PhoenixMiner 6.2c: fastest Ethereum/Ethash miner with lowest devfee (Win/Linux)

[btcshiner]

So maybe Phoenix miner dev was killed too, just like Claymore? What the hell is going on here?

Wasn't he making like 20k a day?  Probably just on permanent vacation.

Maybe Claymore and Phoenix are the same person or group.....

[PhoenixMiner]

The rumors of our demise (or our tuning into bad guys) are completely false. Here is what has happened:

1. Sometime yesterday MEGA decided to terminate our account, and the accounts of some other prominent crypto mining software authors (e.g. Clyamore) for "violation of our terms of service". We didn't receive any further information about this violation, so it is safe to assume that someone in high places has put pressure to MEGA to delete the most popular mining software from their site. It is partially our fault that we believed their statement that they are "censor-resistant" but we have learned our lesson and we are currently setting up several independent hosting solutions in case anything similar happens in the future.

2. Our bitcointalk.org account is safe and secure and we have full control over it. The latest released version remains PhoenixMiner 5.5c with the following checksums:

Code:

    File: PhoenixMiner_5.5c_Windows.zip
    ===================================
   SHA-1: 9a3efe6130ba21ab2ade9df38ff9d52a539d9693
 SHA-256: 0bb20989cd107c6b65d08da30f014df0b3cb94f8124253e2caee1dfa99431c2d
 SHA-512: 2e1aa259f6519d6759ccf679bf1b989c36fe504c9066cc3ba79537bf34129fb168b2956e385a4cf593e45c3a22e89590319870fb502ff13a371932aad441b250

    File: PhoenixMiner_5.5c_Linux.tar.gz
    ====================================
   SHA-1: 43bc9221582c8e90188fb1b416df14a8259d5b4e
 SHA-256: 66914e1b5011c35cf6af3f0d3e7540f5fa1bbe1563105fd242a67a96437b8e69
 SHA-512: 1088fcfd06b1bf63a3ab0d92089504b37e634bc138290c432797594ed25d37f8e5a658cf4124b6bb4495592b2b90f89bf0a68d03f51ce97e61b69efbe0667943

   Here are the checksums of the individual executable files in case you don't have the original zip archive (these are all SHA-256 sums):

Code:

ad20e44954960278ad965b05e8c67d9d314c200809b99b1b5a219a916ce06b21 *IOMap64.sys
287e44f5067a4e770e8a0605f5720d3d1477ecc4aa4f3a26ce5d3a489ae79780 *EIO.dll
402438684406d1e3b2d1d5629151259ad864ffc55c8e6ab176f4c47c543d4fee *EIO.exe
599393e258d8ba7b8f8633e20c651868258827d3a43a4d0712125bc487eabf92 *PhoenixMiner.exe

   And these are the SHA-512 checksums of the same files:

Code:

0d8597b79a2615059f0bdd1fd0c2207b0bd96dac29b27af5f6af1bfbf003ceeed984a7bad54e2c917ffb5d9738229a8c0d52972c4caf69e353406c2068c000fd *EIO.dll
804307f91ec5c3b664b07fc3ce21b453621925ba209e40d17b7ecae78cfad8ed20fa969dc29633d92daeebccd28453128bc098511553322677201fb120555485 *IOMap64.sys
60a230568445bcbfc9c638cb672d55b79febeede23b64620cf5a8a32b6ae6a78dc7878dc95d6a5008cfffec5a6ad47c6e48ea8321887e2f19eeff3bcf7436194 *EIO.exe
cf78d162ef4ecf88bbfd4a460471d2ddd8faa505d24cc7c671ad27ba482c9b82b256fb5e5c2c44a8a666a2acbdfe78def303636aa1a92cab29718ce265a536db *PhoenixMiner.exe

   3. We are working on the next release of PhoenixMiner.

   4. The blog post of Nicehash is pure FUD and the only factual thing there is that our MEGA account is terminated.  We will give them the benefit of doubt and assume that they are motivated out of abundance of caution for their customers.

[djeZo]

Can you provide some proof that you are actually the real PhoenixMiner and not a hacker controlling PhoenixMiner account on bitcointalk?

[oskoa]

Phoenix Miner, so why you dont uploaded the software in github since the first day?

[Desertsweeper]

Some juice from Discord:

https://media.discordapp.net/attachments/776876453525979166/818200828422127676/unknown.png

Looks like NH downloaded and distributed the infected nonexistent 5.5d

As previously stated I am a newbie in mining of just one month. I set up an unused pc and threw a couple of unused GPU's in it and then followed the steps listed over at ethermine.org - choosing PhoenixMiner from their suggested list. I downloaded 5.5c from their link, which points (and still does) to this forum's link, now no longer available. The SHA-256 sigs match those revealed here by legit users.

AND on the 27th of February a few weeks back, I randomly downloaded and tested NiceHash for an hour, which brought with it PhoenixMiner and some others. When I look at the checksums of the version NiceHash downloaded, it is certainly the legit and identical version to that running right now, which I downloaded from here. It even has the stock wallet address of: 0x008c26f3a2Ca8bdC11e5891e0278c9436B6F5d1E.Rig001

So as of that date (27-02-2021) NiceHash was delivering the same "clean" version 5.5c and not the bogus 5.5d

[PhoenixMiner]

Can you provide some proof that you are actually the real PhoenixMiner and not a hacker controlling PhoenixMiner account on bitcointalk?

   Gladly, if you have any idea how to do this let us know. In the meantime - do not believe to any "hofixes" or whatever else you see posted in this thread from other users. The last released version of PhoenixMIner so far is 5.5c, and the checksums are the same as at the moment of its release. When the new release is ready it will be posted here, from our own account.

Phoenix Miner, so why you dont uploaded the software in github since the first day?

 
   Github is known to be even more "trigger-happy" when removing "unwelcome" software. MEGA seemed like a more "censor-proof" service but apparently someone got to them. We are aware that someone has created account on github and is hosting some of our files but we can't guarantee that they aren't modified - use the checksums to be sure.

[jimlite]

PhoenixMiner,

Thanks for the hard work and clarification. All the public needs to know is regardless of how NiceHash handled this,
is EVERY version of PhoenixMiner plugin that has been used or updated by nicehashminer safe and free of malware?
Or do nicehashminer users need to try and figure out what version of phoenixminer they are running and if it was
compromised? If no downloadable miners from the nicehash miner program was able to download the wrong or
compromised file, then I would say every nicehash user has nothing to worry about from Phoenixminer. Is this the
case? Because Nicehash is scaring people into wasting countless hours wiping their entire PCs and changing all
passwords. No one should need to do that unless nicehash miner software did truly incorporate a phoenix miner
plug in that wasn't yours. Please let us know your thoughts on this.

Thank you

[ocminer]

I'd say 5.5c with the below Sha sum is safe to use.

PhoenixMiner,

Thanks for the hard work and clarification. All the public needs to know is regardless of how NiceHash handled this,
is EVERY version of PhoenixMiner plugin that has been used or updated by nicehashminer safe and free of malware?
Or do nicehashminer users need to try and figure out what version of phoenixminer they are running and if it was
compromised? If no downloadable miners from the nicehash miner program was able to download the wrong or
compromised file, then I would say every nicehash user has nothing to worry about from Phoenixminer. Is this the
case? Because Nicehash is scaring people into wasting countless hours wiping their entire PCs and changing all
passwords. No one should need to do that unless nicehash miner software did truly incorporate a phoenix miner
plug in that wasn't yours. Please let us know your thoughts on this.

Thank you

[ThrowawayMiner1001]

Hey guys,

Could someone please provide the checksums for the exe (and dll and sys) file(s) in 5.4c?
I downloaded version 5.4c from a random github page that no longer exists, deleted the zip, and later emptied my recycle bin unfortunately

Would suck to have to risk being compromised
Thanks for helping keep the FUD to a minimum btw

[papajo_r]

I'd say 5.5c with the below Sha sum is safe to use.

PhoenixMiner,

Thanks for the hard work and clarification. All the public needs to know is regardless of how NiceHash handled this,
is EVERY version of PhoenixMiner plugin that has been used or updated by nicehashminer safe and free of malware?
Or do nicehashminer users need to try and figure out what version of phoenixminer they are running and if it was
compromised? If no downloadable miners from the nicehash miner program was able to download the wrong or
compromised file, then I would say every nicehash user has nothing to worry about from Phoenixminer. Is this the
case? Because Nicehash is scaring people into wasting countless hours wiping their entire PCs and changing all
passwords. No one should need to do that unless nicehash miner software did truly incorporate a phoenix miner
plug in that wasn't yours. Please let us know your thoughts on this.

Thank you

Yes, but what the download link?

To rephrase a quote from zohan

[jimlite]

I guess the only questions that matter are:

1)Did nicehash incorporate the fake 5.5d phoenixminer?

2)Does the fake 5.5d phoenixminer contain a virus or trojan?
   And if so, what does it do to windows pcs? And why has no
   one reported any issues?


P.S. My thoughts on this is there probably is no malware or we would know it by now.
       Secondly it is VERY hard to inject malware in a closed miner without the source code,
       which the scammers would not have.  To me the worst thing they could have done
      (but good for their pocket books), is to hex edit replace phoenixminer devs address
      with their address, so they would get the 1% mining fee instead of the real dev.
       While this is obviously a problem, it wouldn't affect any users and wouldn't really be
      malware or a reason to wipe your PC. It would only be stealing from the real dev.
     and his hard work.  In any case, my guess is either there is no malware or an address
     replacement modification has been made. In either case I don't think anyone needs
      to wipe their PC. Just delete any phoenixminer entries on your drive, delete any registry
     entries labeled phoenixminer, and uninstall the plug in from nicehashminer until they
      publicly say it is safe to use again. I just don't buy into the NH theory that it could be
     a future ticking time bomb that steals all your bitcoin and passwords a year down the road.
     That would be EXTREMELY difficult to pull off and get around most av and anti-malware programs.

[UserU]

I guess the only questions that matter are:

1)Did nicehash incorporate the fake 5.5d phoenixminer?

2)Does the fake 5.5d phoenixminer contain a virus or trojan?
   And if so, what does it do to windows pcs? And why has no
   one reported any issues?


P.S. My thoughts on this is there probably is no malware or we would know it by now.
       Secondly it is VERY hard to inject malware in a closed miner without the source code,
       which the scammers would not have.  To me the worst thing they could have done
      (but good for their pocket books), is to hex edit replace phoenixminer devs address
      with their address, so they would get the 1% mining fee instead of the real dev.
       While this is obviously a problem, it wouldn't affect any users and wouldn't really be
      malware or a reason to wipe your PC. It would only be stealing from the real dev.
     and his hard work.  In any case, my guess is either there is no malware or an address
     replacement modification has been made. In either case I don't think anyone needs
      to wipe their PC. Just delete any phoenixminer entries on your drive, delete any registry
     entries labeled phoenixminer, and uninstall the plug in from nicehashminer until they
      publicly say it is safe to use again. I just don't buy into the NH theory that it could be
     a future ticking time bomb that steals all your bitcoin and passwords a year down the road.
     That would be EXTREMELY difficult to pull off and get around most av and anti-malware programs.

Anything that is not officially posted by PhoenixMiner is a fake.

It's been a while since several topics (not just this one) has been exposed to malware bots posting the "latest" version.

And yes, the aforementioned version contains malware/ backdoor/ Trojan so avoid it at all costs. Previously there were some I saw that posted about accidentally installing it.

Mods are monitoring such threats around the clock so until they take action, some of them might slip though.

[gridcoinx]

please share the checksums of the individual executable files for version PhoenixMiner_5.5b in case you don't have the original zip archive

[Desertsweeper]

I guess the only questions that matter are:

1)Did nicehash incorporate the fake 5.5d phoenixminer?

2)Does the fake 5.5d phoenixminer contain a virus or trojan?
   And if so, what does it do to windows pcs? And why has no
   one reported any issues?

I downloaded NiceHash on the 27th of February and on that day it was the legit 5.5c version. There is a third question of course - does the "real" 5.5c contain a virus or trojan. Only time will tell....it is not exactly open-source for scrutiny. I will continue to run it on a stand-alone box in my DMZ as any such app should be.

[PhoenixMiner]

We are moving our binaries to github.com as a first temporary solution, and we will be setting up a few more backup hosting options in case github also caves under pressure. EDIT: As of May 2021, githib.com deleted our account as expected, so we are now using our own server to host the releases:

     https://phoenixminer.info/downloads/

We will be removing all MEGA (EDIT: and Github) links from our posts in case that MEGA goes evil and starts distribute fake binaries in the future. From now on, MEGA and Github are no longer official places for distribution of the past and new versions of PhoenixMiner.

[apocalypse_milk]

We are moving our binaries to github.com as a first temporary solution, and we will be setting up a few more backup hosting options in case github also caves under pressure. Here is the link to our github.com account:

     https://github.com/PhoenixMinerDevTeam/PhoenixMiner/releases/


We will be removing all MEGA links from our posts in case that MEGA goes evil and starts distribute fake binaries in the future. From now on, MEGA is no longer an official place for distribution of the past and new versions of PhoenixMiner.

You may want to take a look at this reddit post. There was MUCH more going on than just the blog post from NiceHash. Your credibility has been smeared all day by NiceHash devs.

https://www.reddit.com/r/NiceHash/comments/lzsheq/phoenixminer_howwhywhat_statement_from_it_expert/

"...It is simply anonymous developer missing which is suspicious because he might have planted an exit strategy now that he doesnt care about reputation anymore. Runnig Phoenixminer is risky as it may not only collect devfee but do something else. In which version malware is, if it is, we don't know. It could have been in the one year old version if developer planned this for a long time.

Would you apologize to PhoenixMiner if it turns out that there was trully just a misunderstanding and some third force made him unable to fix issue with download location?

Yes, we would make public apology to PhoenixMiner if this ever happens and turns out that there was indeed no evil plan behind. But at this moment in time, we had to warn our customers about potential dangers."

Apparently you have an "evil plan".

[fury420]

Can you provide some proof that you are actually the real PhoenixMiner and not a hacker controlling PhoenixMiner account on bitcointalk?

   Gladly, if you have any idea how to do this let us know. In the meantime - do not believe to any "hofixes" or whatever else you see posted in this thread from other users. The last released version of PhoenixMIner so far is 5.5c, and the checksums are the same as at the moment of its release. When the new release is ready it will be posted here, from our own account.

One reasonable way to do this would be to take some action involving this ETH address you've been including in epools_example.txt for the past few years?

0x008c26f3a2Ca8bdC11e5891e0278c9436B6F5d1E

Perhaps announce that you'll be moving a specific amount of ETH at a specific time, and then follow through?
This should serve as solid proof that you currently control both this Bitcointalk account and that particular ETH account that's been bundled with the miner for years.

[jimlite]

No one is going to download 5.5d from your links Mr. Brand New.
The question is what is really in 5.5d? Is it an address change, keylogger,
virus, or trojan? I sure hope some people on this forum are smart
enough to figure out EXACTLY what 5.5d does or does not do and post
it here. Because Nicehash team is obviously not capable of it. Really
at this point all we need to know is exactly what 5.5d does maliciously
if anything at all. Serious coder/devs/security experts should be the
only ones chiming in here and explaining what 5.5d does or doesn't do.

[PhoenixMiner]

Can you provide some proof that you are actually the real PhoenixMiner and not a hacker controlling PhoenixMiner account on bitcointalk?

   Gladly, if you have any idea how to do this let us know. In the meantime - do not believe to any "hofixes" or whatever else you see posted in this thread from other users. The last released version of PhoenixMIner so far is 5.5c, and the checksums are the same as at the moment of its release. When the new release is ready it will be posted here, from our own account.

One reasonable way to do this would be to take some action involving this ETH address you've been including in epools_example.txt for the past few years?

0x008c26f3a2Ca8bdC11e5891e0278c9436B6F5d1E

Perhaps announce that you'll be moving a specific amount of ETH at a specific time, and then follow through?
This should serve as solid proof that you currently control both this Bitcointalk account and that particular ETH account that's been bundled with the miner for years.

Good idea! We will do this ASAP after we finish scrubbing the MEGA links from our posts, and setting up the github.com account.

[WARMANGALAXY]

Hello Phoenix Miner, you have been away for more than 2 months. Should we wait for a new release?