Report Malware and Suspicious Links here so Mods can take Action ! - page 75.

Lafu

legendary

Activity: 3136

Merit: 3213

As there was going one some strange thing in this thread https://bitcointalksearch.org/topic/--5204448 there have some Users found something on the Wallet from the Download link !
The Thread starter already deleted everything on the first post and thread already and it looks like they catched him.

This is from the Thread and it looks like someone has posted a changed link for the Wallet file they checked with Virustotal.

Quote from: TakeItEasy on November 28, 2019, 05:34:34 AM

Quote from: anikejchi on November 27, 2019, 10:48:45 AM

Quote from: Ngenah Euy on November 26, 2019, 12:42:14 AM

9 detected viruses !!!!!

https://www.virustotal.com/gui/file/1dae8cf8f0b032d3f2417fcca78816b57c16b6219dc5a524c5241890c273a5b3/detection

You scanned the zip archive of Nakamoto wallet for Windows, on The VirusTotal resource showed 10 detections, let's analyze why it happened. NAK Nakamoto-nest.EXE and Nakamoto-service.exe, NAK Nakamoto-Nest.exe, then it will show 0 detections, NAK Nakamoto service.exe, it will show 10 detections.
But, let's take the original turtlecoin wallet and check how many detections it has, in the archive the same files as Nakamoto's wallet, scan, Turtlecoin has a socket.exe 0 detections, Turtle turtle-service.the EXE is almost the same detector, only in 8 detections. Trojan Trojan, this is false information. Are you talking about Trojans? This is false information that you are ruining the project, you should understand it if you understand it.

Links to scan:
Nakamoto service.EXE - https://www.virustotal.com/gui/file/d90bf0bd302c60c0673989afad2fc5c36e41bf6afecd29da50bcc1889f8d3f7a/detection
Nakamoto nest - https://www.virustotal.com/gui/file/adfe592f4a237dcf9757b67712e5fe042d1e553adfa83d665832edfe20c34501/detection

turtle service.EXE - https://www.virustotal.com/gui/file/a4512e89d319408a4efaf8ff61d80e17f796987662432f7ad5d1fe9776466099/detection
diving nest - https://www.virustotal.com/gui/file/d4520ddda0d2516a720b9870fc0ad9176172816ca4341e40ae311787dcb23688/detection

You are a liar and all your words bullshit.
You change virustotal link for Nakamoto-service.exe. You check "windows nakamoto qt.zip"
This is correct link - https://www.virustotal.com/gui/file/75464e538edd39bbc3119769132b9a704377dc6c9fd663f73a7fb9624e7cb042/detection
And it's not a false positive - Trojan Trojan, like in your fake link, it's Trojan.Razy

Quote from: Chlotide on November 26, 2019, 08:09:43 PM

Well that Trojan.Razy is quite a handful it seems.

Quote from: Kaspersky.com

Crazy Razy, bitcoin thief

The Razy Trojan secretly installs malicious extensions for Chrome and Firefox to serve phishing links and steal cryptocurrency.

source: https://www.kaspersky.com/blog/razy-trojan-cryptocurrency-stealer/25454/

The Original file scanned from the download link is https://www.virustotal.com/gui/file/75464e538edd39bbc3119769132b9a704377dc6c9fd663f73a7fb9624e7cb042/detection
and has Malware and trojans in it .

I dont have any thread name of the orginal thread because the owner changed it to " . "

User : Nakzone-org

github with the infected download file : https_://github.com/nakzone/nakwallet

Webpage : https_://nakzone.org is down already

Looks like there was a Malware and Trojan download link on the Wallet Link .

Archive of the Thread : https://web.archive.org/web/20191128190719/https://bitcointalksearch.org/topic/--5204448;all

doktor83

hero member

Activity: 2548

Merit: 626

Quote from: Lafu on November 21, 2019, 01:49:22 PM

Quote from: doktor83 on November 21, 2019, 07:53:18 AM

Reported already to Github too.

