|
Title: Users spreading malware (cryptojacking) + strange behavior Post by: SFR10 on October 20, 2018, 05:33:15 PM Users in question:
a) Recently they both started posting (after a lengthy hiatus) multiple threads across different boards (including local boards). b) I scanned the link of the service (Mammon) that they were promoting but nothing came up on virustotal and other similar website. c) Then I checked the included YouTube link (only some of the threads have it). I noticed there's a different link (original one) on the description of the video than the one given on these new threads. d) So I searched for the original thread and found it: Mammon - Desktop Ticker Price Tracker (https://archive.fo/vgIzs) e) Then I went over the other given links (from the above two users) and surprisingly, they included "this Medium link (https://medium.com/@ofarukcaki/be-aware-that-mammon-cryptocurrency-ticker-app-mining-on-your-pc-1e73dd374fda) (explains the cryptojacking part)".
- The above results shows the connection between "seniorhuman (https://bitcointalk.org/index.php?action=profile;u=1196156), Rockford99 (https://bitcointalk.org/index.php?action=profile;u=12652) and rcocchiararo (https://bitcointalk.org/index.php?action=profile;u=18294)" and if we take the above "Medium (https://medium.com/@ofarukcaki/be-aware-that-mammon-cryptocurrency-ticker-app-mining-on-your-pc-1e73dd374fda)" link into consideration, then these three users have spread malware (cryptojacking) across different boards and need to be punished. This thread serves as a reference for my report. Update Another one: Pilippe (https://bitcointalk.org/index.php?action=profile;u=17056) - (Latest posts (https://archive.fo/LZ8A2#selection-323.0-3927.10)) Title: Re: Users spreading malware (cryptojacking) + strange behavior Post by: Lafu on October 20, 2018, 07:08:04 PM Yeb they spam the whole forum with that kind of shitposts and links !
I reported them already ! Hardcore Spamming ! - Pilippe 44 posts with that - Rockford99 10 Posts - rcocchiararo 6 posts Update : - Pilippe is Banned - rcocchiararo 3 topics removed - Rockford99 3 topics removed 3 posts deleted Title: Re: Users spreading malware (cryptojacking) + strange behavior Post by: Halab on October 21, 2018, 03:20:50 PM There was ReadySalted (https://bitcointalk.org/index.php?action=profile;u=36413) too, but he is already banned.
https://archive.fo/0nr6T https://archive.is/zFHdK#selection-2381.4-2381.16 https://archive.fo/6QQP7#selection-3671.3-3671.15 https://archive.is/s3s82#selection-3225.4-3225.17 https://archive.is/Fzphm#selection-1901.4-1901.16 https://archive.is/bsHKS#selection-2999.3-2999.27 And an another "attack" today on french boards by n2liquid (https://bitcointalk.org/index.php?action=profile;u=25800) https://archive.fo/lh87k#selection-1755.2-1755.15 https://archive.is/U3mzg#selection-3683.3-3683.29 https://archive.is/NAudG#selection-4879.1-4879.25 https://archive.is/NhK9k#selection-5551.3-5551.27 https://archive.is/HLI1v#selection-4761.3-4761.24 https://archive.is/Bc1SZ#selection-7077.0-7077.19 https://archive.is/Vkkaw#selection-4579.3-4579.25 https://archive.is/qaXDl#selection-1903.4-1903.17 https://archive.is/OsTXE#selection-3133.6-3133.17 Posts deleted on french boards, but I can't nuke him. Title: Re: Users spreading malware (cryptojacking) + strange behavior Post by: kenzawak on October 21, 2018, 03:22:06 PM Thanks to Halab, I just noticed this thread.
I posted about n2liquid earlier here : https://bitcointalk.org/index.php?topic=5054593.0 He keeps posting the same shit everywhere about his app : https://bitcointalk.org/index.php?action=profile;u=25800;sa=showPosts https://archive.fo/7A4aG I reported his last 8 posts but I guess he's not done. Can someone ban this guy ? EDIT : the French moderator just posted that the link this guy posted was leading to a malware. Title: Re: Users spreading malware (cryptojacking) + strange behavior Post by: Lafu on October 21, 2018, 03:47:24 PM ~Snip~ Nice dude , i have reported on the German board some too ! And they also got deleted ! Title: Re: Users spreading malware (cryptojacking) + strange behavior Post by: Halab on October 21, 2018, 03:58:07 PM And they also got deleted ! And n2liquid, Rockford99, rcocchiararo are already banned. Thanks Global Mods. Title: Re: Users spreading malware (cryptojacking) + strange behavior Post by: kenzawak on October 21, 2018, 04:16:07 PM Another one just appeared :
chessdragon (https://bitcointalk.org/index.php?action=profile;u=29027;sa=showPosts) https://archive.fo/7xbGD I have a feeling this could last for a while. Title: Re: Users spreading malware (cryptojacking) + strange behavior Post by: tmfp on October 21, 2018, 04:43:34 PM There's a number of c.2011 registered accounts about that have recently been reactivated for spamming.
