|
Title: [Warning] FiftyOnePercent TradeBot is malware. ANN is self-Moderated Post by: JeromeTash on August 28, 2023, 02:11:37 PM What happened: User ravoniokea posted a self-moderated announcement in which he is trying to advertise a bot which is actually malware
Scammers Profile Link: https://bitcointalk.org/index.php?action=profile;u=3387003 Sock puppet accounts involved: 1. https://bitcointalk.org/index.php?action=profile;u=3497144 2. https://bitcointalk.org/index.php?action=profile;u=452421 3. https://bitcointalk.org/index.php?action=profile;u=376541 Probably hacked or stolen Reference Link/ANN: https://bitcointalk.org/index.php?topic=5463988.0 Archive: https://ninjastic.space/post/62726027 https://www.virustotal.com/gui/file/9ed7ad1ccff53946a06f0a1d148316636862663e1fec63b01785ccdc307d1ce5/detection https://talkimg.com/images/2023/08/28/MiLY8.png Malicious file Code: https://github.com/fiftyone-percent/trade-bot/releases/tag/v1.2.0 Additional Notes: They deleted my comment once I exposed their sock puppet ring Quote I have been waiting for your launch for a long time, I will be happy to observe the development of the project. Good luck! An interesting project, in terms of functionality it doesn’t really differ from similar projects, but from the pluses I can single out that it has its own interface, which makes it easier to use. In short - at least I advise you to try. Yeah, this is definitely my top 5 Did you all just decide to wake up your inactive accounts at a specific period to advertise a service and bump this Announcement to create a fake buzzy feeling? Weak move.This makes your service even more suspicious ravoniokea (OP) - https://bpip.org/Profile?id=3387003 https://talkimg.com/images/2023/08/27/MB3G5.png Quote from: https://bpip.org/Profile?id=3387003 8/21/2023 1:02:12 AM Profile woke up New post li1460293896 - https://bpip.org/Profile?id=3497144 https://talkimg.com/images/2023/08/27/MBfHc.png Quote from: https://bpip.org/Profile?id=3497144 8/13/2023 4:26:01 AM Profile woke up New post JACKSW4G - https://bpip.org/Profile?id=452421 https://talkimg.com/images/2023/08/27/MBysP.png Quote from: https://bpip.org/Profile?id=452421 1/12/2023 3:27:50 PM woke up 7/23/2023 8:37:53 AM password changed 8/15/2023 9:00:05 AM password changed CryptoBillboard - https://bpip.org/Profile?id=376541 https://talkimg.com/images/2023/08/27/MBJ7q.png Quote from: https://bpip.org/Profile?id=376541 5/14/2023 4:32:33 PM woke up All these accounts are alts from OP to all the above replying posters with fake feedback. Title: Re: [Warning] FiftyOnePercent TradeBot is malware. ANN is self-Moderated Post by: light_warrior on August 28, 2023, 03:24:58 PM I have here discovered that one of the users who promotes a phishing link is evading a ban. It's JACKSW4G. I made a post about it in the appropriate thread. I will check the other accounts as soon as I have some free time.
https://bitcointalk.org/index.php?topic=5094661.msg62761260#msg62761260 Title: Re: [Warning] FiftyOnePercent TradeBot is malware. ANN is self-Moderated Post by: Nwada001 on August 28, 2023, 10:32:02 PM Even without even making further inquiries, the method used in advertising the bot is enough to make it look suspicious, as this form of shilling or scamming has been going on here, and people are cautious enough now, if I must say.
