Virus --> https://bitcointalksearch.org/topic/--5257501
Please bank this user --> https://bitcointalksearch.org/user/thanhdung12dtk-1940758
Archive --> http://archive.is/OJ2Ub
Bad github --> https-://github.com/Project-FTS/
Original ann --> https://bitcointalksearch.org/topic/ann-fts-coin-launched-22020-5228752
Good Github --> https://github.com/ProjectFTS/FTS_COIN
Flag if you want to support it: https://bitcointalk.org/index.php?action=trust;flag=2078
-Dave
Topic: Report Malware and Suspicious Links here so Mods can take Action ! - page 52. (Read 37992 times)
June 23, 2020, 06:31:23 AM
June 23, 2020, 06:30:06 AM
Suspicious ANN
ANN - [ANN][RECYCLEFORLIFW][RFL][Global decentralized Tokenized Recycling Network]
I have a strong feeling of this being a scam. I'd like for the people who know more than me to look into it. Thanks!
There is already scam accusation thread made about that project, so if you have any new findings, best is to share info there.ANN - [ANN][RECYCLEFORLIFW][RFL][Global decentralized Tokenized Recycling Network]
I have a strong feeling of this being a scam. I'd like for the people who know more than me to look into it. Thanks!
[WARNING] Recycle For Life Plagiarized Whitepaper
Purpose of this topic is to share ANN threads with suspicious links, not ANN of suspicious projects in general, for that Scam Accusations board is used.
June 23, 2020, 06:23:48 AM
Suspicious ANN
ANN - [ANN][RECYCLEFORLIFW][RFL][Global decentralized Tokenized Recycling Network]
Suspicions -
- Fake Team members (Possibly)
- Plagiarized Whitepaper
- No wallet links or anything other than information on their ICO
- Typo in the main Subject [RECYCLEFORLIFW] (No real project miss stuff like this)
- Website is just another WP theme (Seems like they were in a hurry)
- Last GitHub activity on Aug 15, 2019 (Probably a stolen/sold account.)
I have a strong feeling of this being a scam. I'd like for the people who know more than me to look into it. Thanks!
ANN - [ANN][RECYCLEFORLIFW][RFL][Global decentralized Tokenized Recycling Network]
Suspicions -
- Fake Team members (Possibly)
- Plagiarized Whitepaper
- No wallet links or anything other than information on their ICO
- Typo in the main Subject [RECYCLEFORLIFW] (No real project miss stuff like this)
- Website is just another WP theme (Seems like they were in a hurry)
- Last GitHub activity on Aug 15, 2019 (Probably a stolen/sold account.)
I have a strong feeling of this being a scam. I'd like for the people who know more than me to look into it. Thanks!
June 22, 2020, 05:17:22 PM
At least some of the threads are still there:
https://bitcointalksearch.org/topic/ann-ravencoin-rvn-pow-gpu-mining-asset-transfer-blockchain-updated-ann-3238497
And if you follow the link for the windows miner it goes to:
https-:-//github.com/RavenCommunlty/kawpowminer/releases/download/1.2.2/kawpowminer-windows-1.2.2.zip
Not the proper link so a flag is good. Also, if they ever come back as a legitimate user we can pull our support from the flag.
-Dave
Flags show in his own threads (does not have any) and on his profile/trust page.
I know it's phishing.. I also said that a few posts back.
It's just that I don't feel confortable leaving a flag on a hacked account. The original owner posted only russian and at some point someone else "found" his password and user gets a flag
. A permanent mark on that profile.
IMHO a negative would suffice in these types of cases.
Most of them were newbies accounts, jr member... dispensable basically.
I understand you want that banner to be displayed in the thread because most of them are self-mod and they delete the warning posts but... At least for higher rank members I would rather not taint them for having a week password.
The user is locked and needs to email us before using it again.
It's permanent, but if everyone withdraws their support you have to click to see it.
And if I change the reference post to say it was a hacked account and then recovered it shows what happened.
Heck I have an unsupported flag against me. suchmoon has a bunch. So long as they are not supported it does not matter. IMO
You and others might feel differently. But if the user does come back and post the he got his account back I will remove my support of the flag. And note in the post that the issue was resolved.
