and well again !
As i have seen the post and was on the way to report it and then it was gone already .
Does the bot catching up after it has restarted and runs again with older posts and such things ?
I guess it does or ist just checking the new posted ones ?
Anyway as long it works again all is good .

Mitchell

copper member

Activity: 3948

Merit: 2201

Verified awesomeness ✔

Quote from: Lafu on March 02, 2021, 12:26:15 PM

[...]

Thanks to the Bot from Mitchell as they get deleted realy fast and quick, and its nearly impossible to report them when they show up.

The bot was down for a while yesterday/this morning, but should be back in full force now

Lafu

legendary

Activity: 3220

Merit: 3509

This post is just for the records so we got the Link and everybody can read it !
The link is a download Malware Link.

User : reme.mks

Post : https://bitcointalksearch.org/topic/phoenixminer-62c-fastest-ethereumethash-miner-with-lowest-devfee-winlinux-2647654 Post is already deleted

Thats what they are posting lately to catch Users to download there Shit

Quote

PhoenixMiner 5.5d - hotfix available

Notes
-Fixed global problems for video cards from Nvidia/AMD
-Fixed errors and crashes when the miner was running
-Improved work on Win7 and 10xx series video cards
-Increased hashrate on video cards series 20xx,30xx
-Increased hashrate on Ethash by an average of 15%
-Increased hashrate on ETCHash by an average of 10%
-Improved the work of the miner in general

Code:

Download
Windows: https://mega.nz/file/mdhiFZAB#cLm0_x93o4KKWRcrKJi48v9as8FOCnWuIavXENcmYiA
Linux: https://mega.nz/file/fMAwHJ6Y#asnB3mIBvZd7W5KrDqFO9Xpkybz_8MkL6IJExtf-xuY

Looks like we have reduced for a long time now the Scam on this cases with the Malware Links .
Thanks to the Bot from Mitchell as they get deleted realy fast and quick, and its nearly impossible to report them when they show up.

qwertyup23

hero member

Activity: 2296

Merit: 796

1. Malware from Github link and Fake Wallet

Thread: [ANN] SHITCOIN - (Share Holding Indelible Techology Coin) <---- DELETE

Profile Link: denibeg504
----> BRAND NEW

Archive: https://archive.fo/C0BsB

Virus Total Link/s:

Code:

https://mega.nz/folder/flwmhTgY#MF7xJmhnG7mCwqukWMo-fQ

Code:

https://mega.nz/folder/j8pSALJJ#K4kEp---cENRcoUIY-z-XQ

At first, I thought it was a false-positive on the first wallet but when I checked the second wallet a trojan horse virus was found.

Lafu

legendary

Activity: 3220

Merit: 3509

Quote from: qwertyup23 on February 16, 2021, 07:37:07 PM

1. Malware from Github link and Fake Wallet

Thread: [ANN][RAIN] RainbowGoldCoin & Hundreds of Millions in Bounties! <---- DELETE

Profile Link: liberiafreedom
----> BRAND NEW

Archive: https://archive.fo/Ji01J

Yeb and there is more as the Malware download ! There is some plagiarism also !
If you check the Ann that he has done there is some copy from XiaoMiCoin in there.

Quote from: ?? on ??

About Rain

RainbowGoldCoin
As our slogan suggests, this Cryptocurrency was built for the community and by the community.
We fully intend to implement the best practices, safe, fast, and secure transactions. Using
the Kimoto Gravity Well, assures, that this coin is as fair as it is beautiful & practical.
There are plenty of pump and dump coins out there. We simply do not believe in this get rich
fast attitude. We are developing an Android game that will reward RainbowGoldCoin to Top Scores
once per hour, with weekly, or even monthly Top Score Bonus's.
Use RainbowGoldCoin Today!

Quote

This Cryptocurrency was built for the community and by the community. We fully intend to implement the best practices, safe, fast, and secure transactions. Using the Kimoto Gravity Well, assures, that this coin is as fair as it is beautiful & practical. There are plenty of pump and dump coins out there. We simply do not believe in this get rich fast attitude. We are developing an Android game that will reward XiaoMiCoin to Top Scores once per hour, with weekly, or even monthly Top Score Bonus’s. Use XiaoMiCoin Today, a Peer-to-Peer Digital Cryptocurrency.

Source : https://cryptomining-blog.com/tag/xiaomicoin/ from 2014

And yes the User liberiafreedom should be banned for both or at least for one of this things.

qwertyup23

hero member

Activity: 2296

Merit: 796

1. Malware from Github link and Fake Wallet

Thread: [ANN][RAIN] RainbowGoldCoin & Hundreds of Millions in Bounties! <---- DELETE

Profile Link: liberiafreedom
----> BRAND NEW

Archive: https://archive.fo/Ji01J

Virus Total Link/s:

https://www.virustotal.com/gui/file/360538afec8271da6f184c439f22c6bbc2e7275d6f0570671592e47f309459cd/detection

Code:

https://mega.nz/folder/BVB0SJrK#2bFL6IP-PTBMUvgse1iBdw

morvillz7z

legendary

Activity: 2212

Merit: 2061

Join the world-leading crypto sportsbook NOW!

Fake ANN thread for Opioid Coin started by a brand new account.
Opioid Coin seems like a dead project without a working website and GitHub not touched in years, regardless the thread created today is still fake.

Original Opioid Coin thread and GitHub:
https://bitcointalksearch.org/topic/annoid-opioid-coin-decentralized-road-to-recovery-oidlife-4235330
https://github.com/OidLife

Fake Opioid Coin thread and GitHub:
https://bitcointalksearch.org/topic/--5317751 <-- DELETE
links to mega.nz files

Code:

Windows Wallet - https://mega.nz/folder/g11Uyaxa#8QfBNjl0FCx-83zDPWPTMQ
Linux Wallet - https://mega.nz/folder/JodTxIob#Ytp62ztZQUBaetV59_eBiQ
MacOS Wallet - https://mega.nz/folder/M4VRCIiI#13spq66qE4rFmltA9W5ylg
Android Wallet - Coming Soon

archive - https://loyce.club/archive/posts/5636/56365953.html

DaveF

legendary

Activity: 3500

Merit: 6320

Crypto Swap Exchange

Quote from: qwertyup23 on February 15, 2021, 05:23:15 AM

Quote from: Lafu on February 14, 2021, 05:58:44 PM

Hi, Lafu!

Thanks for the heads up and reminding me that the ones that I reported (recently) were false-positive detection by virus total. If I may ask, how do you determine if such wallet that looks infected, is indeed a false-positive detection? I would like to know so I can avoid posting/reporting links that appear infected facially but in truth, a false-positive. I hope for your feed back and reply!

Thank you as always, Lafu.

You can always check the files at https://www.hybrid-analysis.com/.

It gives a bit more detail and you can pick and choose the OS that the file runs on.
It will take you a bit more time as the running is not always instant if they are busy, but it will let you see what the file is doing in different OS.

For the most part, I feel that these files are if not malware, at least crap. IMO any "legitimate" new coin is going to run their wallets through a scanner to make sure they don't pop positive and if they do they would fix them. Also, no source code on github (or similar) that you can verify, even if it's not a virus, the coin is probably not legit.

-Dave

qwertyup23

hero member

Activity: 2296

Merit: 796

Quote from: Lafu on February 14, 2021, 05:58:44 PM

Hi, Lafu!

Thanks for the heads up and reminding me that the ones that I reported (recently) were false-positive detection by virus total. If I may ask, how do you determine if such wallet that looks infected, is indeed a false-positive detection? I would like to know so I can avoid posting/reporting links that appear infected facially but in truth, a false-positive. I hope for your feed back and reply!

Thank you as always, Lafu.

DaveF

legendary

Activity: 3500

Merit: 6320

Crypto Swap Exchange

Walletbuilders used to be a legitimate service. I don't know if it still is.
But, malwarebytes desktop blocks it by default, sonicwall blocks it by default and Norton blocks it by default.

I can't tell if they went "evil" or it's just a generic bitcoin / miner block.

Will have to check later to see if I can dig though it. So for now its a bit tough to tell if the people posting wallets from there are legit bad, or just caught up in a big net.
Or, if they built a free wallet and did not even know it was bad.

-Dave

Lafu

legendary

Activity: 3220

Merit: 3509

Quote from: qwertyup23 on February 14, 2021, 01:59:37 PM

https://www.virustotal.com/gui/file/9fff94b3ef7fb3924c83eff47e9d020c24848cb3f92fb50abc5f9a3b6160da1e/detection

*EDIT
The whitepaper on their website seemed to have copied directly from Bitcoin's whitepaper. Mods, kindly nuke the account and ban him as he is starting to create chaos in the ANN board.

https://getcovid19.org/wp-content/uploads/2021/02/whitepaper.pdf

Looks like a false positive detection to me on Virustotal .
Have done a quicke research on the File from Virustotal.

Code:

MacOS:BitCoinMiner-CG [PUP]

https://blog.malwarebytes.com/detections/pup-optional-bitcoinminer/
https://support.avg.com/answers?id=9060N0000000Ro9QAE

About the Whitepaper if you looking on the last Page there you can find all reference links where he has used the stuff in it .

Algorithm for the Coin is CryptoNight.
The Coin is forked from cryptonotefoundation/cryptonote.
Source : https://github.com/covid19-crypto-dev?tab=repositories

qwertyup23

hero member

Activity: 2296

Merit: 796

1. Malware from Github link and Fake Wallet

Thread: Get Covid-19!... Coin <---- DELETE

Profile Link: ravenhearti
----> BRAND NEW

Archive: https://archive.fo/Qk6cO

Virus Total Link/s:

https://www.virustotal.com/gui/file/9fff94b3ef7fb3924c83eff47e9d020c24848cb3f92fb50abc5f9a3b6160da1e/detection

Code:

https://getcovid19.org/files/covid-19.tar.gz

*EDIT
The whitepaper on their website seemed to have copied directly from Bitcoin's whitepaper. Mods, kindly nuke the account and ban him as he is starting to create chaos in the ANN board.

https://getcovid19.org/wp-content/uploads/2021/02/whitepaper.pdf

morvillz7z

legendary

Activity: 2212

Merit: 2061

Join the world-leading crypto sportsbook NOW!

Quote from: qwertyup23 on February 09, 2021, 09:38:54 PM

[ANN] [VK7R] [Vektorcoin] Worlds best upcoming esports coin

The Vektorcoin thread was re-posted shortly after the old one was removed, same wallets again, and the account used to start the topic is likely to be compromised, his password has recently been changed.

[ANN] [VEKTORCOIN] Esports coin <-- DELETE

(archive)

Code:

windows wallet https://dl.walletbuilders.com/download?customer=5e9b9527c50fbb9e27cc83d3589f1c03014b9ba7fd7d20d0f6&filename=vektorcoin-qt-windows.zip

linux wallet: https://dl.walletbuilders.com/download?customer=5e9b9527c50fbb9e27cc83d3589f1c03014b9ba7fd7d20d0f6&filename=vektorcoin-qt-linux.tar.gz

Wallet scan, thanks to @qwertyup23!

virustotal results:

https://www.virustotal.com/gui/file/0a45db818a69f52f4b6761d881cecb6671e5ec33374e49fc765c66e5fb821879/detection
https://www.virustotal.com/gui/file/6731066a4f931a1e673c5435c2747645b6a91c8ae49d504de7775f7f237196ae/detection

note to self, watch these accounts:

Godson_Mansa
jimlite
trader19
procrypto

qwertyup23

hero member

Activity: 2296

Merit: 796

1. Malware from Github link and Fake Wallet

Thread: [ANN] [VK7R] [Vektorcoin] Worlds best upcoming esports coin <---- DELETE

Profile Link: owvids
----> Last post November 09, 2017

Archive: https://archive.fo/ghDxD

Virus Total Link/s:

Code:

 https://dl.walletbuilders.com/download?customer=5e9b9527c50fbb9e27cc83d3589f1c03014b9ba7fd7d20d0f6&filename=vektorcoin-qt-windows.zip

Code:

 https://dl.walletbuilders.com/download?customer=5e9b9527c50fbb9e27cc83d3589f1c03014b9ba7fd7d20d0f6&filename=vektorcoin-qt-linux.tar.gz

Lafu

legendary

Activity: 3220

Merit: 3509

Quote from: jerry0 on February 09, 2021, 01:44:47 AM

What about links on peoples profiles? Wouldn't many of those links probalby have malware/keylogger?

If you found some Accounts or Users that have that kind of links in there signature or profiles just post it in here with all the Information about ,
and if possible a proof of that the links are Malware or other shady Software.

Username and link to the Userprofile and what kind of link .
Use the Code fubction

Code:

this

for the link so nobody can click it.

One of the Moderators or Global Mods checking this Thread everytime a new post is done and they can take some action if needed.

rat03gopoh

hero member

Activity: 2268

Merit: 731

Signature designer - start @$10 - PM me!

Quote from: jerry0 on February 09, 2021, 01:44:47 AM

What about links on peoples profiles? Wouldn't many of those links probalby have malware/keylogger?

This forum ism't also equipped with a report button on the profile page. Maybe you can report it here or create a new thread on the Meta board for faster handling by global mods.

jerry0

full member

Activity: 1792

Merit: 186

What about links on peoples profiles? Wouldn't many of those links probalby have malware/keylogger?

Lafu

legendary

Activity: 3220

Merit: 3509

Fake ANN !

Thread : [ANN] [SCHO] SCHOLARSHIP - send money to friends and businesses [ASIC/Scrypt]

User : ScholarshipCoin <------ Please ban that User and delete the Thread

Just registered Today
The Fake Github was just registered 4 Hours ago

Archive : https://archive.fo/wip/LXTjK

Code:

[b]Wallets[/b]
Windows: [url=https://github.com/scholarshlpcoin/scholarshipcoin/releases/download/v0.18.4/Scholarship-QT-Windows.zip]https://github.com/scholarshipcoin/scholarshipcoin/releases/download/v0.18.4/Scholarship-QT-Windows.zip[/url]

Fake Github : https_://github.com/scholarshlpcoin/scholarshipcoin/releases/download/v0.18.4/Scholarship-QT-Windows.zip
And there is only this one download file with a size of 18.9 MB

Real Github : https_://github.com/scholarshipcoin/scholarshipcoin/releases/download/v0.18.4/Scholarship-QT-Windows.zip
Here are many download and other Files and the zip file has a size of 16.6 MB

The difference between this 2 Links are :

Fake Github is scholarshlpcoin
Real Github is scholarshipcoin

There is no ANN as i havnt found one but on there Website you can see and find the Real Github and download link.

Website : https://scholarshipcoin.org/

Lafu

legendary

Activity: 3220

Merit: 3509

4 of that 8 detections are false positive as it looks , and the others for sure dosnt looks nice.
Archive.Trojan.Agent.IY4X2W is a modded version of some kind of Malware that operates in th backdoors.
Win32:Malware-gen is Malware and helps to get a remote control of the PC and also can be used to steal personal data and other things.
Source : https://dieviren.de/win32malware-gen/

Topic: Report Malware and Suspicious Links here so Mods can take Action ! - page 29. (Read 38830 times)