But what do these scammers even think of this forum? It's a place where they can just come and drop links in whatever method they want, and members won't try to check the genuineness of the platform shared. I have here discovered that one of the users who promotes a phishing link is evading a ban. It's JACKSW4G. I made a post about it in the appropriate thread. I will check the other accounts as soon as I have some free time. https://bitcointalk.org/index.php?topic=5094661.msg62761260#msg62761260 One case leads to the other, and who knows how many more you will have to dig out in the process of this? Title: Re: [Warning] FiftyOnePercent TradeBot is malware. ANN is self-Moderated Post by: albon on August 28, 2023, 11:44:08 PM What happened: User ravoniokea posted a self-moderated announcement in which he is trying to advertise a bot which is actually malware Thank you, Jerome, for making the community safe,If the OP of these Self-Moderated topics did not explain his purpose in creating them in this way, then this is sufficient evidence of his malicious intent. Although this scammer has been banned and his topic was deleted, which he published as a self-moderated ANN topic in order to prevent members from writing replies that expose his malicious bot that contains malwares, he can publish more topics using more stolen accounts such as those that wrote him positive feedbacks and posts positive replies in his topics, So each member must not download anything on his primary device to try it through self-moderated topics that are created by new members whose accounts have been newly created. In most sections, you now have the option of marking topics self-moderated when creating them. In self-moderated topics, the OP can delete replies. The option for enabling this is under "additional options". Topics cannot be converted to self-moderated topics after creation. There are no rules to self-moderation. In self-moderated threads, replies belong to the OP. Title: Re: [Warning] FiftyOnePercent TradeBot is malware. ANN is self-Moderated Post by: arabspaceship123 on August 31, 2023, 12:18:04 AM It's the first time I've noticed in a forum post Github's being used to upload malware. It's difficult we're living in a time when ppl who've downloaded software from Github find their cryptocurrencies vanished. Thanks you've exposed ppl who send malware to unsuspecting users we've all got to be careful with installing software.
Title: Re: [Warning] FiftyOnePercent TradeBot is malware. ANN is self-Moderated Post by: JeromeTash on August 31, 2023, 11:10:30 AM It's the first time I've noticed in a forum post Github's being used to upload malware. It's difficult we're living in a time when ppl who've downloaded software from Github find their cryptocurrencies vanished. Thanks you've exposed ppl who send malware to unsuspecting users we've all got to be careful with installing software. They have been using GitHub as well to post malware for ages. The good news is that once you report such profiles in GitHub with evidence of the files the uploaded being malicious, they will immediately act and ban the profile, like they did with FiftyOnePercent TradeBot when I reported.https://talkimg.com/images/2023/08/31/Mqmwl.png Title: Re: [Warning] FiftyOnePercent TradeBot is malware. ANN is self-Moderated Post by: BABY SHOES on September 23, 2023, 01:35:40 AM I found the same thing today in the forum, there were 5 users who created self-moderated ANNs which were actually spreading malware simultaneously with accounts created at the same time.
https://www.talkimg.com/images/2023/09/23/6l9Cc.png I've reported this in @Lafu's thread - Also report it to the moderator Found fake threads by spreading viruses from apps downloaded from fake GitHub, ANN: https://bitcointalk.org/index.php?topic=5467770.0 Account: tawaresder (https://bitcointalk.org/index.php?action=profile;u=3387534) Fake GitHub: (Created 41 minutes ago) Code: https://github.com/bitxor-coin/bitxor-coin/releases/tag/v1.0.3 https://www.talkimg.com/images/2023/09/23/6lViv.png Virustotal: https://www.virustotal.com/gui/file/545d03832a26a05559d378c2669c97e5af0a84303c3830b701afad496dc88559 ANN: https://bitcointalk.org/index.php?topic=5467768.0 Account: Ujetanokilk (https://bitcointalk.org/index.php?action=profile;u=3387533) Fake