Kiv (OP)
|
|
July 03, 2011, 11:53:42 PM |
|
It's come to my attention that a miner called CoinMiner is being distributed at bitcoin-miner-pro.com. This is nothing more than my own GUIMiner with a wallet stealing trojan attached. DO NOT DOWNLOAD this miner unless you want to lose all your coins and maybe worse. It will not increase your mining speed or do anything else magical except send your wallet to some scammers. I'm very upset that my free software is being used in this way and have contacted the site owners, but I don't expect that they will be very cooperative. I just wanted to warn people not to use it, and if anyone wants to DDOS their site that would be cool. (Joking)
|
|
|
|
error
|
|
July 04, 2011, 12:23:10 AM |
|
Site's down now.
|
3KzNGwzRZ6SimWuFAgh4TnXzHpruHMZmV8
|
|
|
antares
|
|
July 04, 2011, 12:25:18 AM |
|
well, I hope you consider changing the license of GUIminer to something that makes it stay free software, but prohibits malicious redistribution of that code. At least you could then file a lawsuit against them, for copyright issues. Also, be sure to get a whois output for their domain and report their doings to the registrar. then do a whois on the ip-address where the site is hosted and write some mail to their hoster.(if domain registrar and hoster are not the same company). These usually react fast to complaints. They react even faster to DMCA complaints(in case you really change your license)
|
|
|
|
Kiv (OP)
|
|
July 04, 2011, 12:36:07 AM |
|
Site's down now.
Sometimes when visiting it I get an error, other times it goes through. Looks like the server reliability is not great. I'm still able to access the site now. well, I hope you consider changing the license of GUIminer to something that makes it stay free software, but prohibits malicious redistribution of that code. At least you could then file a lawsuit against them, for copyright issues.
The license is GNU GPL and I believe they are already in violation of it (though I'm no lawyer), at least by not distributing the source code to their modified version. Also, be sure to get a whois output for their domain and report their doings to the registrar. then do a whois on the ip-address where the site is hosted and write some mail to their hoster.(if domain registrar and hoster are not the same company). These usually react fast to complaints. They react even faster to DMCA complaints(in case you really change your license)
I tried a whois and apparently they're with ezinom.com. I guess that's who I can write mail to?
|
|
|
|
Boing7898
|
|
July 04, 2011, 08:15:43 AM |
|
403 Forbidden error..
It seems they already went down.. or away..
|
|
|
|
TheSeven
|
|
July 04, 2011, 08:40:18 AM |
|
Got a couple SPAM emails from then as well :/ The address was apparently harvested from the Mt. Gox database leak.
|
My tip jar: 13kwqR7B4WcSAJCYJH1eXQcxG5vVUwKAqY
|
|
|
antares
|
|
July 04, 2011, 09:56:16 AM |
|
Site's down now.
Sometimes when visiting it I get an error, other times it goes through. Looks like the server reliability is not great. I'm still able to access the site now. well, I hope you consider changing the license of GUIminer to something that makes it stay free software, but prohibits malicious redistribution of that code. At least you could then file a lawsuit against them, for copyright issues.
The license is GNU GPL and I believe they are already in violation of it (though I'm no lawyer), at least by not distributing the source code to their modified version. Also, be sure to get a whois output for their domain and report their doings to the registrar. then do a whois on the ip-address where the site is hosted and write some mail to their hoster.(if domain registrar and hoster are not the same company). These usually react fast to complaints. They react even faster to DMCA complaints(in case you really change your license)
I tried a whois and apparently they're with ezinom.com. I guess that's who I can write mail to? yep, ezinom.com should be responsible. If they do not react, you can also contact Californian Authorities for (helping) violating the US-CAN-SPAM act(ezinom is, according to their whois record listed as a company in CA). US-Authorities can then seize the domain name.
|
|
|
|
TheSeven
|
|
July 04, 2011, 11:01:49 PM |
|
I just filed an abuse report to the abuse contact of solid.nsjet.com (where the emails were coming from, which is the same IP address that is hosting the site), after they basically acknowledged that they are violating CAN-SPAM, claiming that it doesn't apply to them because they are on the Bahamas, and explicitly refusing to exclude me from further mailings.
|
My tip jar: 13kwqR7B4WcSAJCYJH1eXQcxG5vVUwKAqY
|
|
|
gellimac
|
|
July 05, 2011, 09:37:46 AM |
|
I installed this fu**** sofware 2 days ago and obviously I lost my 0.25 BTC (I just start mining so I don't have a lot of BTC). I scanned it with AVIRA Antivir and no virus were found...
I uninstalled it and deleted the install folder but is it enough?
How does it works? Does it send the wallet to someone or does is use the bitcoin software of the PC so send directly the BTC to an adress?
|
|
|
|
TheSeven
|
|
July 05, 2011, 09:47:28 AM |
|
I just filed an abuse report to the abuse contact of solid.nsjet.com (where the emails were coming from, which is the same IP address that is hosting the site), after they basically acknowledged that they are violating CAN-SPAM, claiming that it doesn't apply to them because they are on the Bahamas, and explicitly refusing to exclude me from further mailings.
Seems like the abuse department did their job well: the vhost seems to be gone
|
My tip jar: 13kwqR7B4WcSAJCYJH1eXQcxG5vVUwKAqY
|
|
|
Palmdetroit
Legendary
Offline
Activity: 910
Merit: 1000
PHS 50% PoS - Stop mining start minting
|
|
July 05, 2011, 05:05:07 PM |
|
I installed this fu**** sofware 2 days ago and obviously I lost my 0.25 BTC (I just start mining so I don't have a lot of BTC). I scanned it with AVIRA Antivir and no virus were found...
I uninstalled it and deleted the install folder but is it enough?
How does it works? Does it send the wallet to someone or does is use the bitcoin software of the PC so send directly the BTC to an adress?
Weird Avira caught the miner bot within a day or two. Not sure but did you keep your wallet in the default location? I won't go into wallet security here but anyone new to bitcoin should look around posts on here to see basic security measures to take.
|
|
|
|
gellimac
|
|
July 05, 2011, 05:08:38 PM |
|
Yes it was in Roaming/bitcoin
how can I change it?
|
|
|
|
antares
|
|
July 06, 2011, 10:45:04 PM |
|
@TheSeven
if a hosting provider does not agree to stick to such things as SPAM "because they are offshore and dont give a crap about foreign laws and policies", you can and should always make clear that you will warn others to stay away from them because they condone spam. If they are a serious business they will know what happens to hosters that allow spamming: People will stay off them because they could have a spammer on their node having negative effects on their own website rating.
You could also try to go a level up - I had this some time with a US company that simply ignored the spam issue - They were hosted with BurstNet(who are pretty strict and fast when it comes to the do nots) as resellers. So I contacted burst and it took about a day until the whole hosting company went offline.
Also I'd consider asking a lawyer(there are lawyers that accept bitcoin) for a new free software license that allows modification but forbids malicious modification. Unfortunately you cannot alter the GPL or most other licenses to adept to your likes, because the weird thing about those licenses is that they are usually under pretty restrictive licenses themselves(i.e. if you alter the GPL you break copyright law).
You could also dual license your work with the LGPL and charge for commercial modifications(like QT did use to). That way you could also DMCA those scammers.
EDIT: If you go for that latter thing, and the hoster does not react to DCMA(or national equivalent law) you can usually hold them responsible, and that should be pointed out(after some quick research on their national laws) in the first contact with them
|
|
|
|
haydent
|
|
July 09, 2011, 03:20:19 AM |
|
|
2x Gigabyte 6950 OC @ 920/450 w/ ati tray tools (1 shader modded) - 760Mhs on ozco.in 0% fee aus pool btc: 1HS5Brzcsh7XkJn566XYbvfpa2JuBRBdss
|
|
|
Leon
Newbie
Offline
Activity: 14
Merit: 0
|
|
July 14, 2011, 10:42:05 PM |
|
Are you sure maybe they are being hacked... ZOMFG GOXEDE!
|
|
|
|
|
STP
Jr. Member
Offline
Activity: 47
Merit: 12
|
|
August 27, 2011, 03:32:05 PM |
|
Windows Defender flagged my GUIminer.exe as a trojan this morning. It was the 20110614 version. It showed it as trojan/coinminer. I downloaded it via the guiminer thread. Just Defender getting it wrong due to this CoinMiner in this thread?
|
|
|
|
PLaci1982
Full Member
Offline
Activity: 168
Merit: 100
Live long and prosper. \\//,
|
|
August 28, 2011, 07:23:02 AM |
|
Windows Defender flagged my GUIminer.exe as a trojan this morning. It was the 20110614 version. It showed it as trojan/coinminer. I downloaded it via the guiminer thread. Just Defender getting it wrong due to this CoinMiner in this thread? I think this ain't the right topic, but: The GUIminer are legit (if you downloaded it from this forum), maybe one of the included command line miner program got flagged as false positive. That happened with version 20110701 and the included ufasoft miner, and thats why version 20110824 does not include it right out of the box.
|
Hardware Expert / WinXP, Win7 Expert
1J5oPkyGVdb4mv44KGZQYsHS2ch6e1t4rc
|
|
|
-ck
Legendary
Offline
Activity: 4284
Merit: 1645
Ruu \o/
|
|
August 28, 2011, 09:24:05 AM |
|
One by one every mining software is being tagged as a virus by the stupid virus software makers because the mining software is being packaged with a trojan set of parameters. Obviously that's not the mining software's fault, so the virus software makers can go and get fffff
|
Developer/maintainer for cgminer, ckpool/ckproxy, and the -ck kernel 2% Fee Solo mining at solo.ckpool.org -ck
|
|
|
|