BABY SHOES (OP)
Sr. Member
Offline
Activity: 448
Merit: 502
HODL - BTC
|
|
October 04, 2023, 01:16:29 PM |
|
User: harizenANN: [ANN] RadiumX New PoW coin . No ICO. No MasternodeA few minutes ago Harizen created a self-moderated thread under the name RadiumX, the site said it was still under maintenance. Then I downloaded it to make sure it checked on virustotal and indicated it looked like a virus in the application. What do you think?
|
| | | SHUFFLE.COM | | | | ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ | ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ ███████████████████████ | ██████ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██████ | ████████████████████ ████ ██ .
| ██████ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██████ | |
|
|
|
tranthidung
Legendary
Offline
Activity: 2394
Merit: 4196
Farewell o_e_l_e_o
|
|
October 04, 2023, 01:25:53 PM |
|
Then I downloaded it to make sure it checked on virustotal and indicated it looked like a virus in the application.
Virustotal can give you false positive checking results but why did you download it? Do you know by doing this, you are taking risk ? If you have other antivirus softwares, double check with them. A first shot at false positives
|
|
|
|
JeromeTash
Legendary
Offline
Activity: 2268
Merit: 1243
Heisenberg
|
Looks like someone got their account hacked. Otherwise, why would someone with an account that has such reputation post malware and risk getting permanently banned Virustotal can give you false positive checking results but why did you download it? Do you know by doing this, you are taking risk ? If you have other antivirus softwares, double check with them. A first shot at false positivesI know VT has false positives, but what OP posted is true, it's malware. The GitHub is only 2 weeks old with 4 repositories contain different malicious files The GitHub profile even appears in Lafu's reports - https://bitcointalk.org/index.php?topic=5182222.msg62871485#msg62871485
|
|
|
|
Cantsay
|
|
October 04, 2023, 01:44:09 PM |
|
2 weeks old GitHub account files uploaded few hours ago that says a lot. And as if that’s not enough the link in their Ann is a direct download link ( which should bring some concern to users that are conscious of the risk involved in downloading any file from an unknown source). I just took a look at the site’s info and it turned out that the domain is yet to be registered. Edit: They deleted all post that called them either “scam” or “virus” from their threads. https://ninjastic.space/search?topic_id=5469180
|
| | | | | | | ███▄▀██▄▄ ░░▄████▄▀████ ▄▄▄ ░░████▄▄▄▄░░█▀▀ ███ ██████▄▄▀█▌ ░▄░░███▀████ ░▐█░░███░██▄▄ ░░▄▀░████▄▄▄▀█ ░█░▄███▀████ ▐█ ▀▄▄███▀▄██▄ ░░▄██▌░░██▀ ░▐█▀████ ▀██ ░░█▌██████ ▀▀██▄ ░░▀███ | | ▄▄██▀▄███ ▄▄▄████▀▄████▄░░ ▀▀█░░▄▄▄▄████░░ ▐█▀▄▄█████████ ████▀███░░▄░ ▄▄██░███░░█▌░ █▀▄▄▄████░▀▄░░ █▌████▀███▄░█░ ▄██▄▀███▄▄▀ ▀██░░▐██▄░░ ██▀████▀█▌░ ▄██▀▀██████▐█░░ ███▀░░ | | | | |
|
|
|
Lafu
Legendary
Offline
Activity: 3094
Merit: 3195
|
User: harizenA few minutes ago Harizen created a self-moderated thread under the name RadiumX, the site said it was still under maintenance. What do you think? Nice catch BABY SHOES and yes the Account for sure got hacked or sold as it has the fake github account in the thread that was used already weeks ago. Thats why i collect that fake github accounts as its easier to spot , find and research for it. Virustotal can give you false positive checking results but why did you download it?
Thats true but not in this case , BABY SHOES post and he is right the Account got hacked or sold. Yeb looks like the Account got hacked , and thanks for that you mentioned me here , i already tagged the Account and reported it to the Moderators.
|
|
|
|
Rikafip
Legendary
Offline
Activity: 1876
Merit: 6324
|
|
October 04, 2023, 02:02:17 PM |
|
So I see that these scammers are still using that "Radium X" for fake ANN threads, like years ago...
Regarding Harizen, it looks like hacked account as I see no change of password and/or email and it doesn't make much sense to sell Legendary account with solid reputation and that is in a signature campaign. Then again, stranger things have happened here. Either way, hopefully he realizes soon what happened so he can get control of his account back.