I hope you already reported it to the Moderators here with the " Report to Moderator button " too.
So more Users reporting this threads so faster it gets deleted and other Users dont fall into the Trap.

Yes, reported to mods too.
Also me and a few users posted in that thread but it got deleted of course Cool

Lafu

legendary

Activity: 3136

Merit: 3213

Quote from: doktor83 on November 21, 2019, 07:53:18 AM

Reported already to Github too.

I hope you already reported it to the Moderators here with the " Report to Moderator button " too.
So more Users reporting this threads so faster it gets deleted and other Users dont fall into the Trap.

doktor83

hero member

Activity: 2548

Merit: 626

https://bitcointalksearch.org/topic/srbminer-multi-cpu-amd-gpu-miner-017-5203276
User profile : https://bitcointalksearch.org/user/avalonrychmon-731784

Fake phishing thread, copied my thread from https://bitcointalksearch.org/topic/srbminer-multi-gpu-cpu-miner-094-5190081
And probably the binaries he distributes on Github are malware infected.
Reported already to Github too.

Lafu

legendary

Activity: 3136

Merit: 3213

I dont know the Ann because a Mod was to fast and deleted the ANN !

Also i dont know the Username ! Was something like ( janor ) but dont know exactly Cheesy

There was a Fake Github Miner Link in it , thats all i saved and i posting it for the Records.

Code:

[b]Recommended miners[/b]

 [url=https://github.com/develisoftware/GMinerRelease/releases/download/1.76/gminer_1_76_windows64.zip]https://github.com/develsoftware/GMinerRelease/releases/download/1.76/gminer_1_76_windows64.zip[/url]
[/center]

Showen Link on the Thread : https_://github.com/develsoftware/GMinerRelease/releases/download/1.76/gminer_1_76_windows64.zip

Real Link behind the showen Link : https_://github.com/develisoftware/GMinerRelease/releases/download/1.76/gminer_1_76_windows64.zip <----- Fake Github Link (Possible Malware)

Something wrong here and suspicious !

github.com/develsoftware/

github.com/develisoftware/ <----- Fake Github Link

Here is the Original Thread from the miner Dev GMiner v1.76 Equihash(BEAM, BTG, YCASH)/CuckooCycle(AE, GRIN)/Ethash/Eaglesong

Quote from: Zminer777 on September 21, 2018, 12:13:50 PM

GMiner v1.76

Download links:
GitHub: https://github.com/develsoftware/GMinerRelease/releases

Lafu

legendary

Activity: 3136

Merit: 3213

And again the same Wallet with Malware from the same User just with an diffrent Username !

[ANN] [SUM] [QUARK} [POW+MN]

User : silentiumdev777 alt Account of FreakyCod3r , Ban evasion !

Code:

[b]Resources:[/b]

[url=https://mega.nz/#!NEs00SBb!sYFTrENb_hv7-oZDk2GzuGCm1HD8DZ6X2ioI0FO6nm8]Windows Wallet[/url]
[url=https://mega.nz/#!4E9Uzajb!9Z3HCc6ZglZBm05GGdU5aVjf9QVFesCuAJwbJbaSURU]Linux Wallet[/url]

https://www.virustotal.com/gui/file/5bb70eee99ae10d91e0d3dbdc2b651acbf6d6a7d3bb3bec2ec5fb508d4af1fad/detection

Archive : https://archive.md/A0J9M

Update:
Booom , the fastest Update ever : Thread is deleted ! Thx to the MOD (guess Welshy hit the button)

Lafu

legendary

Activity: 3136

Merit: 3213

Wallet download with malware in it!

[ANN] [PIVX FORK] SILENTIUM [SUM] POS 3.0 + MASTERNODE

User : FreakyCod3r

https://www.virustotal.com/gui/file/625a44bce38bc83cb933a7f0efdfaa7d0e9c8420d51ad9bdc0907f2b46e9955d/detection

The posts in this thread gets deleted when i posting in there and asking for it .