-Dave
June 22, 2020, 02:47:34 PM
~~~~~~
I tagged him now and reported all the posts with that fake links .
Maybe let me know if the Account gets recovered and all is fine again with the Account so i can remove my Feedback i have given.
Also i will take a look of older ANNs that was done in the past maybe i can find some changes from there Gihub links and Sources too.
Next Fake ANN here !
Thread : NatisCoin English algo SCRYPT 100% POS
User : ramazan5523 <---- Please Ban that User
This user recently woke up from a long period of inactivity.
Last post was done in October 15, 2018
Joined 1 hour ago on Github
Archive : https://archive.fo/wip/lAftX
Code:
WALLET AND SOURCE[/b][/size]
[b]Windows:[/b] https://github.com/NATISCOIN/NatisCoin/releases/download/Natis/natiscoin-qt-windows.zip
[b]Linux:[/b] https://github.com/NATISCOIN/NatisCoin/releases/download/Natis/natiscoin-qt-linux.tar.gz
[b]Source:[/b] https://github.com/NATISCOIN/NatisCoin/releases/download/Natis/natiscoin-source.tar.gz
Fake Github : https_://github.com/NATISCOIN/NatisCoin/
Real Github : https_://github.com/jovannyd/NatisCoin/
Original ANN
Thread : NatisCoin English algo SCRYPT 100% POS
User : jovannyd
Code:
[center][size=20pt]WALLET AND SOURCE
[/size][/center]
Windows: https://github.com/jovannyd/NatisCoin/releases/download/Natis/natiscoin-qt-windows.zip
Linux: https://github.com/jovannyd/NatisCoin/releases/download/Natis/natiscoin-qt-linux.tar.gz
Source: https://github.com/jovannyd/NatisCoin/releases/download/Natis/natiscoin-source.tar.gz
Next Fake ANN from NatisCoin again from a diffrent User !
Thread : 🔥 NatisCoin 🥉 English algo SCRYPT 100% POS ✅
User : sidneig007 <---- Please Ban that User
This user recently woke up from a long period of inactivity.
Last post was done in December 11, 2018
Archive : https://archive.fo/wip/zRJVK
Code:
[size=18pt][b]
WALLET AND SOURCE[/b][/size]
[b]Windows:[/b] https://github.com/NATISCOIN/NatisCoin/releases/download/V.1.0.0/natiscoin-qt-windows.zip
[b]Linux:[/b] https://github.com/NATISCOIN/NatisCoin/releases/download/V.1.0.0/natiscoin-qt-linux.tar.gz
[b]Source:[/b] https://github.com/NATISCOIN/NatisCoin/releases/download/V.1.0.0/natiscoin-source.tar.gz
Fake Github : https_://github.com/NATISCOIN/NatisCoin/
Real Github : https_://github.com/jovannyd/NatisCoin/
June 22, 2020, 01:02:21 PM
At least some of the threads are still there:
https://bitcointalksearch.org/topic/ann-ravencoin-rvn-pow-gpu-mining-asset-transfer-blockchain-updated-ann-3238497
And if you follow the link for the windows miner it goes to:
https-:-//github.com/RavenCommunlty/kawpowminer/releases/download/1.2.2/kawpowminer-windows-1.2.2.zip
Not the proper link so a flag is good. Also, if they ever come back as a legitimate user we can pull our support from the flag.
-Dave
Flags show in his own threads (does not have any) and on his profile/trust page.
I know it's phishing.. I also said that a few posts back.
It's just that I don't feel confortable leaving a flag on a hacked account. The original owner posted only russian and at some point someone else "found" his password and user gets a flag
. A permanent mark on that profile.
IMHO a negative would suffice in these types of cases.
Most of them were newbies accounts, jr member... dispensable basically.
I understand you want that banner to be displayed in the thread because most of them are self-mod and they delete the warning posts but... At least for higher rank members I would rather not taint them for having a week password.
The user is locked and needs to email us before using it again.
June 22, 2020, 12:46:42 PM
...
Also reported.
-Dave
Also reported.
-Dave
That user bagera was most definitely hacked and his threads were trashed. A flag might not be that useful right now imo...
