[ANN] Zipcoin [ZIPC]- X13 PoW/PoS - NO Premine - 7 days PoW - Ninja

[EntryPoint]

Hey,
Everyone that downloaded the windows wallet early needs to check that AppData\Local\Spoon directory. That is where the backdoor was installed, it doesn't come up on a lot of virus scans, and was packaged with the windows wallet. Seems that the dev has now removed the malicious wallet.

You need to delete that directory asap. The program installed after you ran the zipcoin wallet for the first time and ztor.exe remains running even after you close the zipcoin wallet.

Obviously the exchanges and people who complied from source weren't affected, as this was zipped with the original windows wallet that was posted in the announcement.

Digiguy seems like the attacker shilling to extend time cleaning people out, posting screenshots to direct attention from where the problem is.

So if you downloaded that original windows wallet you need to check that  C:\USERS\youraccount\APPDATA\LOCAL\SPOON, delete that directory asap, and then look for all your wallet.dat files in the APPDATA roaming folder, if you were infected the "wallet.dat" files were renamed to whatever coin it was such as "Dogecoin.dat" and then sent to the attacker.

Gonna repeat, Zipcoin-qt.exe itself is not malicious it was the ztor.exe bullshit that was packaged with the windows wallet, maybe thats why the dev called it zipcoin heh.

Again this shit doesnt come up on a lot of antivirus scanners and you need to remove this manually if you were infected, and then there is no telling what else could have been installed so its best to reformat your harddrive.

I fear a good amount of people got cleaned out already if they had all their wallets on the infected PC, I guess we'll find out with time.

why your wallet is installed ? my wallet not installed

I am just calling it "installed", what I mean is downloaded wallet and ran it, there was no installer if thats what you mean.

you https://mega.co.nz/#!6cAxzBjT!KVntyW_y8j4QVwobEHROrRhpuKnX_2uxd-KML_S4ips  down wallet ?

this was the link:https://mega.co.nz/#!JAoyiajC!0ND16g-6qVDRGVuxnNBZmd-NInXzpbdaW9Pe9dDlDUo, it was posted in the op and as you can see has been removed from mega.

[TheFridge]

Hey,
Everyone that downloaded the windows wallet early needs to check that AppData\Local\Spoon directory. That is where the backdoor was installed, it doesn't come up on a lot of virus scans, and was packaged with the windows wallet. Seems that the dev has now removed the malicious wallet.

You need to delete that directory asap. The program installed after you ran the zipcoin wallet for the first time and ztor.exe remains running even after you close the zipcoin wallet.

Obviously the exchanges and people who complied from source weren't affected, as this was zipped with the original windows wallet that was posted in the announcement.

Digiguy seems like the attacker shilling to extend time cleaning people out, posting screenshots to direct attention from where the problem is.

So if you downloaded that original windows wallet you need to check that  C:\USERS\youraccount\APPDATA\LOCAL\SPOON, delete that directory asap, and then look for all your wallet.dat files in the APPDATA roaming folder, if you were infected the "wallet.dat" files were renamed to whatever coin it was such as "Dogecoin.dat" and then sent to the attacker.

Gonna repeat, Zipcoin-qt.exe itself is not malicious it was the ztor.exe bullshit that was packaged with the windows wallet, maybe thats why the dev called it zipcoin heh.

Again this shit doesnt come up on a lot of antivirus scanners and you need to remove this manually if you were infected, and then there is no telling what else could have been installed so its best to reformat your harddrive.

I fear a good amount of people got cleaned out already if they had all their wallets on the infected PC, I guess we'll find out with time.

Hey all, I can confirm that this is a virus. I downloaded yesterday, woke up this morning and my Bitcoin Wallet and my Minerals Coins had been cleaned out. Not a great deal about 2.5 BTC worth, but still lost revenue from mining.
I ran the Malware bytes scan and Avast and it did indeed confirm that the file named netsh.exe was located in the directory C:\users\MyUsername\Appdata\Local\Spoon\Sandbox\Zipcoin-Qt\2.0.0.0\local\stubexe\0x94D16BC4A71627A1

Running through the blockchain it appears that a few others have been taken so check your balances and it is not only limited to BTC wallets, it is ALL wallets. So I endeavour all who has the wallet installed to do a complete re-install of the system. Just deleting those files is not enough, you dont want to risk it

This fucking scumbag sure has some bad karma coming their way

[sly5am]

You are taking losing 2.5btc pretty good, I'd be freaking out. Sounds like a bunch of BS to me. I downloaded the wallet from here early, I haven't had one problem , nothing shows up in my task manager to indicate anything unusual, This wallet doesn't run on the tor network, never did.  However, OP on page one now says "Mod Note, run this software at your own risk." Is this an elaborate scam to get cheap coins? If there was a virus in the software, and the OP knows it..  putting a warning on the OP page is like signing this coins death warrant. Something is fishy here, not sure what it is.

[EntryPoint]

Sounds like a bunch of BS to me. I downloaded the wallet from here early, I haven't had one problem , nothing shows up in my task manager to indicate anything unusual, This wallet doesn't run on the tor network, never did.  However, OP on page one now says "Mod Note, run this software at your own risk." Is this an elaborate scam to get cheap coins? If there was a virus in the software, and the OP knows it..  putting a warning on the OP page is like signing this coins death warrant. Something is fishy here, not sure what it is.

No man I fucking got robbed and so did others. What are you saying about the tor network, read my post from earlier please. The malicious code ran as a process called "ztor.exe", that could have been named anything like "takinallyourmoney.exe", it has nothing to do with tor network. The dev has changed the wallet link that was here 2 days ago and added a new one to cover up.

The dev is putting a warning probably to try to cover his tracks, and to buy more time to steal more people money, since there is a lot of misinformation in this thread he is trying to capitalize on that hoping people will believe him.

[oreoeater]

can confirm this! Had all my verts stolen...

[dragodsm]

bittrex buy order on top now

8.0494   807359.80994255     0.00000997


https://bittrex.com/Market/Index?MarketName=BTC-ZIPC

[sly5am]

Sounds like a bunch of BS to me. I downloaded the wallet from here early, I haven't had one problem , nothing shows up in my task manager to indicate anything unusual, This wallet doesn't run on the tor network, never did.  However, OP on page one now says "Mod Note, run this software at your own risk." Is this an elaborate scam to get cheap coins? If there was a virus in the software, and the OP knows it..  putting a warning on the OP page is like signing this coins death warrant. Something is fishy here, not sure what it is.

No man I fucking got robbed and so did others. What are you saying about the tor network, read my post from earlier please. The malicious code ran as a process called "ztor.exe", that could have been named anything like "takinallyourmoney.exe", it has nothing to do with tor network. The dev has changed the wallet link that was here 2 days ago and added a new one to cover up.

The dev is putting a warning probably to try to cover his tracks, and to buy more time to steal more people money, since there is a lot of misinformation in this thread he is trying to capitalize on that hoping people will believe him.

Ok, I was talking about the guy above my post. not sure why you jumped in,, sock puppet? whatever.. anyway.. I haven't seen anything wrong with this wallet, and I downloaded it the other day also.. so not sure whats up with several people with sketchy wallets. i'll keep an eye out for weird stuff I guess.

[TheFridge]

Sounds like a bunch of BS to me. I downloaded the wallet from here early, I haven't had one problem , nothing shows up in my task manager to indicate anything unusual, This wallet doesn't run on the tor network, never did.  However, OP on page one now says "Mod Note, run this software at your own risk." Is this an elaborate scam to get cheap coins? If there was a virus in the software, and the OP knows it..  putting a warning on the OP page is like signing this coins death warrant. Something is fishy here, not sure what it is.

No man I fucking got robbed and so did others. What are you saying about the tor network, read my post from earlier please. The malicious code ran as a process called "ztor.exe", that could have been named anything like "takinallyourmoney.exe", it has nothing to do with tor network. The dev has changed the wallet link that was here 2 days ago and added a new one to cover up.

The dev is putting a warning probably to try to cover his tracks, and to buy more time to steal more people money, since there is a lot of misinformation in this thread he is trying to capitalize on that hoping people will believe him.

Trust me this is not a lie, head over to https://bitcointalk.org/index.php?topic=724507.0 to see the thread where a couple of helpful people helped me identify the virus. Dont listen, call this Fud, whatever Im just trying to help others not to get scammed.

Also, the moderator put the message there not the dev.

[madbit1000]

I downloaded the wallet from here: https://cryptocointalk.com/topic/13908-zipcoin-zip-information/

Just checked and noticed that the dev must have removed the file. I only downloaded last night: https://mega.co.nz/#!JAoyiajC!0ND16g-6qVDRGVuxnNBZmd-NInXzpbdaW9Pe9dDlDUo

So for that reason, i feel safer. just doing some virus scans now to check system.

You are right,dev have removed the file.......
Idiot would invest in this coin.....

really? any proof

What do you mean any proof. It was offline

[luya518]

chinese translation：http://www.btclt.cn/thread-4515-1-1.html

[TheFridge]

FYI Here is the fucking scam devs Bitcoin address my coins got sent too https://blockchain.info/address/1Kh2Yuo5SLxBfCrkQuEsYNiRm7DmxfdnTM

[oreoeater]

Sounds like a bunch of BS to me. I downloaded the wallet from here early, I haven't had one problem , nothing shows up in my task manager to indicate anything unusual, This wallet doesn't run on the tor network, never did.  However, OP on page one now says "Mod Note, run this software at your own risk." Is this an elaborate scam to get cheap coins? If there was a virus in the software, and the OP knows it..  putting a warning on the OP page is like signing this coins death warrant. Something is fishy here, not sure what it is.

No man I fucking got robbed and so did others. What are you saying about the tor network, read my post from earlier please. The malicious code ran as a process called "ztor.exe", that could have been named anything like "takinallyourmoney.exe", it has nothing to do with tor network. The dev has changed the wallet link that was here 2 days ago and added a new one to cover up.

The dev is putting a warning probably to try to cover his tracks, and to buy more time to steal more people money, since there is a lot of misinformation in this thread he is trying to capitalize on that hoping people will believe him.