And yeah, nice catch OP!
|
|
|
|
DireWolfM14
Copper Member
Legendary
Offline
Activity: 2282
Merit: 4415
Join the world-leading crypto sportsbook NOW!
|
|
October 04, 2023, 02:16:21 PM Merited by tranthidung (1) |
|
There are a lot of red-flags here. The git for Radium has no repositories to view, no releases to view, and the only link that has any function is the download link. That's not how any legit coin would start out. And, as Cantsay mentioned, deleting posts in a self-moderated ann thread is another red-flag. Speaking of flags, newbie flag created: https://bitcointalk.org/index.php?action=trust;flag=3217
|
|
|
|
tranthidung
Legendary
Offline
Activity: 2394
Merit: 4196
Farewell o_e_l_e_o
|
|
October 04, 2023, 02:20:26 PM |
|
Thats true but not in this case , BABY SHOES post and he is right the Account got hacked or sold.
I did not check details and only recommended OP to double check. I only recall that Harizen used be a member in CM campaign and he was there a long time. I have never seen he launched any project so it is a bit strange to see that topic but my feeling is it sounds impossible a trusted member over years, turn to spread malwares. I of course know that even forum VIP and donator members turned to scammers so I don't exclude that chance, just need more checking. Regarding Harizen, it looks like hacked account as I see no change of password and/or email and it doesn't make much sense to sell Legendary account with solid reputation and that is in a signature campaign. Then again, stranger things have happened here. Either way, hopefully he realizes soon what happened so he can get control of his account back.
Get his account back is not enough and I believe his account will be either banned (by spreading malwares, against forum rules) or locked (by security reason). This case reminds me about kenzawak. kenzawak hacked (again)Account "kenzawak" compromised again
|
|
|
|
JeromeTash
Legendary
Offline
Activity: 2268
Merit: 1243
Heisenberg
|
|
October 04, 2023, 02:32:15 PM |
|
Yeb looks like the Account got hacked , and thanks for that you mentioned me here , i already tagged the Account and reported it to the Moderators.
lighpulsar07_alt and alt account of lighpulsar07 that was banned for posting similar malicious links also happened to post the same https://ninjastic.space/post/62933087 but what surprised me is that the mods just deleted the post and did not ban the account. It looks like lighpulsar07 used similar login details for both his accounts, making the hacker use his alt account as well This user ( BluOrb) also has posted malicious links before and came back to post a new malicious link. Again, on both occasions the user has not been banned. Do mods have some criteria they follow to ban or not to ban such accounts
Either way, hopefully he realizes soon what happened so he can get control of his account back.
it's going to get banned, and convincing mods to unban it may become hard.
|
|
|
|
Rikafip
Legendary
Offline
Activity: 1876
Merit: 6324
|
|
October 04, 2023, 02:42:41 PM |
|
it's going to get banned, and convincing mods to unban it may become hard.
Yep, he will most likely get banned but if he was indeed hacked I don't think that it will be that hard to convince mods to unban him. Keep in mind that we are not talking about some unknown low level account but about Legendary with good reputation and history on bitcointalk so it doesn't make any sense to post some low level garbage like this. And it's not like we see something like this before as there were exactly the same cases in the past and members got their accounts back.
|
|
|
|
hg_away
Member
Offline
Activity: 111
Merit: 69
Alt of @hugeblack
|
|
October 04, 2023, 02:47:51 PM |
|
It is better to report that account and banning it with delete ANN. if it has been hacked, Harizen can restore it with ANN .
|
|
|
|
Lafu
Legendary
Offline
Activity: 3094
Merit: 3195
|
|
October 04, 2023, 02:51:39 PM |
|
Thanks for let me know about this problem about this 2 Accounts , that maybe got forgotten to be banned. On this way i already have written an PM to mprep and asked whats the case on this 2 Accounts and that they maybe now can get banned. I guess that they will be get banned soon after the PM and i also made a reference link in the PM to your post. The posted thread from harizen is already deleted and i guess the Account gets locked soon.
|
|
|
|
JeromeTash
Legendary
Offline
Activity: 2268
Merit: 1243
Heisenberg
|
|
October 04, 2023, 03:09:41 PM |
|
Yep, he will most likely get banned but if he was indeed hacked I don't think that it will be that hard to convince mods to unban him. Keep in mind that we are not talking about some unknown low level account but about Legendary with good reputation and history on bitcointalk so it doesn't make any sense to post some low level garbage like this. And it's not like we see something like this before as there were exactly the same cases in the past and members got their accounts back.