Archive : https://archive.md/yhIhC

Also there is a Scam Accusation here : https://bitcointalksearch.org/topic/silentium-masternode-copypaste-of-another-projectmalware-wallet-5202486

Please delete the Wallet download links or the whole thread , or nuke the User !

Update :

The User deleted all in his thread now !

Archive : https://archive.ph/5sRTZ

Lafu

legendary

Activity: 3136

Merit: 3213

Fake Ann here again !

AVANTAGE (AVN) - Blockchain Reward Loyalty System! POS/MN/SN

User : Coinna <----- Please nuke that User

This user recently woke up from a long period of inactivity.

Code:

[center][b]Wallets:[/b][/center]

[url=https://github.com/AVANTAGE-coin/wallets/releases/download/v.1.0.0.0/Avantage-qt-v.1.0.0.0.zip]https://github.com/AVANTAGE-coin/wallets/releases/download/v.1.0.0.0/Avantage-qt-v.1.0.0.0.zip[/url]
[url=https://github.com/AVANTAGE-coin/wallets/releases/download/v.1.0.0.0/avantage-qt.dmg]https://github.com/AVANTAGE-coin/wallets/releases/download/v.1.0.0.0/avantage-qt.dmg[/url]
[url=https://github.com/AVANTAGE-coin/wallets/releases/download/v.1.0.0.0/avantage-qt.tar.gz]https://github.com/AVANTAGE-coin/wallets/releases/download/v.1.0.0.0/avantage-qt.tar.gz[/url][/center]

Archive : https://archive.md/O1IrC

Fake Github : https_://github.com/AVANTAGE-coin/wallets/

Real Github : https_://github.com/y3tiq/avantage

Original ANN :

AVANTAGE (AVN) - Blockchain Reward Loyalty System! - Funding phase

User : Noojna

Code:

[center][b][size=24pt][color=grey]Wallet Download[/color][/size][/b][/center]

[center][url=https://workupload.com/file/KmFAF3SW][img]https://i.imgur.com/G5abxCF.png[/img][/url]    
[url=https://workupload.com/file/Hab33NmV][img]https://i.imgur.com/y6NNZOz.png[/img][/url] 
[url=https://workupload.com/file/yST8A4xs][img]https://i.imgur.com/GRRk6EX.png[/img][/url][/center]

And if look on the Website there are link to the real github : https://github.com/y3tiq/avantage

Im in there Discord too and thats why i know that , got an write with the Dev about it .

Source : https://discordapp.com/channels/621293609609723904/621401652418707476

DaveF

legendary

Activity: 3500

Merit: 6320

Crypto Swap Exchange

User: https://bitcointalksearch.org/user/tempates134-2715861
2 posts. Both the same.
Malware link in post: h t t p s : / / a n o n y m o u s f i l e s . i o /cJUhTJdQ/

When you fix the link virustotal shows:

https://www.virustotal.com/gui/url/2ba37ee91c7b05de45f1badb57a6ccd4d6a5a146920746d6590e561cf1653394/detection

masulum

legendary

Activity: 2324

Merit: 1604

hmph..

Fake ANN here again !

{ANN} PoS Coin 800%✨-The one and only proof of stake coin with wicked daily!🚀

User : PoS Team <--------- Please nuke that User !