At least some of the threads are still there:
https://bitcointalksearch.org/topic/ann-ravencoin-rvn-pow-gpu-mining-asset-transfer-blockchain-updated-ann-3238497
And if you follow the link for the windows miner it goes to:
https-:-//github.com/RavenCommunlty/kawpowminer/releases/download/1.2.2/kawpowminer-windows-1.2.2.zip
Not the proper link so a flag is good. Also, if they ever come back as a legitimate user we can pull our support from the flag.
-Dave
June 22, 2020, 12:15:23 PM
...
Also reported.
-Dave
Also reported.
-Dave
That user bagera was most definitely hacked and his threads were trashed. A flag might not be that useful right now imo...
June 22, 2020, 12:11:38 PM
indeed seems hacked and indeed was spreading the fake repo to the communlty ...
Good catch !
Good catch !
Is it possible to get rid of all this fake github links that he has posted ?
https://bitcointalksearch.org/topic/ann-etc-ethereum-classic-immutable-smart-contracts-5134923
https://bitcointalksearch.org/topic/annubq-ubiq-smart-contracts-for-an-automated-world-1763606
https://bitcointalksearch.org/topic/ann-ethereum-welcome-to-the-beginning-428589
https://bitcointalksearch.org/topic/ann-ethereum-welcome-to-the-beginning-428589
https://bitcointalksearch.org/topic/ann-ravencoin-rvn-pow-gpu-mining-asset-transfer-blockchain-updated-ann-3238497
https://bitcointalksearch.org/topic/ann-ravencoin-rvn-pow-gpu-mining-asset-transfer-blockchain-updated-ann-3238497
Or should i report it ?
I just created a flag: https://bitcointalksearch.org/topic/thead-for-listing-malware-posters-5257338
Please support it so newbies will see the warning.
Also reported.
-Dave
June 22, 2020, 12:10:01 PM
indeed seems hacked and indeed was spreading the fake repo to the communlty ...
Good catch !
Good catch !
Is it possible to get rid of all this fake github links that he has posted ?
Or should i report it ?
I am a patroller, can moderate only newbies. I already reported them... mods will need to delete then I guess
June 22, 2020, 11:37:36 AM
indeed seems hacked and indeed was spreading the fake repo to the communlty ...
Good catch !
Good catch !
Is it possible to get rid of all this fake github links that he has posted ?
https://bitcointalksearch.org/topic/ann-etc-ethereum-classic-immutable-smart-contracts-5134923
https://bitcointalksearch.org/topic/annubq-ubiq-smart-contracts-for-an-automated-world-1763606
https://bitcointalksearch.org/topic/ann-ethereum-welcome-to-the-beginning-428589
https://bitcointalksearch.org/topic/ann-ethereum-welcome-to-the-beginning-428589
https://bitcointalksearch.org/topic/ann-ravencoin-rvn-pow-gpu-mining-asset-transfer-blockchain-updated-ann-3238497
https://bitcointalksearch.org/topic/ann-ravencoin-rvn-pow-gpu-mining-asset-transfer-blockchain-updated-ann-3238497
Or should i report it ?
June 22, 2020, 11:04:51 AM
Hey Rizzrack,
Can you look up the following account - bagera? He is spamming that fake KawPowMiner in various alt threads.
...
Can you look up the following account - bagera? He is spamming that fake KawPowMiner in various alt threads.
...
indeed seems hacked and indeed was spreading the fake repo to the communlty ...
Good catch !
June 22, 2020, 10:30:00 AM
Hey Rizzrack,
Can you look up the following account - bagera? He is spamming that fake KawPowMiner in various alt threads.
Ravencoin - https://bitcointalksearch.org/topic/ann-ravencoin-rvn-pow-gpu-mining-asset-transfer-blockchain-updated-ann-3238497 (archive)
Ethereum Classic - https://bitcointalksearch.org/topic/ann-etc-ethereum-classic-immutable-smart-contracts-5134923 (archive)
Ubiq - https://bitcointalksearch.org/topic/annubq-ubiq-smart-contracts-for-an-automated-world-1763606 (archive)
Ethereum - https://bitcointalksearch.org/topic/ann-ethereum-welcome-to-the-beginning-428589 (archive)
His first post since December 29, 2018 was a link to RavenCommunlty GitHub repo made back in May, which indicates that it's probably a hacked account.