Title: Re: Users spreading malware (cryptojacking) + strange behavior Post by: LFC_Bitcoin on October 21, 2018, 04:48:44 PM Another one just appeared : chessdragon (https://bitcointalk.org/index.php?action=profile;u=29027;sa=showPosts) https://archive.fo/7xbGD I have a feeling this could last for a while. I literally just noticed the behaviour of chessdragon & made a thread requesting a mod to nuke him/her. He/she made 15 shill posts today but before that last activity was 2011. Title: Re: Users spreading malware (cryptojacking) + strange behavior Post by: asche on October 21, 2018, 04:53:37 PM Another one just appeared : chessdragon (https://bitcointalk.org/index.php?action=profile;u=29027;sa=showPosts) https://archive.fo/7xbGD I have a feeling this could last for a while. Also reported here : https://bitcointalk.org/index.php?topic=5054636 Title: Re: Users spreading malware (cryptojacking) + strange behavior Post by: SFR10 on October 21, 2018, 05:11:25 PM ~Snipped~ ~Snipped~ ~Snipped~ ~Snipped~ Thank you for contributing guys...There's a number of c.2011 registered accounts about that have recently been reactivated for spamming. Unfortunately, you're right. The good thing is the fact that, they're using "Newbie" accounts and this can easily be fixed with adding that website into "suspicious links blacklist (https://bitcointalk.org/index.php?topic=1390905.msg14490887#msg14490887) (in case an admin reads this [the sooner the better])".Title: Re: Users spreading malware (cryptojacking) + strange behavior Post by: asche on October 21, 2018, 05:35:28 PM ~Snipped~ ~Snipped~ ~Snipped~ ~Snipped~ Thank you for contributing guys...There's a number of c.2011 registered accounts about that have recently been reactivated for spamming. Unfortunately, you're right. The good thing is the fact that, they're using "Newbie" accounts and this can easily be fixed with adding that website into "suspicious links blacklist (https://bitcointalk.org/index.php?topic=1390905.msg14490887#msg14490887) (in case an admin reads this [the sooner the better])".Not sure you linked the topic you wanted. Is there a topic thats lists suspicious link posted around here? As "suspicious links blacklist" seems to indicate? Title: Re: Users spreading malware (cryptojacking) + strange behavior Post by: SFR10 on October 21, 2018, 06:32:16 PM Not sure you linked the topic you wanted. I linked "an specific post (that briefly explained about the subject in those quote marks) within a topic".Is there a topic thats lists suspicious link posted around here? As "suspicious links blacklist" seems to indicate? No, there isn't any (AFAIK). Only an admin (e.g. theymos (https://bitcointalk.org/index.php?action=profile;u=35)) has access to such list.Title: Re: Users spreading malware (cryptojacking) + strange behavior Post by: kenzawak on October 22, 2018, 11:13:01 AM One more :
dyiosah (https://bitcointalk.org/index.php?action=profile;u=39348;sa=showPosts) https://archive.fo/RQxC2 Title: Re: Users spreading malware (cryptojacking) + strange behavior Post by: Lafu on October 22, 2018, 11:18:07 AM One more : dyiosah (https://bitcointalk.org/index.php?action=profile;u=39348;sa=showPosts) https://archive.fo/RQxC2 Is still reported , hopefuly they all get banned ! Title: Re: Users spreading malware (cryptojacking) + strange behavior Post by: Halab on November 15, 2018, 01:13:55 PM Mammon strikes back in french section with the user FRanz33 (https://bitcointalk.org/index.php?action=profile;u=6130) (Date Registered: 12 March 2011, 08:39:18)
https://archive.fo/uZWEq#selection-3671.17-3671.24 https://archive.is/bjReS#selection-539.17-539.24 https://archive.is/J2pF7#selection-2749.17-2749.24 https://archive.is/sKnmj#selection-1911.17-1911.24 https://archive.is/DaZtf#selection-5015.17-5015.24 and a lot more messages in other local section. Please ban. Title: Re: Users spreading malware (cryptojacking) + strange behavior Post by: kenzawak on November 15, 2018, 09:17:43 PM Ferr is another handle spreading this shit :
Ferr (https://bitcointalk.org/index.php?action=profile;u=30469;sa=showPosts) https://archive.fo/5K2Kd https://archive.fo/d6kPL Title: Re: Users spreading malware (cryptojacking) + strange behavior Post by: Halab on November 16, 2018, 01:47:35 PM Mammon's Spam of the Day with pozhuk (https://bitcointalk.org/index.php?action=profile;u=34132).
https://archive.fo/TdLT7#selection-4263.0-4263.6 |