mole0815
Staff
Legendary
Offline
Activity: 2506
Merit: 2705
Join the world-leading crypto sportsbook NOW!
|
|
February 09, 2020, 06:13:34 PM |
|
Yeah, looks like he's connected to grms. Alts are allowed but it would be a ban evasion. But I'm not going to do anything. I was just thinking about searching github for more information. But as I said before I'll leave it at that (for now)
|
| | | . .Duelbits. | | | █▀▀▀▀▀ █ █ █ █ █ █ █ █ █ █ █ █▄▄▄▄▄ | TRY OUR
NEW UNIQUE GAMES! | | . ..DICE... | ███████████████████████████████ ███▀▀ ▀▀███ ███ ▄▄▄▄ ▄▄▄▄ ███ ███ ██████ ██████ ███ ███ ▀████▀ ▀████▀ ███ ███ ███ ███ ███ ███ ███ ███ ▄████▄ ▄████▄ ███ ███ ██████ ██████ ███ ███ ▀▀▀▀ ▀▀▀▀ ███ ███▄▄ ▄▄███ ███████████████████████████████ | . .MINES. | ███████████████████████████████ ████████████████████████▄▀▄████ ██████████████▀▄▄▄▀█████▄▀▄████ ████████████▀ █████▄▀████ █████ ██████████ █████▄▀▀▄██████ ███████▀ ▀████████████ █████▀ ▀██████████ █████ ██████████ ████▌ ▐█████████ █████ ██████████ ██████▄ ▄███████████ ████████▄▄ ▄▄█████████████ ███████████████████████████████ | . .PLINKO. | ███████████████████████████████ █████████▀▀▀ ▀▀▀█████████ ██████▀ ▄▄███ ███ ▀██████ █████ ▄▀▀ █████ ████ ▀ ████ ███ ███ ███ ███ ███ ███ ████ ████ █████ █████ ██████▄ ▄██████ █████████▄▄▄ ▄▄▄█████████ ███████████████████████████████ | 10,000x MULTIPLIER | │ | NEARLY UP TO .50%. REWARDS | | | ▀▀▀▀▀█ █ █ █ █ █ █ █ █ █ █ █ ▄▄▄▄▄█ |
|
|
|
|
Lafu (OP)
Legendary
Offline
Activity: 3122
Merit: 3206
|
|
February 10, 2020, 05:11:55 PM Last edit: February 11, 2020, 03:19:18 AM by Lafu |
|
Found that post today ! TOPIC https://bitcointalk.org/index.php?topic=5223499ATTENTION !!! TROJAN DETECTED!!! IMMEDIATELY AFTER YOU RUN .EXE FILE ANOTHER FILES CREATED: --- Backdoor.Agent.Generic (Malwarebytes report), C:\USERS\*****\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\STARTUP\SYSTEMHOST.URL
[InternetShortcut] C:\Users\*****\Documents\IISExpress\Bypass\Interpeter.exe IconIndex=0 IconFile=C:/Users/*****/Documents/IISExpress/Bypass/Interpeter.exe
--- TROJAN FILE NAMED 'Interpeter.exe' CREATED HERE 'C:\Users\*****\Documents\IISExpress\Bypass\ https://www.virustotal.com/gui/file/4520cd9d6527b18ae6a7fce2a1d01ab412ebc52dc0fbfb08f67717e3c6083f09/detection
[02.10 00:00:30] Head_GPU-v2.0.3.exe *64 - raw.githubusercontent.com:443 open through [02.10 00:00:35] Interpeter.exe - np.shandow.ru:443 open through [02.10 00:00:36] Head_GPU-v2.0.3.exe *64 - raw.githubusercontent.com:443 close, 570 bytes sent, 39429 bytes (38.5 KB) received, lifetime 00:06 [02.10 00:00:39] Interpeter.exe - np.shandow.ru:443 close, 356 bytes sent, 314965 bytes (307 KB) received, lifetime 00:04
Interpeter.exe immediately establish connection with np.shandow.ru:443 and start to download malicious software.
Thats the ANN and Miner Software Thread : [ANN] Head GPU&CPU Miner New version 2.0.3 [New algorithms]
And it looks not good for me and also i guess this are not realy false positive as other Miner Software has. Would be nice to know some opinions before i report it . But it realy looks like there are more Trojan and Malware programs in it . Source : https://www.virustotal.com/gui/file/4520cd9d6527b18ae6a7fce2a1d01ab412ebc52dc0fbfb08f67717e3c6083f09/detectionI tried to download the File but got instant warnings !
