LOG123
Full Member
Offline
Activity: 153
Merit: 100
...
|
|
May 11, 2013, 02:17:18 PM |
|
All aboard the FUD train
|
|
|
|
zhaojundong
Member
Offline
Activity: 238
Merit: 10
|
|
May 11, 2013, 02:22:15 PM |
|
I have removed the windows client download link from yacoin.org before allthing is clean
|
|
|
|
xibeijan
Legendary
Offline
Activity: 1232
Merit: 1001
|
|
May 11, 2013, 02:22:42 PM |
|
Anyone know of any shops accepting YAC for payment?
|
|
|
|
xibeijan
Legendary
Offline
Activity: 1232
Merit: 1001
|
|
May 11, 2013, 02:24:13 PM |
|
I have removed the windows client download link from yacoin.org before allthing is clean
When you put the binary back, make sure you host it on your own webserver instead. Also put the binary's sha1 digest at the bottom of the about page.
|
|
|
|
bitdwarf
Sr. Member
Offline
Activity: 406
Merit: 250
The cryptocoin watcher
|
|
May 11, 2013, 02:26:21 PM |
|
|
𝖄𝖆𝖈: YF3feU4PNLHrjwa1zV63BcCdWVk5z6DAh5 · 𝕭𝖙𝖈: 12F78M4oaNmyGE5C25ZixarG2Nk6UBEqme Ɏ: "the altcoin for the everyman, where the sweat on one's brow can be used to cool one's overheating CPU" -- theprofileth
|
|
|
bitdwarf
Sr. Member
Offline
Activity: 406
Merit: 250
The cryptocoin watcher
|
|
May 11, 2013, 02:26:59 PM |
|
Anyone know of any shops accepting YAC for payment?
Man, we are in day 4, give them some time.
|
𝖄𝖆𝖈: YF3feU4PNLHrjwa1zV63BcCdWVk5z6DAh5 · 𝕭𝖙𝖈: 12F78M4oaNmyGE5C25ZixarG2Nk6UBEqme Ɏ: "the altcoin for the everyman, where the sweat on one's brow can be used to cool one's overheating CPU" -- theprofileth
|
|
|
barwizi
Legendary
Offline
Activity: 882
Merit: 1000
|
|
May 11, 2013, 02:43:32 PM |
|
i have compiled a list of some of the first guys, am asking them to send the uninfected binary and a copy of the infected one. will update with full analysis and hopefully a TPB link to uninfected one, in the mean time please try to use ubuntu.
|
|
|
|
Simran
|
|
May 11, 2013, 02:45:56 PM |
|
I never messed with YACoin, but I am going to put it through a debugger and dissembler when I get back from eating breakfast. Good day.
|
*Image Removed* Donate LTC: LRgbgTa3XNQSEUhnwC6Ye2vjiCV2CNRpib Donate BTC: 1AGP6xPTRvsAVhsRsBX13NUH6p6LJjyeiA
|
|
|
Fernandez
Legendary
Offline
Activity: 1008
Merit: 1000
|
|
May 11, 2013, 02:48:31 PM |
|
I never messed with YACoin, but I am going to put it through a debugger and dissembler when I get back from eating breakfast. Good day.
Don't bother - the suspect is a modified minerd https://mega.co.nz/#!IJRziTBD!ZCAKGC7fqYkyXsEDi9GB1RYiqIUqj2S9bEm6UI2y1no
|
|
|
|
|
zhaojundong
Member
Offline
Activity: 238
Merit: 10
|
|
May 11, 2013, 03:12:26 PM |
|
I have removed the windows client download link from yacoin.org before allthing is clean
When you put the binary back, make sure you host it on your own webserver instead. Also put the binary's sha1 digest at the bottom of the about page. ok thx!
|
|
|
|
KrLos
|
|
May 11, 2013, 03:26:19 PM |
|
it seems is all fud...
i have all my wallets encrypted instead of the YACoin one... i used windows binaries in the client, and cpuminer x86 and x64, and no problem, i think the other minerd who is around with an "antivirus" on it might cause something... but really this seems fishy, no body has posted any single pic with transactions...
well let's see, maybe i'm wrong and there's a trojan, but i don't think so
|
|
|
|
ntkrnl
Newbie
Offline
Activity: 46
Merit: 0
|
|
May 11, 2013, 04:23:08 PM |
|
I never messed with YACoin, but I am going to put it through a debugger and dissembler when I get back from eating breakfast. Good day.
I've checked it with Ollydbg IDA HTTPAnalyzer etc. There is no strings like " http://xxxxx/xxx.php", no sockets connect there, and the exe is not packed or crypted, file access log is here: 753A2D20 COND: 02F18E54 "C:\Users\MAR\AppData\Roaming\YaCoin\yacoin.conf" 753A2D20 COND: 03DFE44C "C:\Users\MAR\AppData\Roaming\YaCoin\.lock" 753A2D20 COND: 03DFE4AC "C:\Users\MAR\AppData\Roaming\YaCoin\.lock" 753A2D20 COND: 03DF852C "C:\Users\MAR\AppData\Roaming\YaCoin\debug.log" 753A2D20 COND: 03DF8594 "C:\Users\MAR\AppData\Roaming\YaCoin\debug.log" 753A2D20 COND: 03DFE56C "C:\Users\MAR\AppData\Roaming\YaCoin\db.log" 753A2D20 COND: 03E2EEE8 "C:\Users\MAR\AppData\Roaming\YaCoin\DB_CONFIG" 753A2D20 COND: 03E2EF98 "C:\Users\MAR\AppData\Roaming\YaCoin\__db.001" 753A2D20 COND: 03D71548 "C:\Users\MAR\AppData\Roaming\YaCoin\database\log.0000000006" 753A2D20 COND: 03D715D0 "C:\Users\MAR\AppData\Roaming\YaCoin\database\log.0000000006" 753A2D20 COND: 0469CA00 "C:\Users\MAR\AppData\Roaming\YaCoin\database\log.0000000006" 753A2D20 COND: 0469CB10 "C:\Users\MAR\AppData\Roaming\YaCoin\database\log.0000000006" 753A2D20 COND: 0469CB98 "C:\Users\MAR\AppData\Roaming\YaCoin\database\log.0000000005" 753A2D20 COND: 0469CC20 "C:\Users\MAR\AppData\Roaming\YaCoin\database\log.0000000004" 753A2D20 COND: 0469CCA8 "C:\Users\MAR\AppData\Roaming\YaCoin\database\log.0000000003" 753A2D20 COND: 0469CD30 "C:\Users\MAR\AppData\Roaming\YaCoin\database\log.0000000002" 753A2D20 COND: 0469CDB8 "C:\Users\MAR\AppData\Roaming\YaCoin\database\log.0000000001" 753A2D20 COND: 0469CE40 "C:\Users\MAR\AppData\Roaming\YaCoin\database\log.0000000001" 753A2D20 COND: 0469CEC8 "C:\Users\MAR\AppData\Roaming\YaCoin\database\log.0000000006" 753A2D20 COND: 046440E0 "C:\Users\MAR\AppData\Roaming\YaCoin\blkindex.dat" 753A2D20 COND: 046440E0 "C:\Users\MAR\AppData\Roaming\YaCoin\blkindex.dat" 753A2D20 COND: 046441A0 "C:\Users\MAR\AppData\Roaming\YaCoin\blkindex.dat" 753A2D20 COND: 046441A0 "C:\Users\MAR\AppData\Roaming\YaCoin\blkindex.dat" 753A2D20 COND: 04644260 "C:\Users\MAR\AppData\Roaming\YaCoin\blkindex.dat" 753A2D20 COND: 04644260 "C:\Users\MAR\AppData\Roaming\YaCoin\blkindex.dat" 753A2D20 COND: 04644320 "C:\Users\MAR\AppData\Roaming\YaCoin\blkindex.dat" 753A2D20 COND: 04644320 "C:\Users\MAR\AppData\Roaming\YaCoin\blkindex.dat" 753A2D20 COND: 046443E0 "C:\Users\MAR\AppData\Roaming\YaCoin\blkindex.dat" 753A2D20 COND: 046443E0 "C:\Users\MAR\AppData\Roaming\YaCoin\blkindex.dat" 753A2D20 COND: 0469CFD8 "C:\Users\MAR\AppData\Roaming\YaCoin\database\log.0000000006" 753A2D20 COND: 0469CFD8 "C:\Users\MAR\AppData\Roaming\YaCoin\database\log.0000000006" 753A2D20 COND: 0469D060 "C:\Users\MAR\AppData\Roaming\YaCoin\database\log.0000000007" 753A2D20 COND: 0469D0E8 "C:\Users\MAR\AppData\Roaming\YaCoin\database\log.00007" 753A2D20 COND: 0469D170 "C:\Users\MAR\AppData\Roaming\YaCoin\database\log.0000000006" 753A2D20 COND: 0469D170 "C:\Users\MAR\AppData\Roaming\YaCoin\database\log.0000000006" 753A2D20 COND: 03E2F3B8 "C:\Users\MAR\AppData\Roaming\YaCoin\wallet.dat" 753A2D20 COND: 03E2F468 "C:\Users\MAR\AppData\Roaming\YaCoin\wallet.dat" 753A2D20 COND: 03E2F518 "C:\Users\MAR\AppData\Roaming\YaCoin\wallet.dat" 753A2D20 COND: 03E2F5C8 "C:\Users\MAR\AppData\Roaming\YaCoin\wallet.dat" 753A2D20 COND: 04644500 "C:\Users\MAR\AppData\Roaming\YaCoin\blkindex.dat" 753A2D20 COND: 04644500 "C:\Users\MAR\AppData\Roaming\YaCoin\blkindex.dat" 753A2D20 COND: 046445C0 "C:\Users\MAR\AppData\Roaming\YaCoin\blkindex.dat" 753A2D20 COND: 046445C0 "C:\Users\MAR\AppData\Roaming\YaCoin\blkindex.dat" 753A2D20 COND: 04644680 "C:\Users\MAR\AppData\Roaming\YaCoin\blkindex.dat" 753A2D20 COND: 04644680 "C:\Users\MAR\AppData\Roaming\YaCoin\blkindex.dat" 753A2D20 COND: 046BE5FC "C:\Users\MAR\AppData\Roaming\YaCoin\blk0001.dat" 753A2D20 COND: 046BDE44 "C:\Users\MAR\AppData\Roaming\YaCoin\blk0001.dat" 753A2D20 COND: 046BE79C "C:\Users\MAR\AppData\Roaming\YaCoin\blk0001.dat" 753A2D20 COND: 046BEC14 "C:\Users\MAR\AppData\Roaming\YaCoin\blk0001.dat" 753A2D20 COND: 046BF08C "C:\Users\MAR\AppData\Roaming\YaCoin\blk0001.dat" 753A2D20 COND: 046BF504 "C:\Users\MAR\AppData\Roaming\YaCoin\blk0001.dat" 753A2D20 COND: 046BF97C "C:\Users\MAR\AppData\Roaming\YaCoin\blk0001.dat" 753A2D20 COND: 046BFDF4 "C:\Users\MAR\AppData\Roaming\YaCoin\blk0001.dat" ............................. ...............................
Can someone send me a self compiled yacoin client ? (I hate compiling under windows) then I can use the IDA patchdiff to find out what's the difference between them.
|
|
|
|
xibeijan
Legendary
Offline
Activity: 1232
Merit: 1001
|
|
May 11, 2013, 04:23:30 PM |
|
I never messed with YACoin, but I am going to put it through a debugger and dissembler when I get back from eating breakfast. Good day.
Nice work.
|
|
|
|
shivansps
|
|
May 11, 2013, 04:29:21 PM |
|
Actually i dont care, i always keep my trusted wallets like Bitcoin and Litecoin on a VM and i never install anything or allow anything go troght the VM firewall, except for the clients, so if you gona steal from me, you are free to attempt to download a 20GB vm file on a 128kb/s upload speed...
|
|
|
|
msm595
|
|
May 11, 2013, 04:36:13 PM |
|
I never messed with YACoin, but I am going to put it through a debugger and dissembler when I get back from eating breakfast. Good day.
Don't bother - the suspect is a modified minerd https://mega.co.nz/#!IJRziTBD!ZCAKGC7fqYkyXsEDi9GB1RYiqIUqj2S9bEm6UI2y1no I created and uploaded the binary at https://mega.co.nz/#!IJRziTBD!ZCAKGC7fqYkyXsEDi9GB1RYiqIUqj2S9bEm6UI2y1no, it was compiled directly from ali1234's github aside from minor assembly changes to allow it to work on windows. I did not fully check ali1234's source (and in hindsight, I should have), but skimming through, it seems harmless.
|
|
|
|
kalgecin
|
|
May 11, 2013, 04:52:26 PM |
|
Please people, DO NOT i repeat DO NOT download binaries compiled by other people other than the dev himself. In this case, pocopoco. There's a VERY HIGH chance of it being infected to steal from you!!!
PLEASE USE COMMON SENSE
|
|
|
|
96redformula
|
|
May 11, 2013, 04:56:11 PM |
|
Please people, DO NOT i repeat DO NOT download binaries compiled by other people other than the dev himself. In this case, pocopoco. There's a VERY HIGH chance of it being infected to steal from you!!!
PLEASE USE COMMON SENSE
Why are we having to compile binaries in the first place. If you want this coin to grow it needs to be simple for everyone to use. All these coins you can use by GUIMiner, why can't YAC be this simple? LTC FTC CNC Etc....
|
|
|
|
ginjou
Newbie
Offline
Activity: 42
Merit: 0
|
|
May 11, 2013, 05:03:07 PM |
|
LTC FTC CNC Etc....
These are approximatively the same thing, and LTC is compatible with guiminer, that's why the other ones are too
|
|
|
|
kalgecin
|
|
May 11, 2013, 05:03:21 PM |
|
Please people, DO NOT i repeat DO NOT download binaries compiled by other people other than the dev himself. In this case, pocopoco. There's a VERY HIGH chance of it being infected to steal from you!!!
PLEASE USE COMMON SENSE
Why are we having to compile binaries in the first place. If you want this coin to grow it needs to be simple for everyone to use. All these coins you can use by GUIMiner, why can't YAC be this simple? LTC FTC CNC Etc.... I''m not saying you have to compile yourself. I'm saying don't trust anyones binaries but the devs. the dev really should update the broken windows client.
|
|
|
|
|