I like seeing getting unbanned in this forum at times as a game of roulette offordscott for example had his account banned for posting malware. It was quite clear that it was hacked. He appealed against the ban and had even some trusted members vouch for him, but in the end the account remained banned. He probably gave up on the forum after that.
|
|
|
|
Rikafip
Legendary
Offline
Activity: 1876
Merit: 6324
|
|
October 04, 2023, 07:48:05 PM |
|
offordscott for example had his account banned for posting malware. It was quite clear that it was hacked. He appealed against the ban and had even some trusted members vouch for him, but in the end the account remained banned. He probably gave up on the forum after that. Weird case, imho that account should have been unbanned. I see that person in question didn't really push too much to get his account unbanned (he ant afk day after appeal) and unfortunately that is needed sometimes but I guess he just coulnd't bother with that and decided to leave the forum without fight. Harizen finally realized realized that his account has been locked and created an appeal thread so hopefully he has more luck and persistence and gets his account back.
|
|
|
|
Xal0lex
Staff
Legendary
Offline
Activity: 2562
Merit: 2563
|
|
October 04, 2023, 07:49:30 PM |
|
Actually, both of those accounts are banned.
|
|
|
|
albon
Legendary
Offline
Activity: 1820
Merit: 1483
|
|
October 04, 2023, 08:12:49 PM Last edit: October 04, 2023, 08:24:45 PM by albon |
|
The posted thread from harizen is already deleted and i guess the Account gets locked soon.
I don't know the member, but it's frankly strange. Through Harizen's statistics on BPIP, it turns out that he is an old legendary member and has many achievements and positive feedback from many members, and through Ninjastic, I found through his topics and posts that he is interested in the gambling board and other boards, and I did not find in his previous topics that he had published ANN topics before or any posts related to RadiumX. Therefore, I highly expect that whoever posted the RadiumX ANN topic, which contains a Trojan, is not the original owner of the account, perhaps another superficial scammer who knows nothing about the forum. It is good that the topic has been deleted now, and I hope the account will be locked ASAP because it will harm many people who may trust what will be published through Harizen's account. ------ Actually, both of those accounts are banned. What I see is that only the other account has been BANNED, but the second alt account [lighpulsar07_alt] is still alive: https://bpip.org/Profile?id=1752216Last Active: October 02, 2023
|
|
|
|
Xal0lex
Staff
Legendary
Offline
Activity: 2562
Merit: 2563
|
|
October 04, 2023, 09:05:06 PM |
|
Actually, both of those accounts are banned.
What I see is that only the other account has been BANNED, but the second alt account [lighpulsar07_alt] is still alive: https://bpip.org/Profile?id=1752216Last Active: October 02, 2023 Who do you trust more, a moderator who sees the real situation or a third-party service (suchmoon, no offense )? And seriously, this has been discussed many times before. BPIP sometimes does not show the real state of affairs regarding user bans. Why this happens, I have no idea.
|
|
|
|
Stalker22
Legendary
Offline
Activity: 1624
Merit: 1386
|
|
October 04, 2023, 10:19:43 PM |
|
~ Therefore, I highly expect that whoever posted the RadiumX ANN topic, which contains a Trojan, is not the original owner of the account, perhaps another superficial scammer who knows nothing about the forum.
It is good that the topic has been deleted now, and I hope the account will be locked ASAP because it will harm many people who may trust what will be published through Harizen's account.
Yes. It has already been confirmed that his account has been blocked and harizenbanappeal has already started a ban appeal thread in the Meta board. He claims that he did not post the ANN topic with the malware link and that his account was probably hacked.
|
|
|
|
robelneo
Legendary
Offline
Activity: 3360
Merit: 1216
Payment Gateway Allows Recurring Payments
|
|
October 04, 2023, 11:44:09 PM |
|
~ Therefore, I highly expect that whoever posted the RadiumX ANN topic, which contains a Trojan, is not the original owner of the account, perhaps another superficial scammer who knows nothing about the forum.
It is good that the topic has been deleted now, and I hope the account will be locked ASAP because it will harm many people who may trust what will be published through Harizen's account.
Yes. It has already been confirmed that his account has been blocked and harizenbanappeal has already started a ban appeal thread in the Meta board. He claims that he did not post the ANN topic with the malware link and that his account was probably hacked. Harizen claims that its not him he can still log in but there's a notification of ban, his ban appeal depends on how he present his innocence there's an IP login where the forum admin can see the details where he login his IP and the time of his log in if the data shows different information on the time he posted that malware thread then he has a good chance of recovery. This is unfortunate he is a Legendary member and has a good contribution in many discussions.
|
|
|
|
|