Topic: Report Malware and Suspicious Links here so Mods can take Action ! - page 78. (Read 36997 times)

Hahah.
Those detected "Coinminer" are the usual false-positives you can get by scanning any/all Mining app using a virustotal.
Most known AVs won't even tag it as positive (check the name of the AV's with positives in your image).

If you're accustomed to mining, you will know if there's really a red flag (through actual usage/different scan results)
But doktor83's miner wasn't one of those.
It's the indirect descendant of this old thread: SRBMiner Cryptonight AMD GPU Miner V1.9.3 - native algo switching

For the second image:
That's mega.nz (url) that you've scanned.

What the hell man , so my topic got removed because YOU reported it as malware? What the hell moderators, is this serious ?
The binary is PACKED, every AV will report it as dangerous.
I am a miner developer for some time, already got another miner topic on this forum for a long time. Do you think i would post files that contain malware/viruses?

user : https://bitcointalksearch.org/user/doktor83-889929

Ann : SRBMiner-MULTI CPU & AMD GPU Miner 0.1.0 beta

Archived : http://archive.is/w1Pbq

Link Github >> Downloaded and scaning SRBminer file have : https://www.virustotal.com/gui/file/fb9378b3eaca05b3fc6bebb58ad318996600252949a41036aa4028bb697c74f8/detection
Bkav
W64.HfsAutoB.
Endgame
malicious (high confidence)
Invincea
heuristic
Malwarebytes
RiskWare.BitCoinMiner
Microsoft
PUA:Win64/CoinMiner
Rising
PUF.CoinMiner!8.4639 (TFE:5:HVCYVtd0IyI)




Link Mega : https://www.virustotal.com/gui/url/71216ea7e98991af2c7f6226d581d2ba513e14cc585f8e8d0f6cf04bf112f755/detection

If you are need to track how your content engagment, you just need to create utm referral. I don't know what a link behind of your Linktree, because I don't want to take any risk. If, your link behind linktree is for your sites, why you are not just using bit.ly?

May be this tools can help you to track. https://ga-dev-tools.appspot.com/campaign-url-builder/ and edit your post, i will edit my reports. PM me if you are done

//Don't reply, just PM me//

Hello BitcoinTalk & Member Masulum.

We have had the opportunity of being notified of this post by a member. Though this post seems to not have been brought to our attention directly.

First, we would like to thank those who are contributing to ensure that the engagement on BitcoinTalk and the content being shared are safe and protected. Creating a safe environment that can be appreciated by the members here on BitcoinTalk.

In addressing a) the virus scan; we would like to express the common knowledge that when scanning a webpage that gathers reports of over '70' different virus defense provides that the result of there being a false-positives is one that is possible - at times even likely.

To be clear, the 'malicious' 1 flag, out of 70 green checks, was given to the service of LinkTree, not of any services owned by Decracy.

Though for the sake of also sharing that we do give detailed attention on all third-party services that we utilize, in verifying that they are of caliber, and of safe convenience for our members, I share with you public articles that show the likes of Expedia, Wix, Red Bull, and countless globally-acclaimed public figures who currently, and safely, utilize the service of 'LinkTree'. LinkTree Article.

A false-positive report was drafted and sent to 'CRDF Labs', by our team, which is the provider that flagged the service of 'LinkTree'. To place in perspective, we would like to state that the most trusted virus defense providers such as Google, Avira, Kaspersky, BitDefender, ESET, Tencent, Opera, + all marked, passed, and verified the same service provider to be safe.

In hindsight, these are things that we fully believe should be considered when reporting links to be 'unsafe', which can sway others to think negatively of certain content or the poster of such content.


Addressing b) the use of 'Bit.ly'; with our operations being on par with the operations of world corporations and entities, our goal, and the goal of our marketing team, is to uphold the most informed environment where we are in the position of better understanding our content, it's delivery, and its acceptance, within the environments that we share such content in. In this case, the same design was being utilized when we incorporated the use of Bit.ly links. It allows for a Grade A environment to be hosted where Decracy may better understand the click-through ratio, and how we may better improve Decracy's content so that it may better align with the interest of the users, in this case, BitcoinTalk users.


We hope that we have well clarified the points above.

[ANN][DCA] Decracy - A Global Revolution > Global ID, Privacy, Smart Contracts

Thread archives: https://archive.is/jdUWX
Thread creator: Decracy

Case: Creator using shortlink to their website, first he was using bit.ly when I check link behind, it will redirect to linktree. Screenshot https://i.ibb.co/Z2yNVZc/image.png when I scan that domain contain malicious program. Scan results can be found here https://www.virustotal.com/gui/url/2bb4560b0eb19702e6fb2270ebaf76322707e39f3f3b26dae2ffffeeafa58696/detection

Updates: User Decracy removed malicious sites already. Trying to check his official website, decracy.com, this sites is clean from virus based on virustotal.com results

Thank you.

Nice catch and finding , i already have reported this thread and looking now to the other threads he has created too !
Hope that more reporting it and the virustotal result shows that something is not right with the file .
Or have you checked already his other thread and files ? So i dont have to doing that.

Coinfly have Malicious url

Thread : [CoinFly.cc: The first all-in-one crypto mining system (LOOKING FOR TESTERS!)]
Thread : Coinfly.cc has he most profitable ETH pool. Try it now!

https()//miner(.)coinfly(.)cc/
https://www.virustotal.com/gui/url/8a18c841e96789eb9ee1fdd074ce1a1cab544df1144356da2b78af777d52066f/detection

https()//coinfly(.)cc/
https://www.virustotal.com/gui/url/f2aff23678ec95298c5fa65b3249a132ece1419ac854edcda21913c15456ea47/detection

User : Coin_Fly

Archived :
http://archive.is/rd7iN
http://archive.is/7QKXB

---

user : https://bitcointalksearch.org/user/rwteam-2101319

[RWTeam] Claymore ETH Miner 14.6, 14.7, 15.0 Windows [ 0.5% devfee edition ]

https://www.virustotal.com/gui/url/71216ea7e98991af2c7f6226d581d2ba513e14cc585f8e8d0f6cf04bf112f755/detection

https://www.virustotal.com/gui/url/71216ea7e98991af2c7f6226d581d2ba513e14cc585f8e8d0f6cf04bf112f755/detection

Fake ANN again !

[ANN] SPECTRECOIN | Anonymous | Stealth-Staking | Tor | Ring Signatures

User : cbread  <----  Please nuke that User !



Fake Download source : https_://www1.zippyshare.com/d/ktmuBCNS/6739/Spectrecoin.rar


Real Download Source : https_://github.com/spectrecoin/spectre/releases

Original ANN and thread :

[ANN] SPECTRECOIN | Anonymous | Stealth-Staking | Tor | Ring Signatures


User : XSPEC-team

[ANN]⚡️[ICO]SEKOPAY EXCHANGE  SEKOPAY POS & MASTERNODES  SEKOPAY APP⚡️[ANN]


FAKE ANN
Thrad: https://bitcointalksearch.org/topic/annicosekopay-exchange-sekopay-pos-masternodes-sekopay-appann-5184137
Creator: https://bitcointalksearch.org/user/pochy123-995704

Wallet scan result:
Zipezip: https://zipezip.com/ufiles/06ee2863318032cae1bbc1e291218f3f

Virusdesk:


Screenshot: https://i.imgsafe.org/49/49b089b4ed.png
----------------------------------------------------------------------------------------------------------------
Original ANN based on Coingecko

Thread: https://bitcointalksearch.org/topic/ann-sekopaycoin-seko-masternodes-pos-mno-5046889 (No content)
Official github: https://github.com/sekopaycoin (official github username: sekopaycoin / fake github username: SekoPay)

This is the second FAKE ANN thread I found was created by pochy123.

i think we have new one...
https://bitcointalk.org/index.php?topic=5189336.new#new
dll file with wallet contain virus

I have seen that yesterday also and dont know if the links got removed from the detection software from the forum,
or that they was removed from an Moderator or Global Moderator , but i guess it was the forum software.
Maybe theymos can answer the question or an Global Moderator if they added bitbucket now to the blacklist.
If so we have done an step forward for the malware Links.

I happened to notice that their links are getting auto-removed/flagged suspicious as of late.

They usually go for Github and Bitbucket with direct links to their fake/malicious wallets (.rar, .zip, .gz, .xz, .tar)

Were any of these files added recently to the forum anti-spam/malware detection software?^[1] Or is it something else?

[1] - obviously not

Fake ANN again !

[ANN] SPEROCOIN - POS/POW

User :  TheCryptoCoinsist   <-----   Please nuke that user



The Link is or was removed from system !

Original ANN :

[ANN] SPEROCOIN - POS/POW

User : DigitalCoinBRL

[ANN] 🔥🔥 BELIEVE (poS+Mn) MOBILE CERTIFICATOR APP ⚡⚡ quoted on exchange

Fake Ann Thread:
https://bitcointalk.org/index.php?topic=5188943.0;topicseen (reported)

Topic starter profile: https://bitcointalksearch.org/user/pochy123-995704 [pochy123]
Thread archives: https://archive.is/jxu96

---

Original ANN
https://bitcointalksearch.org/topic/ann-believe-posmn-mobile-certificator-app-quoted-on-exchange-5165669

Topic starter: https://bitcointalksearch.org/user/etherixdevs-2024018 [etherixdevs]

Coingecko: https://www.coingecko.com/en/coins/believe

---

---

---

Added: BitcoinCash Classic

SUSPICIOUS WALLET

Thread: https://bitcointalk.org/index.php?topic=5188182.0;topicseen
Topic starter: https://bitcointalksearch.org/user/bitcoincash-classic-bcc-2632284 [BitcoinCash Classic (BCC)]

Kaspersky scan results: https://i.postimg.cc/QM9wKk8j/image.png / not-A-viruses explanation https://www.kaspersky.com/blog/not-a-virus/18015/
Zipezap scan reults: https://zipezip.com/ufiles/c2ac4bc2aeb7302a5713f6df179202e3
Virus total scan results: https://www.virustotal.com/gui/file/ccb4e5d4968d5e1eec60dfc8ef5905196b8725be83463e03d91c9d9d8de630f8/detection

Next Fake ANN !

[ANN][LCC] Litecoin Cash | SHA256 LTC fork @ block 1371111 | 10:1 claim ratio

From the User : Naoisee  <-------    Please nuke that User


The download link was already removed from the system !


Here is the Original ANN :

[ANN][LCC] Litecoin Cash | SHA256 LTC fork @ block 1371111 | 10:1 claim ratio

From the User : LitecoinCashOfficial

---

Next Fake ANN here !

[ANN] KazuSilver [PoS] - A Decentralized Way of life

User : st0risk1n  <-------    Please nuke that User



The Original ANN is here

https://bitcointalksearch.org/topic/ann-kazusilver-pos-a-decentralized-way-of-life-5115573

No problem and you dont have to be worry , your ANN is the original and it was all going about the Fake ANN .
You are not the only one that they doing Fake ANNs , a lot of other ANNs get faked by this too and we try to catch them at the beginning when they created so that no Users fall into the Trap
they are doing with there Malware software that they have in there Links !

WOW, thank you so very much. It was a shock to me to see the fake ANN. I even reached out to the guy and made comments on my ann to try and get a responce to prove I am honest and hard working and only care to try and do some good. Thank you for all that you do !!

Another Fake Anns !

[MAINNET]"MimbleWimble", we cast this spell so mote it be. GRIMM was born.

User : gard508  <----   Please nuke that User




Original ANN:

https://bitcointalksearch.org/topic/mainnetmimblewimble-we-cast-this-spell-so-mote-it-be-grimm-was-born-5172476

---

Next Fake ANN

[ANN][MTNS] OmotenashiCoin | PoW/Masternode | no ICO

User : kat35  <------  Please Nuke that user

---

Next Fake ANN

https://bitcointalksearch.org/topic/ann-pos-coin-800-the-one-and-only-proof-of-stake-coin-with-wicked-daily-5188204

User : faisal sumroo   <----  Please Nuke that User

Thanks for posting and finding this fake ann, i have updated my first Post with the fake github link and tagged and reported the thread, please report them too so he get nuked and the thread gets deleted! Thank you.