Code:

[b]Wallets[/b]
https://mega.nz/#!FXZDASyY!JRuG4FOkSX9HO6dzqMp7aV2A6pENeQoW2id538fsStA

MAC wallet - https://mega.nz/#!zUoCHQaL!uUSJGPumbBvd6RALoClojkpogmfICFYeejYOsgutDh0

Linux wallet - https://mega.nz/#!pDI1UJDA!JgQekizxxzztneyAI0D0maUvBqlQecVKUnQHff9hFt8

Official Thread
Thread link: https://bitcointalksearch.org/topic/ann-pos-coin-800-the-one-and-only-proof-of-stake-coin-with-wicked-daily-5062584
Real BitcoinTalk Profile: PoS Coin

Archive : https://archive.is/0TlwU

Lafu

legendary

Activity: 3136

Merit: 3213

Quote from: morvillz7z on November 12, 2019, 03:42:13 PM

This is also a fake ann, both threads are posted back to back:

Fake KORECY thread and GitHub: (created less than an hour ago):
https://bitcointalksearch.org/topic/ann-kory-korecy-new-decentralization-powno-icocuckaroo29-5200959
https://github.com/KORECYnew/KORY
http://archive.md/Md0Io

Quote from: https://bitcointalk.org/seclog.php?all

Today at 07:24:54 PM - purpnsourd - woke up

Both accounts tagged just in case.

Just update for this case and quote an Users Virustotal result that he has posted !

Quote from: bigtrevs98 on November 12, 2019, 03:42:33 PM

well, considering the wallet didn't open... plus virustotal doesnt like the dll, that came with the wallet. I dont trust it lol...
https://www.virustotal.com/gui/file/152090c189d1e808810930a24ed50c6b3c2fe0946d2d30d94a493afbd0662283/detection

And the Result looks realy shady and dangerous when look at it .

Gen:Variant.Ulise.85600
W64/Agent.ETX!tr.dldr
Trojan-Downloader.Win32.Agent
Malware (ai Score=88)
Trojan.Ulise.D14E60

Source: https://www.virustotal.com/gui/file/152090c189d1e808810930a24ed50c6b3c2fe0946d2d30d94a493afbd0662283/detection

There are some new ones since i done my other thread for the explain on the things . Will look at them and add them there maybe when i have the time.

morvillz7z

legendary

Activity: 2212

Merit: 2061

Join the world-leading crypto sportsbook NOW!

Please nuke user Lulloz and delete their fake self-moderated thread for 2X2 coin 2X2 PoS COIN | STAKING REWARDS 1% EVERY DAY | 365% ROI.

Original 2X2 PoS COIN thread and GitHub:
https://bitcointalksearch.org/topic/ann-2x2-pos-coin-staking-rewards-1-every-day-365-roi-5187844
https://github.com/2X2coin/

Fake 2X2 PoS COIN thread and GitHub (week old):
https://bitcointalksearch.org/topic/2x2-pos-coin-staking-rewards-1-every-day-365-roi-5200946
https://github.com/2X2-coin/
http://archive.md/QZ6TS

This is also a fake ann, both threads are posted back to back:

Fake KORECY thread and GitHub: (created less than an hour ago):
https://bitcointalksearch.org/topic/ann-kory-korecy-new-decentralization-powno-icocuckaroo29-5200959
https://github.com/KORECYnew/KORY
http://archive.md/Md0Io

Quote from: https://bitcointalk.org/seclog.php?all

Today at 07:24:54 PM - purpnsourd - woke up

Both accounts tagged just in case.

Lafu

legendary

Activity: 3136

Merit: 3213

Fake ANN here again !

[ANN][BTSC] Beyond The Scene Coin [POS/MN/X11]

User : merz <--------- Please nuke that User !

Code:

[b]Wallets[/b]
Windows: https://github.com/btsbtsc/BTSCOIN/releases/download/3.0.1.0/BTSC_WINDOWS.zip
Linux: https://github.com/btsbtsc/BTSCOIN/releases/download/3.0.1.0/BTSC_LINUX.zip

Source
github https://github.com/btscbtsc/BTSCOIN

Look how the github is written exactly and you see that there is something diffrent !

