Yeah, it's infected. See my previous post. Edit: Or at least it doesn't want to run with a monitor program running, which is suspect as hell, of course. |
|
|
|
Yacoin.exe did not access my bitcoin wallet.dat. Checked with process monitor. Cannot replicate the issue.
I found another post where an antivirus friendly minerd was hosted on mega. Can anyone confirm that this was where you downloaded rather than the other link https://mega.co.nz/# !shoxkb5b!DjiCAQBQ627TaW0oet1C7mvqM7Q2-2u-g4kDRHbniU4 Can confirm that this Minerd is indeed infected:  |
|
|
|
|
Yacoin.exe did not access my bitcoin wallet.dat. Checked with process monitor. Cannot replicate the issue.
|
|
|
|
|
We need screenshots of Wireshark, Process Monitor or Firewall warnings. I can't replicate the issue at all. I've been trying to make it steal my (empty) bitcoin wallet.dat in a VMware, but I'm not succeeding.
|
|
|
|
|
I can't replicate the findings in Process Monitor. Could someone please post some proof of Wireshark, process monitor or firewall screenshots?
|
|
|
|
That's true, however it should not be making a connection to a free web host that does not allow shell access, nor access my Bitcoin wallet.dat file.
Can you please give me a SHA-1 or MD5 hash of the infected .exe? Would like to check if I'm using the same one. |
|
|
|
|
I don't see Yacoin.exe accessing my bitcoin wallet.dat via process monitor. Could you tell me exactly which .exe you are using? Could you give me the MD5 or SHA-1 hash of the Yacoin.exe that supposedly stole your wallet? Maybe the link got swapped with a different one later on? Or someone else gave away his own link with a trojan compiled into the binary? I'm using the .exe that I downloaded an hour or so after the launch.
|
|
|
|
|
I don't see Yacoin.exe accessing my bitcoin wallet.dat via process monitor. Could you tell me exactly which .exe you are using? Could you give me the MD5 or SHA-1 hash of the Yacoin.exe that supposedly stole your wallet?
|
|
|
|
Virustotal did not find anything suspicious and process monitor confirmed that it did not touch the wallet.dat file, so it looks like it's safe.  I haven't actually logged in with the application though, since I do not have an account. Regardless of that, I am not responsible if anything happens. Just did some quick tests. I still recommend running new applications in a virtual machine or a sandbox. Thanks for sharing OP |
|
|
|
yeah i know, far too sceptical imho.
Not skeptical enough. People are getting hacked left and right. Edit: If it seems like I'm attacking you personally, I'm not. I'm just giving everyone a fair warning to be careful. Nothing more, nothing less. |
|
|
|
ofcourse, check it with a virus scanner if you like, everyone on mcxnow was sceptical but scanned it, used it and were happy. Autoruns are not harmful, every software cd you get has an autorun file. js.
You have to understand people are skeptical around here. Anyway, I'll run the program in a VMware and monitor it with Process Monitor. Let's see if it accesses something sketchy (wallet.dat for example). |
|
|
|
|
autorun file in that zip, proceed with caution!
|
|
|
|
|
Very cool, thank you very much for this! Does this fork have it's own version numbers? It's difficult to keep P2Pool up-to-date if you can't tell what version I'm running and what the latest version is. Thank you very much again! Awesome work!
|
|
|
|
Can you give us your networks.py entries you uses so others can get p2pools up to spread the load? The twisted library for python is known to have problems with too many hits at once. +1 Would love to run my own instance of P2Pool and mine via that |
|
|
|
|
Does anyone know how I can choose another port for YaCoin? I'm running multiple computers, so I'd like to forward a different port for YaCoin for each computer.
|
|
|
|
how you guys getting more connections? I only have 8....
open port 7688 on your router and forward it I'm mining on 4 different PCs on the same LAN. How am I going to forward the port to all PCs? Is it possible to configure YaCoin to use a different port on each PC? You only need to open the port on the computer which is hosting the client. Don't worry about forwarding the port for the mining computers, just the computer with the wallet. That's how I do it with other coins, but with this one, you are forced to use a wallet to mine on each computer. |
|
|
|
how you guys getting more connections? I only have 8....
open port 7688 on your router and forward it I'm mining on 4 different PCs on the same LAN. How am I going to forward the port to all PCs? Is it possible to configure YaCoin to use a different port on each PC? Use -addnode to add the machine the router routes the port to to the other nodes' list of nodes to connect to. They all will thus have direct LAN connection to the one that has the many external connections. -MarkM- Thanks for the tip! Will the other computers get 8+ connections as well? Or will they still show 8, but are connected through the computer that has 8+ connections? |
|
|
|
Just put your computer in the DMZ and never have problems again. lol
I'm about to open an orphanarium, anyone want to send me more orphans?
DMZ is a security risk AFAIK? |
|
|
|
The windows binaries are compiled with UPNP support disabled  Use the Source, Luke!  -MarkM- EDIT: Merely disabled, as in, not on by default? Or not compiled in? If compiled in, enable/disable is just a toggle... (Builder gets to choose, if compiling it in, whether it is on/enabled by default or off/disabled by default. Check commmandline, config file, and maybe even GUI options/toggles...) Not compiled in. The option is greyed out. |
|
|
|
|
Show Posts