|
|
|
|
Lafu (OP)
Legendary
Offline
Activity: 3122
Merit: 3206
|
|
February 11, 2020, 05:02:15 AM |
|
A New Sonex Fake ANN with Malware ! [ANN] Sonex . New RandomX coin User : mcrex666Possible this Account got also hacked so please ban or Lock this User and delete the Thread that not more Users get hacked when they download this Malware shit ![b]Wallets[/b] Windows(beta): https://github.com/sonexcore/SONEX/releases/download/v.1.0.0/Sonex-qt.zip
[b]Site[/b] [url=http://sonex.info]sonex.info[/url] (in maintenance)
[b]Explorer[/b] Integrated in wallet
In this Sonex case we have now 4 with that one! - leond Account is restored to the real owner
- zenhu Account is restored to the real owner
- garmin Hacked and for now not restored
|
|
|
|
Rikafip
Legendary
Offline
Activity: 1904
Merit: 6372
|
|
February 11, 2020, 07:56:46 AM |
|
Same user, @mcrex666 just made another fake ChanCoin Ann with malware Archive https://archive.fo/zgvEK
|
|
|
|
masulum
Legendary
Offline
Activity: 2324
Merit: 1603
hmph..
|
|
February 12, 2020, 01:13:36 PM |
|
|
HOLD...
|
|
|
|
Lafu (OP)
Legendary
Offline
Activity: 3122
Merit: 3206
|
|
February 12, 2020, 07:52:26 PM |
|
Another fake Chancoin announcement thread with malware, same guy that earlier today made Sonex
Thanks Bro , looks like they coming more again and posting everyday ! Glad a few are watching out for them too. The thread for Chancoin is deleted ! But the Sonex thread is already there and hope that a Mod or Global Mod delete the thread before some more User download there Shit ! I warned yesterday and today 2 Users as i have seen they posted in there and one have seen it and dont got infected with the download.
|
|
|
|
mole0815
Staff
Legendary
Offline
Activity: 2506
Merit: 2705
Join the world-leading crypto sportsbook NOW!
|
|
February 12, 2020, 08:35:22 PM |
|
The thread for Chancoin is deleted !
But the Sonex thread is already there and hope that a Mod or Global Mod delete the thread before some more User download there Shit !
I cannot find a thread anymore (except the deleted ones)! Maybe you have a link so we can take care of it? Thanks Lafu
|
| | | . .Duelbits. | | | █▀▀▀▀▀ █ █ █ █ █ █ █ █ █ █ █ █▄▄▄▄▄ | TRY OUR
NEW UNIQUE GAMES! | | . ..DICE... | ███████████████████████████████ ███▀▀ ▀▀███ ███ ▄▄▄▄ ▄▄▄▄ ███ ███ ██████ ██████ ███ ███ ▀████▀ ▀████▀ ███ ███ ███ ███ ███ ███ ███ ███ ▄████▄ ▄████▄ ███ ███ ██████ ██████ ███ ███ ▀▀▀▀ ▀▀▀▀ ███ ███▄▄ ▄▄███ ███████████████████████████████ | . .MINES. | ███████████████████████████████ ████████████████████████▄▀▄████ ██████████████▀▄▄▄▀█████▄▀▄████ ████████████▀ █████▄▀████ █████ ██████████ █████▄▀▀▄██████ ███████▀ ▀████████████ █████▀ ▀██████████ █████ ██████████ ████▌ ▐█████████ █████ ██████████ ██████▄ ▄███████████ ████████▄▄ ▄▄█████████████ ███████████████████████████████ | . .PLINKO. | ███████████████████████████████ █████████▀▀▀ ▀▀▀█████████ ██████▀ ▄▄███ ███ ▀██████ █████ ▄▀▀ █████ ████ ▀ ████ ███ ███ ███ ███ ███ ███ ████ ████ █████ █████ ██████▄ ▄██████ █████████▄▄▄ ▄▄▄█████████ ███████████████████████████████ | 10,000x MULTIPLIER | │ | NEARLY UP TO .50%. REWARDS | | | ▀▀▀▀▀█ █ █ █ █ █ █ █ █ █ █ █ ▄▄▄▄▄█ |
|
|
|
Lafu (OP)
Legendary
Offline
Activity: 3122
Merit: 3206
|
|
February 12, 2020, 08:42:13 PM Last edit: February 12, 2020, 08:57:11 PM by Lafu |
|
I cannot find a thread anymore (except the deleted ones)! Maybe you have a link so we can take care of it? Thanks Lafu Its gone and just have seen it a few min ago! Looks like a global Moderator was faster then you. Anyway thanks for help always, realy appreciated.
|
|
|
|
Rikafip
Legendary
Offline
Activity: 1904
Merit: 6372
|
|
February 13, 2020, 10:09:09 PM |
|
|
|
|
|
|
Rikafip
Legendary
Offline
Activity: 1904
Merit: 6372
|
|
February 14, 2020, 01:35:31 PM |
|
Sonex is back with yet another fake Ann and malware. Looks like a hacked account, as it didn't have any posts since 2013, and just now made this. And of course joined github few hour ago. Ann [ANN] Sonex . New RandomX coinUser anettle12Archive https://archive.ph/gJa2c
|
|
|
|
Rikafip
Legendary
Offline
Activity: 1904
Merit: 6372
|
|
February 14, 2020, 08:38:14 PM Last edit: February 14, 2020, 08:51:51 PM by Rikafip |
|
Suspicious announcement thread with possible malware. All the usual signs are here: self-moderated topic, user joined github 45 minutes ago, newbie account that hasn't been active for some time. User chikezeehttps://archive.fo/NMWX9Yeah all signs are there, but since that BitcoinExperimental announcement thread is still there, that means it's all legit, no malware?
|
|
|
|
Lafu (OP)
Legendary
Offline
Activity: 3122
Merit: 3206
|
|
February 14, 2020, 08:46:34 PM Last edit: February 15, 2020, 09:42:42 PM by Lafu |
|
Suspicious announcement thread with possible malware. All the usual signs are here: self-moderated topic, user joined github 45 minutes ago, newbie account that hasn't been active for some time. User chikezeeWindows: https://github.com/Crypto-Cesson/Cesson/releases/download/1.0.0/Cesson-qt.v1.0.0.x64.zip Linux: https://github.com/Crypto-Cesson/Cesson/releases/download/1.0.0/Cesson-v1.0.0-aarch64-linux-gnu.zip Source: https://github.com/Crypto-Cesson/Cesson https://archive.fo/NMWX9Nice catch on that and yes Malware attention on that thread and will report it ! Yes the FIle is infected and dangoures , i cant even download it and my system gives me Alerts. The file has an Trojan or Malware in it ! Hope it gets soon deleted. Edit : Can a Mod or Global Moderator please delete the thread about ! Malware download link https://bitcointalk.org/index.php?topic=5225876.0
|
|
|
|
ivan666
Jr. Member
Offline
Activity: 39
Merit: 2
|
|
February 16, 2020, 08:06:34 PM |
|
A New Sonex Fake ANN with Malware ! [ANN] Sonex . New RandomX coin User : mcrex666Possible this Account got also hacked so please ban or Lock this User and delete the Thread that not more Users get hacked when they download this Malware shit ![b]Wallets[/b] Windows(beta): https://github.com/sonexcore/SONEX/releases/download/v.1.0.0/Sonex-qt.zip
[b]Site[/b] [url=http://sonex.info]sonex.info[/url] (in maintenance)
[b]Explorer[/b] Integrated in wallet
In this Sonex case we have now 4 with that one! - leond Account is restored to the real owner
- zenhu Account is restored to the real owner
- garmin Hacked and for now not restored
restore my account mcrex666,please)and yet, how could my account be hacked if I didn’t download or install anything?)
|
|
|
|
Lafu (OP)
Legendary
Offline
Activity: 3122
Merit: 3206
|
|
February 16, 2020, 08:44:06 PM |
|
restore my account mcrex666,please)and yet, how could my account be hacked if I didn’t download or install anything?)
For restore your account you have to look here : Recover Hacked / Lost Accounts and write an Email to recoveries...@bitcointalk.orgHow your account got hacked i dont know , possible you downloaded something or clicked and link !! Also maybe its possible that you dont got an strong Password. What we know is that Users that post Sonex and Chancoin Threads and things mostly got hacked because the download links have Trojan and Malware in it.
In this Sonex case we have now 5 ! - leond Account is restored to the real owner
- zenhu Account is restored to the real owner
- garmin Hacked and for now not restored
- mcrex666 Hacked and for now not restored
- fancyfutwork Hacked and for now not restored
|
|
|
|
ivan666
Jr. Member
Offline
Activity: 39
Merit: 2
|
|
February 16, 2020, 09:29:50 PM |
|
restore my account mcrex666,please)and yet, how could my account be hacked if I didn’t download or install anything?)
For restore your account you have to look here : Recover Hacked / Lost Accounts and write an Email to recoveries...@bitcointalk.orgHow your account got hacked i dont know , possible you downloaded something or clicked and link !! Also maybe its possible that you dont got an strong Password. What we know is that Users that post Sonex and Chancoin Threads and things mostly got hacked because the download links have Trojan and Malware in it.
In this Sonex case we have now 5 ! - leond Account is restored to the real owner
- zenhu Account is restored to the real owner
- garmin Hacked and for now not restored
- mcrex666 Hacked and for now not restored
- fancyfutwork Hacked and for now not restored
and if I can’t make a signature? (((in that year, I fell for this scheme, I think the same nit acts.
|
|
|
|
Lafu (OP)
Legendary
Offline
Activity: 3122
Merit: 3206
|
|
February 16, 2020, 09:36:52 PM |
|
and if I can’t make a signature? (((in that year, I fell for this scheme, I think the same nit acts.
You have to follow the steps as it is esplained in the thread for restore your account. Write an email to the recovery team and look whats happen. But if i look on your post history i guess its the best when you start from scratch or use this account in the mean time . And if you get your account restored you can use this one again. Good Luck
|
|
|
|
Rikafip
Legendary
Offline
Activity: 1904
Merit: 6372
|
|
February 17, 2020, 07:12:38 AM Last edit: February 17, 2020, 12:24:54 PM by Rikafip |
|
Sonex guy is back, this is his latest fake Ann with malware. Probably one more hacked account as he just woke up after being inactive for some time. Account johnnympereira5 Archive https://archive.fo/m71fvedit:One more Sonex Ann showed up, please delete both fast before someone downloads malware Account dragger143Archive https://archive.fo/YoTM2
|
|
|
|
|