Fake Github :

https_://github.com/btsbtsc/BTSCOIN/releases/download/3.0.1.0/BTSC_WINDOWS.zip

https_://github.com/btsbtsc/BTSCOIN/releases/download/3.0.1.0/BTSC_LINUX.zip

Real Github :

https_://github.com/btscbtsc/BTSCOIN/releases/download/3.0.0.1/BTSC_WINDOWS.zip

https_://github.com/btscbtsc/BTSCOIN/releases/download/3.0.0.1/BTSC_LINUX.zip

The Fake one has missing an small " c "

Archive : https://archive.md/hN5SA

Original ANN :

[ANN][BTSC] Beyond The Scene Coin [POS/MN]

User : manocoin

Code:

[b]Wallets[/b]
Windows Wallet 3.0.0.1 https://github.com/btscbtsc/BTSCOIN/releases/download/3.0.0.1/BTSC_WINDOWS.zip
Linux Wallet 3.0.0.1 https://github.com/btscbtsc/BTSCOIN/releases/download/3.0.0.1/BTSC_LINUX.zip

[b]Source[/b]
github https://github.com/btscbtsc/BTSCOIN

Archive : https://archive.ph/dkILs

Lafu

legendary

Activity: 3136

Merit: 3213

Quote from: morvillz7z on November 11, 2019, 10:53:29 AM

Here's another fake thread with links to malware wallets: [Pre-ANN] [SONA] SONATA - help for young music groups [Ethash/POW/No ICO]
Please nuke Unersame, 2011 account wakes up today and posts a direct link to brand new GitHub.

Fake SONATA thread and GitHub (created 5 hours ago):
https://bitcointalksearch.org/topic/pre-ann-sona-sonata-help-for-young-music-groups-ethashpowno-ico-5200532
https://github.com/SonataMusicCoin
http://archive.md/fvGJZ

Quote from: https://bitcointalk.org/seclog.php?all

Today at 12:17:32 PM - Unersame - woke up

Props to busminer for scanning the exe file, here are the results:
https://www.virustotal.com/gui/file/e446fe2f725fec1a36f60e6e2b6eb50ce0fd8ba291db646f0ba1afa737741820/detection

I've tagged the account in the meantime.

What i have seen the last month and for a lot of Fake Anns that was created here is that they also instant was posted on this Page https://coinhub.news.

And for the latest Fake ANN here you are posted the same again and its posted at the same time when the Fake ANN are posted here .
https://coinhub.news/cs/article/bitcointalk-pre-ann-sona-sonata-help-for-young-music-groups-ethashpowno-ico

I dont know if that has something to do with the creator of the Fake Anns or they pay them for push this Informations.
But i guess they are just an service to bring news about new coins .

The other thing is specialy for your posted Fake ANN i cant find an real ANN .

morvillz7z

legendary

Activity: 2212

Merit: 2061

Join the world-leading crypto sportsbook NOW!

Here's another fake thread with links to malware wallets: [Pre-ANN] [SONA] SONATA - help for young music groups [Ethash/POW/No ICO]
Please nuke Unersame, 2011 account wakes up today and posts a direct link to brand new GitHub.

Fake SONATA thread and GitHub (created 5 hours ago):
https://bitcointalksearch.org/topic/pre-ann-sona-sonata-help-for-young-music-groups-ethashpowno-ico-5200532
https://github.com/SonataMusicCoin
http://archive.md/fvGJZ

Quote from: https://bitcointalk.org/seclog.php?all

Today at 12:17:32 PM - Unersame - woke up

Props to busminer for scanning the exe file, here are the results:
https://www.virustotal.com/gui/file/e446fe2f725fec1a36f60e6e2b6eb50ce0fd8ba291db646f0ba1afa737741820/detection

I've tagged the account in the meantime.

Lafu

legendary

Activity: 3136

Merit: 3213

Quote from: morvillz7z on November 07, 2019, 10:22:27 AM

I've tagged the account in the meantime.

edit; wow, that was fast, thread is gone!

Nice catch on that !

Also updated the first post with useful links .
If anybody has some links that can be useful post it please .

morvillz7z

legendary

Activity: 2212

Merit: 2061

Join the world-leading crypto sportsbook NOW!

