Bitcoin Forum
May 03, 2024, 11:36:02 PM *
News: Latest Bitcoin Core release: 27.0 [Torrent]
 
  Home Help Search Login Register More  
  Show Posts
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 [45] 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 »
881  Bitcoin / Bitcoin Technical Support / Re: I just got hit with an Evrial trojan virus, what precautions should i take? on: June 24, 2019, 01:15:45 PM
Full report is now ready..

https://www.hybrid-analysis.com/sample/c41c028d807d241027ce0c62e317f46cd68426c5ce1a3204bfc20a8b05ccd47f/5d10ca27038838004c83abab


Code:
Found potential URL in binary/memory

details
    Heuristic match: "iplogger.org"
    Heuristic match: "pastebin.com"
    Pattern match: "https://iplogger.org/templates/new/i/200x200.png"
    Pattern match: "https://maper.info/XuBf3"
    Pattern match: "https://iplogger.org/rules/"
    Heuristic match: "GET /raw/diuCKBNL HTTP/1.1
    Host: pastebin.com" 
source
    String
relevance
    10/10


it also seems to contact a US server and a DE (german) server I will try do some more indepth on the EXE when I have some more time later.

Bob is correct the best thing to do is to wipe down.

You can look at something like DBAN  ( https://dban.org/ )
This will allow you to securely wipe the HD and make sure there is nothing left on the system..

Another things possibly you should check is your bios make sure nothing has been modified in the BIOS but from looking at this malware I don't think it's packed with a rootkit or bootkit.



Code:
Domain 	Address 	Registrar 	Country
iplogger.org
	88.99.66.31
TTL: 1487 	Regtime Ltd.
Name Server: NS1.FASTVPS.RU
Creation Date: Sun, 03 Apr 2011 15:52:04 GMT 	Flag of Germany Germany
pastebin.com
	104.20.209.21
TTL: 233 	ENOM, INC.
Organization: WHOISGUARD, INC.
Name Server: SUE.NS.CLOUDFLARE.COM
Creation Date: Tue, 03 Sep 2002 00:00:00 GMT 	Flag of United States United States
Contacted Hosts
IP Address 	Port/Protocol 	Associated Process 	Details
88.99.66.31
443
TCP 	ema20cross20bybit20v1.exe
PID: 2920 	Flag of Germany Germany
104.20.209.21
443
TCP 	ema20cross20bybit20v1.exe
PID: 2920 	Flag of United States United States
Contacted Countrie




Attack surface processing.  Seems to hook.
882  Bitcoin / Bitcoin Technical Support / Re: I just got hit with an Evrial trojan virus, what precautions should i take? on: June 24, 2019, 01:00:28 PM
https://www.virustotal.com/gui/url/37a835c912cc5f98786ddf4f19b4d97398fb9aa76739aa89387e83a0bd268394/detection

Here is the report from VT on that file suspect it's crypted hence not being detected by AV scanners to I am surprised that Malware bytes actually removed it.

This is another reason to show that AV is basicly useless in the wild now since swapping a few bytes in the code seems to be enough to bypass most AV's out there now.

Bad times.


Edit*    Include Hybrid analysis report if you look at this report your will see it's detected by this platform more so than Virus total.

https://www.hybrid-analysis.com/sample/c41c028d807d241027ce0c62e317f46cd68426c5ce1a3204bfc20a8b05ccd47f
883  Bitcoin / Bitcoin Technical Support / Re: I just got hit with an Evrial trojan virus, what precautions should i take? on: June 24, 2019, 12:53:13 PM
If I was you I would still wipe down you can never be sure there is not something lurking on the system after infection.
Your best to DC from the internet and cleardown.

You could run some tools like malware bytes to check for additional infections but my advice would be to fully wipe down to be sure your not keeping anything that may be infected.

@bob123 good spot I think I will submit this EXE to virus total ect and report the repo to github for malware.
884  Bitcoin / Bitcoin Technical Support / Re: I just got hit with an Evrial trojan virus, what precautions should i take? on: June 24, 2019, 12:42:46 PM
Quote from: SwayStar123 on June 24, 2019, 12:37:57 PM
Quote from: bob123 on June 24, 2019, 12:06:44 PM

I have the code for the virus on pastebin, maybe you can check it and see what it does? Im no good at programming but im gonna try and see too

https://github.com/nodeoperate/gekko
https://pastebin.com/N8T2DZu8

I don't see anything in the pastebin that looks like a virus it seems to be a trading stratagy?
I'm guessing you got the virus when trying to run the bot from github?

My thoughts would be there is a downloader somewhere in the codebase and on runtime reaches to some server and downloads the payload.
885  Bitcoin / Bitcoin Technical Support / Re: I just got hit with an Evrial trojan virus, what precautions should i take? on: June 24, 2019, 12:36:04 PM
On a second note your should also submit the URL and or file that contains the malware to places like Virus total or Hybrid-analysis as this will help to pass the infected file around AV company's and it may help others block this malware.

https://www.virustotal.com/gui/

https://www.hybrid-analysis.com/
886  Bitcoin / Development & Technical Discussion / Re: Understanding The Satoshi Codebase (Series) PART 1 - on: June 24, 2019, 12:31:05 PM
Quote from: pooya87 on June 24, 2019, 03:58:36 AM
Quote from: MagicByt3 on June 23, 2019, 08:13:20 PM
A quick breakdown of the genesis block.

sorry but this post doesn't make any sense!
first of all what you are posting below this is not genesis block.
secondly the block header you posted doesn't exist since the block that has 0<...>02B431... as its previous block is block #556397 which has a different everything from version to merkle root.
and finally i think you made a mistake with the hash of the header since hash (2x SHA256) of what you posted in #2 is:
Code:
624c81aa80756ccde92f2d51bc2df1c95a5f9065cb5419b727d9ab859f2278cb
but the value you posted in #4 is not even close to this, not even 32 byte (it is 64 bytes)


Thanks for pointing that out it should have been called the raw block not geneisis block was quite tired when posting.

I will fix the above and I think you are correct I did make a mistake with the header thank you for pointing this out @pooya87
887  Bitcoin / Development & Technical Discussion / Re: How could you ever solo-mine bitcoin with CPU? on: June 24, 2019, 12:27:24 PM
Quote from: itod on June 24, 2019, 10:02:52 AM
Quote from: MagicByt3 on June 23, 2019, 04:58:54 PM
Quote from: HeRetiK on June 23, 2019, 04:38:03 PM
Quote from: Coding Enthusiast on June 23, 2019, 03:15:24 PM
[...] For example in block #3 if you deduct 1 second from the time (the block time field) we won't find the hash we were looking for (smaller than the target).
So practically you may do this multiple times to find the correct result and my problem is that the numbers (according to hashrate) don't make sense.

Ah, you're right. I forgot that you'll have to retry nonces due to the changing block time field.

But yes, like MagicByt3 pointed out they might have simply had multiple machines running? Even if satoshi was the only one running the client until Hal Finney came along a few days later this doesn't mean that they only had the client running on a single machine. It only needs a second or third machine for the numbers to make sense.

This seems like the most likley reason the numbers don't add up.
I recall reading a post by Satoshi that said something about using more than one machine but I cannot seem to find it..

...

Can't find where Satoshi said he was using multiple computers from the beginning, but I'm almost certain I've read it somewhere, and if I remember correctly number of machines were in double digits. That's why many people think he was working in Academia, otherwise it would be rather hard to get hold of so many computers to play with your own personal project. It makes complete sense, how would you otherwise test networking part of the code?


I recall reading it too in a early post here there was also the spec of the machine and some figures if I recall correctly.

888  Economy / Exchanges / Re: coinbase pro question on: June 24, 2019, 12:31:01 AM
From your info you posted it looks like the fees are being charged in USD.
As for the loss in btc value I guess that must have been a price issue?
889  Economy / Invites & Accounts / Re: >>> Senior | Hero | Legendary accounts >>> 2Y+ Staked addr + Private Key on: June 24, 2019, 12:12:37 AM
Stop spamming boards one topic will do..
890  Economy / Exchanges / Re: coinbase pro question on: June 24, 2019, 12:11:36 AM
Quote from: skohoutek on June 24, 2019, 12:02:57 AM
Thanks for the response Magic really appreciate it.

 do they take it out in usd or in bitcoin?

The only reason I ask is because I sold at high price and rebought at a lower price than what I sold for and lost a little btc on the transaction. And in a similar scenario before that I actually gained btc. Just confused on why I lost one and gained on another.

Mabey you could post the trades in question might be able to understand what happened.

Did you market sell? then market buy? 

Or

did you place the order into the book and they were filled?

From my reading of coinbase pro's technical pages it seems that transactions made on all non-USD books are converted to USD based on the most recent fill price on the respective book. 

So my thoughts would be you would see the fee in USD.


891  Bitcoin / Bitcoin Technical Support / Re: how to use 6 years old wallet.dat ? on: June 24, 2019, 12:00:01 AM
Quote from: davisss on June 23, 2019, 11:54:24 PM
Thanks a lot guys for all your help and to direct me into the right direction for importing my old wallet.
And thanks for the warning not to sent my stuff to others.
May you all live in interesting times :-)

PS I looked for a thanks-button to show appreciation, but havent seen one.


Here they are called merits and you earn them for good post's and helping others.
You probably do not have any to send at this time but keep posting good questions or help others and your merit will grow. Smiley

I just gave you your first merit.
892  Economy / Speculation / Re: John McAfee Says- If Bitcoin Breaks 100k you can bet it will break a million on: June 23, 2019, 11:56:00 PM
Bitcoin actually has the potental to be worth much much more than anyone is thinking right now.
I'm not talking in our life times but possibly for our kids or grandkids bitcoin and crypto-currency will be the norm same way visa and mastercard are the norm today back when they first were announced they were something new no one wanted really but look where they are today.

Bitcoin will follow this path I think alot of the issue with the markets today is everyone is thinking for the now seeking profit even at the expense of adoption of bitcoin from HFT algo's working to scalp the low hanging fruit from traders to larfe hacks all take away from bitcoin and the perception it has on people.   

We took a LONG time to drift away from the silk road issues of perception by the public now we seems to be heading into the era of You call me this so Ill sue you.   If we all believe in cypto and want it to be the success it should be we really need to look at the state of the ecosystem from the outside without the rose tinted glasses.

Bitcoin still has a long way to go the question is what will you do to help?
893  Economy / Exchanges / Re: coinbase pro question on: June 23, 2019, 11:43:49 PM
Hi Scott welcome to the forum.

Below you can see a table of the coinbase pro maker / taker fees.

If you place your order on coinbase pro and your order is fuilled right away you are classed as the taker and will pay around 0.05% to 0.25%
If you plance your order and is fails to fill right away or be matched that order makes it waty to the order book say bob comes along and places another order that matches your order then this would make you the maker and the fee would be 0.00% to 0.15%

Code:
Pricing Tier 	Taker Fee 	Maker Fee
<$100K 	         0.25% 	0.15%
100K - 1M 	         0.20% 	0.10%
1- 10M 	         0.18% 	0.08%
10 -50M 	         0.15% 	0.05%
50 - 100M 	         0.10% 	0.00%
100 - 300M 	 0.08% 	0.00%
300 - 500M 	 0.07% 	0.00%
500M - 1B 	         0.06% 	0.00%
$1B+ 	         0.05% 	0.00%

Your taker fees on coinbase pro are calculated based upon total USD trading volume over a 30 day period across all order books.


To read some more see : https://support.pro.coinbase.com/customer/en/portal/articles/2945310-fees
894  Bitcoin / Legal / Re: US Regulator Accuses Head of Defunct British BTC Company $147 Mil Fraud on: June 23, 2019, 10:57:08 PM
Quote from: jdarren on June 19, 2019, 05:17:16 PM
for misappropriating at least 22,858,322 Bitcoin.

Might be hard as the cap on bitcoin is 21 Million.. How could they have misappropriated more than is in the ecosystem.
It would also mean the entrire supply of bitcoin moved via this "company" which I highly doubt.
Further to this there is no news of this in the UK.
895  Bitcoin / Press / Re: [2019-06-16] US Federal judge threatens to hold Craig Wright in criminal... on: June 23, 2019, 08:23:52 PM
Quote from: gentlemand on June 23, 2019, 07:50:02 PM
https://medium.com/@danielkelman/opinion-on-current-issues-in-kleiman-v-wright-4240e4fcfd5

Finally some qualified legal opinion here instead of us lot guessing a bunch of shit.

An interesting angle that I hadn't really pondered before is the motivation of Kleiman in bringing the case. This geezer reckons it's to force a settlement out of Craigy.

Since I've never heard of any Kleiman coming up with anything pointing to Dave having anything to do with BTC then it makes sense. They may be just as opportunistic as he is.

It's been said out of craigs mouth that dave was part of it.
There is also the wallet.dat file craig desperatly asked them to save of daves.

I don't think dave's family realised how much he was involved untill craig showed up asking for info and files and god knows what else.

https://www.courtlistener.com/recap/gov.uscourts.flsd.521536/gov.uscourts.flsd.521536.24.24.pdf
896  Alternate cryptocurrencies / Speculation (Altcoins) / Re: LTC halving on: June 23, 2019, 08:17:35 PM
On another note the Diff of LTC is starting to bump again we are looking at a 10-12% up in Diff in a few days if this hashrate that's arrived on the network decides to stick around..  Goodbye 102% PPS

897  Bitcoin / Development & Technical Discussion / Re: Understanding The Satoshi Codebase (Series) PART 1 - on: June 23, 2019, 08:13:20 PM
A quick breakdown of a raw block and all it's parts broken down in a much simpler way to understand.

1. BlockHeader


Code:
Block headers
Version: 536870912
Prev block: 0000000000000000002B4317ED9B09E5D629E9763E727E895E296418D69F2C70
Merkle root: AA5FB4AFB0154D2BDD3315E074F219351FDF13908F1C515E07BE12124A3D3760
Timestamp December 31, 2018, 14:07:48 +0000
Bits: 17371EF4
Nonce: 21


2. Raw headers in hex


Code:
00000020702C9FD61864295E897E723E76E929D6E5099BED17432B000000000000000000AA5FB4AFB0154D2BDD3315E074F219351FDF13908F1C515E07BE12124A3D3760B4222A5CF41E371715000000


3. Coinbase transaction

Code:
01000000010000000000000000000000000000000000000000000000000000000000000000FFFFFFFF0487654321FFFFFFFF0100F90295000000001976A914DC863734A218BFE83EF770EE9D41A27F824A6E5688AC00000000


4. Computed block hash
Code:
CB78229F85ABD927B71954CB65905F5AC9F12DBC512D2FE9CD6C7580AA814C62000000000000000000371EF4FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF

Now lets say the nonce value is to move to 22.

The new computed value for Block Hash would become

Code:
77F6BF7C376A4346BD28FFAB917E2B1327B8CFD77F70B986A6421FC06A21CF56


Now lets break down the Raw header in Hex


Code:
00000020702C9FD61864295E897E723E76E929D6E5099BED17432B000000000000000000AA5FB4AFB0154D2BDD3315E074F219351FDF13908F1C515E07BE12124A3D3760B4222A5CF41E371715000000

Code:
00000020 = Block Version Number

702C9FD61864295E897E723E76E929D6E5099BED17432B000000000000000000 = Previous Block Hash

AA5FB4AFB0154D2BDD3315E074F219351FDF13908F1C515E07BE12124A3D3760 = Merkel Root

B4222A5C = Time Stamp

F41E3717 = Bits Value Diff target

15000000 = Nonce


Each time the hash changes until the block hash is equal to or below this number in order to be valid.

Code:
000000000000000000371EF4FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF

** Work In Progress **
898  Bitcoin / Bitcoin Technical Support / Re: Finding Bitcoin Code on: June 23, 2019, 07:54:58 PM
I have started to create a Satoshi Codebase topic ( Needs update )

https://bitcointalk.org/index.php?topic=5077159.msg48300342#msg48300342

But I started to cover most of the features from the older code base most of which are still in the main release of bitcoin but it will help to give a better understanding of how the Bitcoin protocol works under the hood.

It covers things like block reward.  Mining. OP-CODES, + much more.

It is also open to contributuon by the community so feel free to make a post but please follow the guide at the top if posting about the codebase.

Magic
899  Bitcoin / Development & Technical Discussion / Re: How crypto exchange works ? on: June 23, 2019, 07:43:11 PM
I forgot to add this project

https://github.com/ajmssc/bitcoin-inspector

It uses Apache Kafka.

Regards.

Magic
900  Bitcoin / Development & Technical Discussion / Re: How crypto exchange works ? on: June 23, 2019, 07:35:27 PM
If your looking for example of how exchanges work you could look at the following projects.

Please not DO NOT USE IN PRODUTION ENVIRO as the code bases may have backdoor's or other holes that may be security issues.

1. Peatio

Was released open source but is no longer being developed it is build on Ruby and Rails which is a change from the usual PHP exchanges out there.

https://github.com/peatio/peatio

Features :

  •    Designed as high performance crypto currency exchange.
        Built-in high performance matching-engine.
        Built-in Proof of Solvency Audit.
        Built-in ticket system for customer support.
        Usability and scalibility.
        Websocket API and high frequency trading support.
        Support multiple digital currencies (eg. Bitcoin, Litecoin, Dogecoin etc.).
        Easy customization of payment processing for both fiat and digital currencies.
        SMS and Google Two-Factor authenticaton.
        KYC Verification.
        Powerful admin dashboard and management tools.
        Highly configurable and extendable.
        Industry standard security out of box.
        Active community behind.
        Free and open-source.
        Created and maintained by Peatio open-source group.



2. RubyKube (Fork of Peatio)

RubyKube is a updated version of Peatio build again in the Ruby enviro it's worth a look at this version

https://github.com/rubykube
https://rubykube.io/

3.  Binance

Binance have most of there code available online for your to look over.

https://github.com/binance-exchange


4. CCXT

A PHP lib for around 110 crypto exchnages worth looking at.

https://github.com/kornrunner/ccxt


As for the DB I think a lot still use MYSQL db thought redis and postgres both are used in the wild.




Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 [45] 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 »
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!