GitHub: (Made a few hours ago) Code: https://github.com/thewebers-coin/thewebers-coin/releases/tag/v1.0.1 https://www.talkimg.com/images/2023/09/23/6lL4I.png ANN: https://bitcointalk.org/index.php?topic=5467764.0 Account: ikopreditero (https://bitcointalk.org/index.php?action=profile;u=3387532) Fake GitHub: Code: https://github.com/Scrooge-Coin/Scrooge-Coin/releases/tag/v1.2.1 https://www.talkimg.com/images/2023/09/23/6lh2d.png Virustotal: https://www.virustotal.com/gui/file/c625324960a6c20b41472c901c6521a9bc92d75edaf0f42a45c93892fe1f5b11 ANN: https://bitcointalk.org/index.php?topic=5467771.0 Account: gattokoter (https://bitcointalk.org/index.php?action=profile;u=3387537) Fake GitHub: Code: https://github.com/Capy-Coin/Core/releases/tag/v1.2.2 https://www.talkimg.com/images/2023/09/23/6l4rz.png Virustotal: https://www.virustotal.com/gui/file/bf3e4c13e6f965d38d88087e8ef861d9acf2d8eb9398178e679c19d28214d2b7?nocache=1 ANN: https://bitcointalk.org/index.php?topic=5467759.0 Account: likkosader (https://bitcointalk.org/index.php?action=profile;u=3387531) Fake GitHub: Code: https://github.com/Shmingus-Coin/Core/releases/tag/v1.1.0 https://www.talkimg.com/images/2023/09/23/6l5W2.png Virustotal: https://www.virustotal.com/gui/file/c6bf52a2d0904e1ec337401ddebd782885e505ffc126f4a8838678d6ef2793bf Title: Re: [Warning] FiftyOnePercent TradeBot is malware. ANN is self-Moderated Post by: Husires on September 23, 2023, 03:53:21 AM Thanks for the warning. I thought that posting the code publicly might be a positive for trust, as the code will be reviewed and of course if there is a problem it will be discovered, but it seems that the scammers are relying on people being lazy and will not check the code.
self-moderated ANNs detected them, but it is better to avoid installing such open source software without searching for who checked the code. Title: Re: [Warning] FiftyOnePercent TradeBot is malware. ANN is self-Moderated Post by: JeromeTash on September 23, 2023, 03:04:50 PM I found the same thing today in the forum, there were 5 users who created self-moderated ANNs which were actually spreading malware simultaneously with accounts created at the same time. Nice catch, keep up the good work. Thanks for the warning. I thought that posting the code publicly might be a positive for trust, as the code will be reviewed and of course if there is a problem it will be discovered, but it seems that the scammers are relying on people being lazy and will not check the code. They don't post the malicious source code publicly per se, but they use GitHub to upload their malicious files and also fork repositories of existing legitimate projects to make it appear as through they are also legitimate.self-moderated ANNs detected them, but it is better to avoid installing such open source software without searching for who checked the code. Title: Re: [Warning] FiftyOnePercent TradeBot is malware. ANN is self-Moderated Post by: arabspaceship123 on September 23, 2023, 11:37:53 PM GitHub's got to defend their rep so it's in their benefit. Malware isn't going away scammers aren't going to stop using it they'll change profiles to start over. It's a good result you've reported FiftyOnePercent TradeBot to them.
They have been using GitHub as well to post malware for ages. The good news is that once you report such profiles in GitHub with evidence of the files the uploaded being malicious, they will immediately act and ban the profile, like they did with FiftyOnePercent TradeBot when I reported. Title: Re: [Warning] FiftyOnePercent TradeBot is malware. ANN is self-Moderated Post by: BABY SHOES on September 24, 2023, 12:04:43 AM I found the same thing today in the forum, there were 5 users who created self-moderated ANNs which were actually spreading malware simultaneously with accounts created at the same time. Nice catch, keep up the good work. Like his sock puppet accounts they are many probably dozens as I found again at almost the same time they spread back on his self-moderated forum with 5 sock accounts currently. I'm guessing they'd be doing this every day if there were still that many accounts in storage. New arrests that have been reported in the @Lafu thread. https://bitcointalk.org/index.php?topic=5182222.msg62892393#msg62892393 |