Please nuke user AyePhung and delete their fake announcement thread [ANN][MPO+] Mpower+ Coin - new reward system [{POW/X11/Rework]

Original Mpower Coin thread and GitHub:
https://bitcointalksearch.org/topic/mpo-mpower-coin-powmasternodes-that-really-work-5162647
https://github.com/MpowerMPO/

Fake Mpower Coin thread and GitHub (created an hour ago):
https://bitcointalksearch.org/topic/--5199534
https://github.com/mpowernew/
http://archive.md/ul2Ky

Fake ann called out by the real Mpower Coin dev:

Quote from: ?? on ??

Original tread here:
https://bitcointalk.org/index.php?topic=5162647.new#new

No Idea why you trying to copy our project. Please Desist!

I've tagged the account in the meantime.

edit; wow, that was fast, thread is gone!

Lafu

legendary

Activity: 3136

Merit: 3213

Fake ANN !

[ANN] Tickets (TKTS) - POW/Argon2id (CPU/GPU only) - Crypto e-Commerce

User : ishwor92 <---- Ban or nuke for plagiarism

There is nothing i can find thats diffrent from the Original Ann , Links and all is the same if i dont missed something or havnt seen .

The only thing thats diffrent from the Original ANN is the time when the ANNs was cretaed .

Fake ANN created : November 01, 2019, 09:32:42 PM

Real ANN created : November 01, 2019, 12:11:17 AM

Archive : https://archive.md/SvG38

So i report it for plagiarism

Original ANN :

[ANN] Tickets (TKTS) - POW/Argon2id (CPU/GPU only) - Crypto e-Commerce

User : TicketsCoin

morvillz7z

legendary

Activity: 2212

Merit: 2061

Join the world-leading crypto sportsbook NOW!

Could you please nuke user dcb33 and their fake announcement thread for [ANN] - [MediaCoin][MC] [FREE COINS].

Original Mediacoin thread and GitHub:
https://bitcointalksearch.org/topic/annmediacoinmdcbountyairdropnew-5179834
https://github.com/mediacoin-club

Fake Mediacoin thread and GitHub (two days old):
https://bitcointalksearch.org/topic/ann-mediacoinmc-free-coins-5197697
https://github.com/project-mediacoin/
archive: http://archive.md/1LoXj

My report for GREDEN (just two posts above) is still unhandled. It's obviously a fake ann and needs to be deleted/nuked.

masulum

legendary

Activity: 2324

Merit: 1604

hmph..

FAKE ANN: Obyte: Totally new consensus algorithm + private untraceable payments
Archives: https://archive.is/EgcF0

User : developernat <----- Please nuke that user

Code:

[quote author=developernat link=topic=5197963.msg52954498#msg52954498 date=1572666960]
For full technical description, read the white paper: [url=https://www.docdroid.net/X3pnfsJ/byteball.pdf]READ HERE[/url]
Former name: Byteball.
Download the wallet: [url=https://gofile.io/?c=gc3hHp][color=green][size=20pt]DOWNLOAD[/size][/color][/url]
[/quote]

Fake download: https:_/srv-file4.gofile.io/download/gc3hHp/ObyteWin64.exe
Virustotal: https://www.virustotal.com/gui/file-analysis/OWRkOWIwODkwMWQ5Mjc4YTdkMjVjZWM2YWMwZmZmMTA6MTU3MjY5NTY0Nw==/detection
VirusTotal: File Hash: 5649c298735ea546eb597dbc1aea8a061f6db7818dc67008fe026cd34be37a2e

Original link: https://github.com/byteball/obyte-gui-wallet

Original Thread: Obyte: Totally new consensus algorithm + private untraceable payments
Archives: https://archive.ph/w4BlO

Topic: Report Malware and Suspicious Links here so Mods can take Action ! - page 75. (Read 36997 times)