Can you look up the following account - bagera? He is spamming that fake KawPowMiner in various alt threads.
Ravencoin - https://bitcointalksearch.org/topic/ann-ravencoin-rvn-pow-gpu-mining-asset-transfer-blockchain-updated-ann-3238497 (archive)
Ethereum Classic - https://bitcointalksearch.org/topic/ann-etc-ethereum-classic-immutable-smart-contracts-5134923 (archive)
Ubiq - https://bitcointalksearch.org/topic/annubq-ubiq-smart-contracts-for-an-automated-world-1763606 (archive)
Ethereum - https://bitcointalksearch.org/topic/ann-ethereum-welcome-to-the-beginning-428589 (archive)
His first post since December 29, 2018 was a link to RavenCommunlty GitHub repo made back in May, which indicates that it's probably a hacked account.
June 22, 2020, 08:48:58 AM
Noticed that [ANN] KawPowMiner v1.2.3 - first miner for KawPow algo [AMD/Nvidia+Win/Linux] posted by KawPowBoo had phishing links for wallet downloads
Thread trashcanned
Archived: https://archive.vn/HTSbC
OP's account was locked.
Definitely had the good github repo and edited it later on. As OP admitted he was hacked (but I call BS on that)
Another one for the list I guess...
P.S. sent a merit to the first guy who mentioned the link issue before trashing the thread (just so we're clear on that
)
Code:
Real: Windows: https://github.com/RavenCommunity/kawpowminer/releases/download/1.2.3/kawpowminer-windows-1.2.3.zip
Fake: Windows: https://github.com/RavenCommunlty/kawpowminer/releases/download/1.2.3/kawpowminer-windows-1.2.3.zip
Archived: https://archive.vn/HTSbC
OP's account was locked.
Definitely had the good github repo and edited it later on. As OP admitted he was hacked (but I call BS on that)
Another one for the list I guess...
P.S. sent a merit to the first guy who mentioned the link issue before trashing the thread (just so we're clear on that
) June 21, 2020, 02:02:54 PM
I was thinking from the beginning as i have seen and readed the thread that there is something strange.
And as i have written in the thread why he hasnt posted the Website and original github link.
Nice catching and watching on that morvillz7z, thank you .
And as i have written in the thread why he hasnt posted the Website and original github link.
Nice catching and watching on that morvillz7z, thank you .
June 20, 2020, 04:36:15 PM
Suspicious ANN !!
Thread : [ANN] [HNS] HandShake - peer-to-peer root system [POW/Own algo/Exchanges]
We got in the past an User firehawk71 that has posted the same ANN too but it got deleted !
Thread : [ANN] [HNS] HandShake - peer-to-peer root system [POW/Own algo/Exchanges]
We got in the past an User firehawk71 that has posted the same ANN too but it got deleted !
This is indeed suspicious but i think i was only able to report firehawk71 for his Tellor (TRB) and Kadena fake threads and not for HandShake.
firehawk71 was trying to push the following GitHub: "https_://github.com/kyokano" http://loyce.club/archive/posts/5386/53868592.html
I wouldn't be surprised if both accounts "kyokan" and "kyokano" are malicious, especially after reading these two comments:
http://loyce.club/archive/posts/5399/53998776.html
http://loyce.club/archive/posts/5398/53983159.html
Dont know whats going on with this thread from that User and will watching it !
I think i will do the same!
edit;
It turns out it is a fake ANN, OP changed the windows wallet link earlier today:
http://archive.md/VkcnK
from: https_://github.com/kyokan to https_://github.com/kyolkan/ (created two days ago)
Code:
https://github.com/kyolkan/bob-wallet/releases/download/v0.3.0/Bob.0.3.0.zip
June 19, 2020, 09:39:40 PM
Suspicious ANN !!
Thread : [ANN] [HNS] HandShake - peer-to-peer root system [POW/Own algo/Exchanges]
User : HandShakes
Archive : https://archive.fo/wip/x1Pzf
Looks like copied and pasted from there Webpage as there is no source link in the Thread !
Source : https://handshake.org/
The next thing is on the Github from github.com/kyokan is also a folder github.com/kyokan/hsd/releases !
But on the Webpage https://handshake.org/ they have the Github:
Dont know whats going on with this thread from that User and will watching it !
We got in the past an User firehawk71 that has posted the same ANN too but it got deleted !
Thread : [ANN] [HNS] HandShake - peer-to-peer root system [POW/Own algo/Exchanges]
User : HandShakes
Archive : https://archive.fo/wip/x1Pzf
Code:
Wallets
Windows: https://github.com/kyokan/bob-wallet/releases/download/v0.3.0/Bob.0.3.0.msi
MAC: https://github.com/kyokan/bob-wallet/releases/download/v0.3.0/Bob-0.3.0.dmg
Looks like copied and pasted from there Webpage as there is no source link in the Thread !
About HNS
HandShake - decentralized, permissionless naming protocol where every peer is validating and in charge of managing the root DNS naming zone with the goal of creating an alternative to existing Certificate Authorities and naming systems. Names on the internet (top level domains, social networking handles, etc.) ultimately rely upon centralized actors with full control over a system which are relied upon to be honest, as they are vulnerable to hacking, censorship, and corruption. Handshake aims to experiment with new ways the internet can be more secure, resilient, and socially useful with a peer-to-peer system validated by the network's participants.
HandShake - decentralized, permissionless naming protocol where every peer is validating and in charge of managing the root DNS naming zone with the goal of creating an alternative to existing Certificate Authorities and naming systems. Names on the internet (top level domains, social networking handles, etc.) ultimately rely upon centralized actors with full control over a system which are relied upon to be honest, as they are vulnerable to hacking, censorship, and corruption. Handshake aims to experiment with new ways the internet can be more secure, resilient, and socially useful with a peer-to-peer system validated by the network's participants.
Quote
ABOUT HANDSHAKE
Handshake is a decentralized, permissionless naming protocol where every peer is validating and in charge of managing the root DNS naming zone with the goal of creating an alternative to existing Certificate Authorities and naming systems. Names on the internet (top level domains, social networking handles, etc.) ultimately rely upon centralized actors with full control over a system which are relied upon to be honest, as they are vulnerable to hacking, censorship, and corruption. Handshake aims to experiment with new ways the internet can be more secure, resilient, and socially useful with a peer-to-peer system validated by the network's participants.
Handshake is a decentralized, permissionless naming protocol where every peer is validating and in charge of managing the root DNS naming zone with the goal of creating an alternative to existing Certificate Authorities and naming systems. Names on the internet (top level domains, social networking handles, etc.) ultimately rely upon centralized actors with full control over a system which are relied upon to be honest, as they are vulnerable to hacking, censorship, and corruption. Handshake aims to experiment with new ways the internet can be more secure, resilient, and socially useful with a peer-to-peer system validated by the network's participants.
Source : https://handshake.org/
The next thing is on the Github from github.com/kyokan is also a folder github.com/kyokan/hsd/releases !
But on the Webpage https://handshake.org/ they have the Github:
Code:
https://github.com/handshake-org
Dont know whats going on with this thread from that User and will watching it !
We got in the past an User firehawk71 that has posted the same ANN too but it got deleted !
June 18, 2020, 05:48:42 AM
Do you guys have any thoughts on this ?
First thing, there is no need to quote their whole ANN when you are reporting something suspicious, link to topic and archived version is enough.Regarding that DSF project, whether they intend to spread malware I don't know, but they are obviously shilling their thread. Newbie accounts made in 2018/2019 with no prior activity suddenly appeared just when this thread has been made, and showing classic shill behavior. That is not something that any legit project would do, and is a big red flag in my eyes (not the reason to delete the thread though, but you can always report shill posts, and usually they get deleted.) So yeah, they are definitely suspicious.
June 18, 2020, 05:28:22 AM
Do you guys have any thoughts on this ?
First thing, there is no need to quote their whole ANN when you are reporting something suspicious, link to topic and archived version is enough.Regarding that DSF project, whether they intend to spread malware I don't know, but they are obviously shilling their thread. Newbie accounts made in 2018/2019 with no prior activity suddenly appeared just when this thread has been made, and showing classic shill behavior. That is not something that any legit project would do, and is a big red flag in my eyes (not the reason to delete the thread though, but you can always report shill posts, and usually they get deleted.) So yeah, they are definitely suspicious.
June 18, 2020, 04:55:33 AM
Very suspicious in my opinion,this user's password was reset recently,a self-moderated topic
https://www.hybrid-analysis.com/sample/263eeb10202871d0567073eeb9c6ea3b111260f22021f7ed069cd52c1a22054f
User DSFchain https://bitcointalksearch.org/user/dsfchain-2797527
https://bitcointalksearch.org/topic/m.54633842
Only newbie posting there trying to shill...there are no chats for the community, the site was registered in April and only for one yearhttps://www.hybrid-analysis.com/sample/263eeb10202871d0567073eeb9c6ea3b111260f22021f7ed069cd52c1a22054f
User DSFchain https://bitcointalksearch.org/user/dsfchain-2797527
https://bitcointalksearch.org/topic/m.54633842
also this
https://www.hybrid-analysis.com/sample/263eeb10202871d0567073eeb9c6ea3b111260f22021f7ed069cd52c1a22054f/5ee9a8fa5dd58b19c44c4972
Quote
equires permissions that could be uesd for malicious intents
details
Permission request for "android.permission.ACCESS_COARSE_LOCATION"
Permission request for "android.permission.ACCESS_FINE_LOCATION"
Permission request for "android.permission.INTERNET"
Permission request for "android.permission.WRITE_EXTERNAL_STORAGE"
Permission request for "android.permission.READ_PHONE_STATE"
Permission request for "android.permission.READ_CONTACTS"
Permission request for "android.permission.CALL_PHONE"
Permission request for "android.permission.CHANGE_WIFI_STATE"
Permission request for "android.permission.CHANGE_WIFI_MULTICAST_STATE"
Permission request for "android.permission.RECORD_AUDIO"
Permission request for "android.permission.GET_TASKS"
Permission request for "android.permission.MANAGE_ACCOUNTS"
Permission request for "android.permission.MOUNT_UNMOUNT_FILESYSTEMS"
Permission request for "android.permission.BLUETOOTH"
Permission request for "android.permission.BLUETOOTH_ADMIN"
Permission request for "android.permission.CAMERA"
Permission request for "android.permission.CHANGE_NETWORK_STATE"
Permission request for "android.permission.MODIFY_AUDIO_SETTINGS"
Permission request for "android.permission.SYSTEM_ALERT_WINDOW"
Permission request for "android.permission.RECEIVE_BOOT_COMPLETED"
source
Static Parser
relevance
10/10
Do you guys have any thoughts on this ? details
Permission request for "android.permission.ACCESS_COARSE_LOCATION"
Permission request for "android.permission.ACCESS_FINE_LOCATION"
Permission request for "android.permission.INTERNET"
Permission request for "android.permission.WRITE_EXTERNAL_STORAGE"
Permission request for "android.permission.READ_PHONE_STATE"
Permission request for "android.permission.READ_CONTACTS"
Permission request for "android.permission.CALL_PHONE"
Permission request for "android.permission.CHANGE_WIFI_STATE"
Permission request for "android.permission.CHANGE_WIFI_MULTICAST_STATE"
Permission request for "android.permission.RECORD_AUDIO"
Permission request for "android.permission.GET_TASKS"
Permission request for "android.permission.MANAGE_ACCOUNTS"
Permission request for "android.permission.MOUNT_UNMOUNT_FILESYSTEMS"
Permission request for "android.permission.BLUETOOTH"
Permission request for "android.permission.BLUETOOTH_ADMIN"
Permission request for "android.permission.CAMERA"
Permission request for "android.permission.CHANGE_NETWORK_STATE"
Permission request for "android.permission.MODIFY_AUDIO_SETTINGS"
Permission request for "android.permission.SYSTEM_ALERT_WINDOW"
Permission request for "android.permission.RECEIVE_BOOT_COMPLETED"
source
Static Parser
relevance
10/10
Jump to: