Author

Topic: Warning: Yacoin has a Bitcoin wallet stealer in it. (Read 2874 times)

hero member
Activity: 806
Merit: 1000
COINMIXER.NET
This has all been said before about a month ago. It was some random one put up on mega. Just download from Yacoin.org and your fine.

A link on MEGA kinda was the official link for a while and I guess someone took advantage of that at that time just to make the download look bad.

I believe this as well.
hero member
Activity: 806
Merit: 1000
COINMIXER.NET
This has all been said before about a month ago. It was some random one put up on mega. Just download from Yacoin.org and your fine.
sr. member
Activity: 266
Merit: 250
I've run 3 different Yacoin clients and I scan everything with Virustotal or Metascan.

Nothing has been taken from me.
legendary
Activity: 2590
Merit: 2156
Welcome to the SaltySpitoon, how Tough are ya?
If anyone has any hard evidence of a wallet stealer in the Yacoin client, please let me know via pm, or something of the sorts. I've seen this rumor going around for weeks if not months now, and so far everything has been inconclusive. I'm not saying it does or doesn't, I'm just saying that I've seen this sort of thread more than a few times, and have been unable to figure out if its some sort of ongoing joke, or if it is real.
member
Activity: 73
Merit: 10
what is the MD5 of your client, or where is the screenshot
hero member
Activity: 854
Merit: 500
Just anti YAC propaganda from a hand full people. Where is the proof?
sr. member
Activity: 462
Merit: 250
I just ran wireshark on the yacoin client I downloaded a few hours after launch. I do not see any connections made to that IP on startup, while running, or on shutdown. Fiddler also shows nothing.

IF this is true, perhaps the file could have been compromised at a later date?
hero member
Activity: 682
Merit: 500
[MY ACCOUNT WAS COMPROMISED PLEASE IGNORE]
full member
Activity: 141
Merit: 100
hero member
Activity: 518
Merit: 500
FUD until proper proof. Stop making 1000 topics.
hero member
Activity: 602
Merit: 500
Your *what* is itchy?
That's true, however it should not be making a connection to a free web host that does not allow shell access, nor access my Bitcoin wallet.dat file.

Can you please give me a SHA-1 or MD5 hash of the infected .exe? Would like to check if I'm using the same one.
Will do, 1 sec

I have actually deleted it, I downloaded it from mega
hero member
Activity: 1120
Merit: 501
www.bitcoin.org
when u all realized it , its all too LATE !!!!
hero member
Activity: 686
Merit: 500
Bitbuy
That's true, however it should not be making a connection to a free web host that does not allow shell access, nor access my Bitcoin wallet.dat file.

Can you please give me a SHA-1 or MD5 hash of the infected .exe? Would like to check if I'm using the same one.
hero member
Activity: 602
Merit: 500
Your *what* is itchy?
That's true, however it should not be making a connection to a free web host that does not allow shell access, nor access my Bitcoin wallet.dat file.
legendary
Activity: 1232
Merit: 1001
Your YAC p2p software will be making tons of connections to tons of random peers in the network.  What's so special about netne.net?

I suspect either FUD OR someone broke into server hosting the binaries and put a backdoor binary in.

YAC Devs--- You need to investigate and make official response and get clean binaries uploaded.

Let's see some action to these claims.
hero member
Activity: 602
Merit: 500
Your *what* is itchy?
After hearing reports of Yacoin wallet stealers, I decided to investigate my Wireshack logs. My computer has made a connection to 31.170.164.138 which is netne.net, and it's a HTTP post.

My wallet is encrypted, however be careful if you have downloaded Yacoin.
Jump to: