|
Title: Reporting potential Bitcoin botnet Post by: PsykoTenshi on March 27, 2013, 02:47:47 AM Simply put, today when I started my comp the gpu was throttling like crazy. Apparently someone managed to infiltrate a bitcoin miner bot into my computer. I know I didn't do that willingly at least, not having just a "mere" Radeon HD4890, that won't get me anywhere with bitcoins. Also I've even identified when and how I did (unwittingly) install it, but that's another story.
So I figured I'd go make the guy's easy money plan backfire on him by reporting his bitcoin info to the community. Among the scripts I've found on my system, there was two url's, I hope that's enough. Quote http://ophelion_1:123@mergedmining.btcguild.com:8332 http://1ERX1hr6xbGDgt8cB2whUf9HpeqzTqp3T:x@mining.eligius.st:8337 I can also submit the .exe file that installs all this stuff for analysis if required. P.S.: The only rules I saw was "no posting illegal stuff" and "I understand I'll be restricted to the Newbies section", I am not aware if posting someone's bitcoin info is "illegal" or similar. In any case, the guy is a just lowly gpu processor cycles and bitcoins leecher, he doesn't deserve any special treatment. Title: Re: Reporting potential Bitcoin botnet Post by: odolvlobo on March 27, 2013, 02:53:13 AM Because he has btcguild in his URL, he is likely to be mining in the btcguild pool. Contact btcguild (http://www.btcguild.com/), and perhaps they can ban him or something.
Title: Re: Reporting potential Bitcoin botnet Post by: PsykoTenshi on March 27, 2013, 03:08:01 AM Aw I'll have to make even more new accounts. Oh well, it'll make for an even more satisfactory (if) successful backfire on the guy's "free money" plan.
Edit: Silly me not noticing they have IRC-based support before making an account. :facepalm: Title: Re: Reporting potential Bitcoin botnet Post by: eleuthria on March 27, 2013, 03:22:15 AM Aw I'll have to make even more new accounts. Oh well, it'll make for an even more satisfactory (if) successful backfire on the guy's "free money" plan. Thank you for coming into #btcguild IRC and reporting the user. I'll be looking at the account shortly to see if other factors point to the account being a botnet (which in most cases is possible when an outside report is made). If anything looks funny, paired with your report, the account will be disabled. Title: Re: Reporting potential Bitcoin botnet Post by: eleuthria on March 27, 2013, 04:12:48 AM The user was confirmed as definitely showing botnet activity, and their workers have been disabled.
Title: Re: Reporting potential Bitcoin botnet Post by: fcmatt on March 27, 2013, 04:16:52 AM How did you install it?
Title: Re: Reporting potential Bitcoin botnet Post by: mokahless on March 27, 2013, 06:34:04 AM I think it would be really cool to see what the exe installed. I'd love to run it in a vm.
Title: Re: Reporting potential Bitcoin botnet Post by: davidblack on April 15, 2013, 09:17:23 AM Hi - I'm looking into botnets & Bitcoin for Channel 4 News - anyone in the UK been affected and fancy talking to us?
Title: Re: Reporting potential Bitcoin botnet Post by: PsykoTenshi on April 19, 2013, 03:35:09 PM Oh... Sorry I didn't respond for so long, I utterly forgot about this.
@ fcmatt: Self extractor (poorly) disguised as game executable. I was careless, I know. @ mokahless: Sent you PM. @ davidblack: Well, I must say I feel honored, my English is good enough to pass as an English gentleman http://img14.imageshack.us/img14/4923/likeasiriconsmaller.png I'm an ocean away, in Argentina (southern corner of South America). Thanks for the offer though :) On a related note, hurray for eleuthria and his lightning fast response! |
