|
Title: MINING.ML malware Post by: LordCoder on August 11, 2015, 04:18:11 PM I do not know where to post this, so please move if it's the wrong place
After I saw the software here: https://bitcointalk.org/index.php?topic=1150125.0 I decided to take a look at it. Of course it installs a miner in your computer + a keylogger. Furthermore, it calls another executable after decrypting it via RunPE. A quick scan on Malwr showed the domain where it sends the stuff: https://malwr.com/analysis/MzdjMjlmMzBkYzVhNGY2MjljNTE2OTQyYTljOTQwYjk/ Everything was protected with ConfuserEx so that AVs don't detect most of it. The domain is: pownedfag.pw IP: 87.208.65.27. Take care and do not download that shit. Regards, Title: Re: MINING.ML malware Post by: BanzaiBTC on August 11, 2015, 04:22:01 PM This is the bastard...
https://bitcointalk.org/index.php?action=profile;u=405566 At least one of his accounts LOLLOLLOL What a sad bastard http://puu.sh/jxHbd/f2b2976983.png Title: Re: MINING.ML malware Post by: ocminer on August 11, 2015, 04:27:23 PM Thanks for posting the info, I really wonder what the Mods are doing ... Usually they ban/delete everything but those malware attempts seem to stay forever...
Title: Re: MINING.ML malware Post by: DebitMe on August 11, 2015, 04:29:28 PM Thanks for posting the info, I really wonder what the Mods are doing ... Usually they ban/delete everything but those malware attempts seem to stay forever... It must be a bot set up to post that link on a ton of threads. I have seen it posted just randomly around and always report the post, not sure if it ever gets banned though. I had reported a bunch of them a few days ago, and the admins must have ignored it because it brought my accuracy down almost 10%. Title: Re: MINING.ML malware Post by: LordCoder on August 11, 2015, 04:30:17 PM Thanks for posting the info, I really wonder what the Mods are doing ... Usually they ban/delete everything but those malware attempts seem to stay forever... It must be a bot set up to post that link on a ton of threads. I have seen it posted just randomly around and always report the post, not sure if it ever gets banned though. I had reported a bunch of them a few days ago, and the admins must have ignored it because it brought my accuracy down almost 10%. I have never seen a scammer with a closed account. Maybe they want to keep them, who knows. Title: Re: MINING.ML malware Post by: ocminer on August 11, 2015, 04:31:52 PM Thanks for posting the info, I really wonder what the Mods are doing ... Usually they ban/delete everything but those malware attempts seem to stay forever... It must be a bot set up to post that link on a ton of threads. I have seen it posted just randomly around and always report the post, not sure if it ever gets banned though. I had reported a bunch of them a few days ago, and the admins must have ignored it because it brought my accuracy down almost 10%. Same for me, reported some - nothing happened... Title: Re: MINING.ML malware Post by: goodguyed on August 11, 2015, 04:36:55 PM I can't imagine people click on those links.
I hope people don't click on those links. Title: Re: MINING.ML malware Post by: ocminer on August 11, 2015, 04:37:34 PM I can't imagine people click on those links. I hope people don't click on those links. Yes they do unfortuantely.. Otherwise those scammers wouldn't invest so much energy in such stuff... Title: Re: MINING.ML malware Post by: logocreator on August 11, 2015, 04:46:06 PM it is a virus, reported a few days ago, as ocminer says nothing happend
Title: Re: MINING.ML malware Post by: Suntouri on August 11, 2015, 04:47:42 PM This is the bastard... Its a robber accounthttps://bitcointalk.org/index.php?action=profile;u=405566 At least one of his accounts LOLLOLLOL What a sad bastard [img]http://puu.sh/jxHbd/f2b2976983.png[ /img] I report 3-4 message and mods dont delete it :/ please mods, ban him now Title: Re: MINING.ML malware Post by: LordCoder on August 11, 2015, 04:57:14 PM it is a virus, reported a few days ago, as ocminer says nothing happend I have suspected it has more than a miner inside, I didn't run it of course. Luckily I have reported it today so that nobody falls in that shit. Title: Re: MINING.ML malware Post by: djm34 on August 11, 2015, 04:58:54 PM actually I reported already that guy twice, the post got deleted.
But yes that guy should be banned Title: Re: MINING.ML malware Post by: badam on August 11, 2015, 05:00:16 PM This is the bastard... Its a robber accounthttps://bitcointalk.org/index.php?action=profile;u=405566 At least one of his accounts LOLLOLLOL What a sad bastard [img]http://puu.sh/jxHbd/f2b2976983.png[ /img] I report 3-4 message and mods dont delete it :/ please mods, ban him now Useless. he is posting from new accounts(but still old accounts at forum) all the time. I guess the virus gets the infected ones bt account too that's how he can get old accounts to post from Title: Re: MINING.ML malware Post by: djm34 on August 11, 2015, 05:02:12 PM Thanks for posting the info, I really wonder what the Mods are doing ... Usually they ban/delete everything but those malware attempts seem to stay forever... It must be a bot set up to post that link on a ton of threads. I have seen it posted just randomly around and always report the post, not sure if it ever gets banned though. I had reported a bunch of them a few days ago, and the admins must have ignored it because it brought my accuracy down almost 10%. Title: Re: MINING.ML malware Post by: Mickeyb on August 22, 2015, 05:14:38 PM So do you need to download a software from the website www.mining.ml or is it just enough to visit this website?
Thanks! Title: Re: MINING.ML malware Post by: LordCoder on August 22, 2015, 05:15:39 PM So do you need to download a software from the website www.mining.ml or is it just enough to visit this website? Thanks! Download the software. It's simply a .NET Framework, don't worry if you haven't run it. Title: Re: MINING.ML malware Post by: Mickeyb on August 22, 2015, 05:17:31 PM So do you need to download a software from the website www.mining.ml or is it just enough to visit this website? Thanks! Download the software. It's simply a .NET Framework, don't worry if you haven't run it. Ok, so if I just entered the site, I have nothing to worry about? Thanks for the help! Title: Re: MINING.ML malware Post by: LordCoder on August 22, 2015, 05:20:24 PM So do you need to download a software from the website www.mining.ml or is it just enough to visit this website? Thanks! Download the software. It's simply a .NET Framework, don't worry if you haven't run it. Ok, so if I just entered the site, I have nothing to worry about? Thanks for the help! Nothing to worry about. Original domain: http://www.nutrilonexport.com/ Title: Re: MINING.ML malware Post by: LordCoder on August 29, 2015, 01:50:10 PM That asshole hacked this account, he didn't change the password luckily. Now I have bad rep :(
|
