Bitcoin Forum
December 10, 2016, 08:53:56 PM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1] 2 3 »  All
  Print  
Author Topic: This is very bad...  (Read 5821 times)
frankiebits
Full Member
***
Offline Offline

Activity: 155


Cheif Executive Director of Thermal Dissipation


View Profile
March 28, 2011, 01:21:59 PM
 #1




This is the most popular Malware Removal software. This is very bad for Bitcoins image.

1481403236
Hero Member
*
Offline Offline

Posts: 1481403236

View Profile Personal Message (Offline)

Ignore
1481403236
Reply with quote  #2

1481403236
Report to moderator
1481403236
Hero Member
*
Offline Offline

Posts: 1481403236

View Profile Personal Message (Offline)

Ignore
1481403236
Reply with quote  #2

1481403236
Report to moderator
1481403236
Hero Member
*
Offline Offline

Posts: 1481403236

View Profile Personal Message (Offline)

Ignore
1481403236
Reply with quote  #2

1481403236
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481403236
Hero Member
*
Offline Offline

Posts: 1481403236

View Profile Personal Message (Offline)

Ignore
1481403236
Reply with quote  #2

1481403236
Report to moderator
1481403236
Hero Member
*
Offline Offline

Posts: 1481403236

View Profile Personal Message (Offline)

Ignore
1481403236
Reply with quote  #2

1481403236
Report to moderator
kiba
Legendary
*
Offline Offline

Activity: 980


View Profile
March 28, 2011, 01:25:37 PM
 #2

That's some piece of shit software right there.

Anybody got their email address so we can fix this shit?

kiba
Legendary
*
Offline Offline

Activity: 980


View Profile
March 28, 2011, 01:30:29 PM
 #3

If the former I would suggest that it is bad for reputation of that 'malwarebytes' developers and well may be a good reason for a libel lawsuit if someone can be bothered.

Who's the damaged parties? Perhaps we could make a fool out of them by complaining to certain news publication after not communicating/fixing whatever is going on.

sortedmush
Full Member
***
Offline Offline

Activity: 126


The geek shall inherit the earth.


View Profile
March 28, 2011, 02:00:17 PM
 #4

They have a false positive reporting procedure.

http://forums.malwarebytes.org/index.php?showtopic=3228
MacRohard
Member
**
Offline Offline

Activity: 103


View Profile
March 28, 2011, 02:09:43 PM
 #5

They have a false positive reporting procedure.

http://forums.malwarebytes.org/index.php?showtopic=3228

Heh. The support guy is telling off the CEO for answering a question?
casascius
Mike Caldwell
VIP
Legendary
*
Offline Offline

Activity: 1344


The Casascius 1oz 10BTC Silver Round (w/ Gold B)


View Profile WWW
March 28, 2011, 03:05:43 PM
 #6

They probably treat everything that listens on a socket and not in a whitelist as a trojan. I'd say this outfit can be simply ignored.

One of the most used anti-viruses giving a false-positive for the BitCoin client can be ignored  Huh

Perspective from a new user: they visit this site called Bitcoin.org that makes their browser warn them that this site shouldn't be trusted (because we still can't get a proper SSL even though it's been brought up repeatedly for months)... and then they download an executable which their antivirus says is a virus...

and we expect their natural conclusion should be, "Oh, this is no problem.  I'll send my money to MtGox shortly".

Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable.  I never believe them.  If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins.  I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion.  Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice.  Don't keep coins online. Use paper wallets instead.
Jered Kenna (TradeHill)
Sr. Member
****
Offline Offline

Activity: 420



View Profile WWW
March 28, 2011, 03:08:21 PM
 #7

They probably treat everything that listens on a socket and not in a whitelist as a trojan. I'd say this outfit can be simply ignored.

One of the most used anti-viruses giving a false-positive for the BitCoin client can be ignored  Huh

Perspective from a new user: they visit this site called Bitcoin.org that makes their browser warn them that this site shouldn't be trusted (because we still can't get a proper SSL even though it's been brought up repeatedly for months)... and then they download an executable which their antivirus says is a virus...

and we expect their natural conclusion should be, "Oh, this is no problem.  I'll send my money to MtGox shortly".


I agree, what's the hold up on the SSL?

And no facebook Vlad? I wish I had never made one, it's evil.

moneyandtech.com
@moneyandtech @jeredkenna
Jered Kenna (TradeHill)
Sr. Member
****
Offline Offline

Activity: 420



View Profile WWW
March 28, 2011, 03:25:49 PM
 #8

Well.., to be honest, one of my websites, for a few month now, has fb account with 4k facebook recommendations. Otherwise no, no twitters, no facebooks, dinosaur it is.

This is pretty much how I feel about facebook http://www.theonion.com/video/cias-facebook-program-dramatically-cut-agencys-cos,19753/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+OnionNewsNetwork+%28Onion+News+Network%29&utm_content=Google+International

Watch that if you haven't seen it Vlad.

Sorry to get off topic here...

moneyandtech.com
@moneyandtech @jeredkenna
Mike Hearn
Legendary
*
Offline Offline

Activity: 1526


View Profile
March 28, 2011, 03:45:29 PM
 #9

Need to do a few things:

1) File an FP report with MalwareBytes including the log file we have

2) Ensure Windows binaries are always signed. Not just the download but all EXEs and DLLs involved.

Judging from the screenshot, MalwareBytes is using heuristics to try and spot malware. Most likely the combination of a hard-coded IRC server and HTTP related strings trigger it, as legitimate IRC software will (a) have a known signature reputation and (b) probably not be downloading things via HTTP.

It is indeed very unfortunate. I'm not sure what the Windows build process currently looks like, but I think Gavin has set up a VM somewhere for it. Hopefully he knows how to include certificates into the compiled binaries.
grue
Global Moderator
Legendary
*
Offline Offline

Activity: 1932



View Profile
March 28, 2011, 04:01:47 PM
 #10

bitcoin executable is clean:
http://www.virustotal.com/file-scan/report.html?id=813a970b749b7a01692597774d077d89ba6e6735d62eceebe53dda479c5f2b0e-1301327690

0/42

i think your .exe got tampered with, or it got infected by a virus.

It is pitch black. You are likely to be eaten by a grue.

Tired of annoying signature ads? Ad block for signatures
casascius
Mike Caldwell
VIP
Legendary
*
Offline Offline

Activity: 1344


The Casascius 1oz 10BTC Silver Round (w/ Gold B)


View Profile WWW
March 28, 2011, 04:05:27 PM
 #11

bitcoin executable is clean:
http://www.virustotal.com/file-scan/report.html?id=813a970b749b7a01692597774d077d89ba6e6735d62eceebe53dda479c5f2b0e-1301327690

0/42

i think your .exe got tampered with, or it got infected by a virus.

Malwarebytes isn't listed here, should we be looking for another name?

Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable.  I never believe them.  If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins.  I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion.  Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice.  Don't keep coins online. Use paper wallets instead.
eideteker
Newbie
*
Offline Offline

Activity: 13


View Profile
March 28, 2011, 05:21:23 PM
 #12

Just ran Malwarebytes, bitcoin did not show up as a threat.
kiba
Legendary
*
Offline Offline

Activity: 980


View Profile
March 28, 2011, 05:23:49 PM
 #13

I don't have winblow, so I can't test.

spenvo
Member
**
Offline Offline

Activity: 81


View Profile WWW
March 28, 2011, 07:43:42 PM
 #14

I'm with everyone else: I laughed out loud when I was that our SSL certificate was not signed by a CA.

Can we not get 120 bucks together?  Or at the very least have an address to donate/fund the SSL cert?

 

www.SpreadtheCoin.com - Free Printable Bitcoin Certificates.  A Transparent Company.

www.BitcoinBulletin.com - Reviews and Interviews.
­­Atlas
Guest

March 28, 2011, 07:46:56 PM
 #15

Is an SSL certificate really worth signing? The fact that such a thing needs to be paid for is even more laughable.
river
Guest

March 28, 2011, 08:23:00 PM
 #16

why don't they just get one of the cheap $9 dollar (Fiat) garbage ones .. just to shut up the browser and people from complaining.  Simple.
nster
Full Member
***
Offline Offline

Activity: 126



View Profile
March 28, 2011, 08:28:15 PM
 #17

Is an SSL certificate really worth signing? The fact that such a thing needs to be paid for is even more laughable.

this is a 5 MILLION $ economy, if we are stupid enough to not pay 120$ to potential do A LOT of good to bitcoins, well....

167q1CHgVjzLCwQwQvJ3tRMUCrjfqvSznd Donations are welcome Smiley Please be kind if I helped
­­Atlas
Guest

March 28, 2011, 08:30:39 PM
 #18

Is an SSL certificate really worth signing? The fact that such a thing needs to be paid for is even more laughable.

this is a 5 MILLION $ economy, if we are stupid enough to not pay 120$ to potential do A LOT of good to bitcoins, well....
A lot of good? What? To soothe the ones who don't want to go through the trouble of adding a self-signed certificate? Heh.
Cusipzzz
Sr. Member
****
Offline Offline

Activity: 300


View Profile
March 28, 2011, 08:32:06 PM
 #19

Is an SSL certificate really worth signing? The fact that such a thing needs to be paid for is even more laughable.

this is a 5 MILLION $ economy, if we are stupid enough to not pay 120$ to potential do A LOT of good to bitcoins, well....
A lot of good? What? To soothe the ones who don't want to go through the trouble of adding a self-signed certificate? Heh.

yes. make it regular-joe friendly.

http://BTCSportsBet.com - The most complete bitcoin Sportsbook - All games from pro and college sports, Champions League, E-Sports, and reduced juice as well!
­­Atlas
Guest

March 28, 2011, 08:33:27 PM
 #20

Is an SSL certificate really worth signing? The fact that such a thing needs to be paid for is even more laughable.

this is a 5 MILLION $ economy, if we are stupid enough to not pay 120$ to potential do A LOT of good to bitcoins, well....
A lot of good? What? To soothe the ones who don't want to go through the trouble of adding a self-signed certificate? Heh.

yes. make it regular-joe friendly.
The average person probably doesn't care too much for HTTPS. It's doubtful they even know what it is.
Pages: [1] 2 3 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!