Trust me this is not a lie, head over to https://bitcointalk.org/index.php?topic=724507.0 to see the thread where a couple of helpful people helped me identify the virus. Dont listen, call this Fud, whatever Im just trying to help others not to get scammed.

Also, the moderator put the message there not the dev.

AS SAD AS IT IS IT IS TRUE! so be careful!
I just ended the ztor.exe process and deleted the files in local folder remotely. Now have to wait to get home to back everything up reformat and run a few scans

[EntryPoint]

Sounds like a bunch of BS to me. I downloaded the wallet from here early, I haven't had one problem , nothing shows up in my task manager to indicate anything unusual, This wallet doesn't run on the tor network, never did.  However, OP on page one now says "Mod Note, run this software at your own risk." Is this an elaborate scam to get cheap coins? If there was a virus in the software, and the OP knows it..  putting a warning on the OP page is like signing this coins death warrant. Something is fishy here, not sure what it is.

No man I fucking got robbed and so did others. What are you saying about the tor network, read my post from earlier please. The malicious code ran as a process called "ztor.exe", that could have been named anything like "takinallyourmoney.exe", it has nothing to do with tor network. The dev has changed the wallet link that was here 2 days ago and added a new one to cover up.

The dev is putting a warning probably to try to cover his tracks, and to buy more time to steal more people money, since there is a lot of misinformation in this thread he is trying to capitalize on that hoping people will believe him.

Ok, I was talking about the guy above my post. not sure why you jumped in,, sock puppet? whatever.. anyway.. I haven't seen anything wrong with this wallet, and I downloaded it the other day also.. so not sure whats up with several people with sketchy wallets. i'll keep an eye out for weird stuff I guess.

which link did you download it from?

this was the malicious wallet : https://mega.co.nz/#!JAoyiajC!0ND16g-6qVDRGVuxnNBZmd-NInXzpbdaW9Pe9dDlDUo
this is the current one: https://mega.co.nz/#!6cAxzBjT!KVntyW_y8j4QVwobEHROrRhpuKnX_2uxd-KML_S4ips

no idea if the current wallet is malicious as I am reformatting.

[whatdidshedo]

You are taking losing 2.5btc pretty good, I'd be freaking out. Sounds like a bunch of BS to me. I downloaded the wallet from here early, I haven't had one problem , nothing shows up in my task manager to indicate anything unusual, This wallet doesn't run on the tor network, never did.  However, OP on page one now says "Mod Note, run this software at your own risk." Is this an elaborate scam to get cheap coins? If there was a virus in the software, and the OP knows it..  putting a warning on the OP page is like signing this coins death warrant. Something is fishy here, not sure what it is.

i downloaded wallet , couple of hours into launch, it was only zipcoin.exe it was not zip package either(i don't know if he changed it afterward) , i also scan every wallet as soon as i download with malwarebytes, it seemed clean.. i just saw this and i checked appdata local and i don't see that folderthat people describe(i have hidden files and folders showing as well) i also checked running processes on my task manager i see nothing unusual , now i do not know if he changed the wallet after to a malicious one. (i will scan my pc with malwarebytes again and with super anti spyware(someone said that they find it with that software) and report back .(i downloaded wallet 2 hours into launch and it was only zipcoin-qt.exe unpackaged

[TheFridge]

Sounds like a bunch of BS to me. I downloaded the wallet from here early, I haven't had one problem , nothing shows up in my task manager to indicate anything unusual, This wallet doesn't run on the tor network, never did.  However, OP on page one now says "Mod Note, run this software at your own risk." Is this an elaborate scam to get cheap coins? If there was a virus in the software, and the OP knows it..  putting a warning on the OP page is like signing this coins death warrant. Something is fishy here, not sure what it is.

No man I fucking got robbed and so did others. What are you saying about the tor network, read my post from earlier please. The malicious code ran as a process called "ztor.exe", that could have been named anything like "takinallyourmoney.exe", it has nothing to do with tor network. The dev has changed the wallet link that was here 2 days ago and added a new one to cover up.

The dev is putting a warning probably to try to cover his tracks, and to buy more time to steal more people money, since there is a lot of misinformation in this thread he is trying to capitalize on that hoping people will believe him.

Ok, I was talking about the guy above my post. not sure why you jumped in,, sock puppet? whatever.. anyway.. I haven't seen anything wrong with this wallet, and I downloaded it the other day also.. so not sure whats up with several people with sketchy wallets. i'll keep an eye out for weird stuff I guess.

which link did you download it from?

this was the malicious wallet : https://mega.co.nz/#!JAoyiajC!0ND16g-6qVDRGVuxnNBZmd-NInXzpbdaW9Pe9dDlDUo
this is the current one: https://mega.co.nz/#!6cAxzBjT!KVntyW_y8j4QVwobEHROrRhpuKnX_2uxd-KML_S4ips

no idea if the current wallet is malicious as I am reformatting.

Mine was downloaded from this Thread yesterday. Unsure of the address because I am formatting now

[madbit1000]

Sounds like a bunch of BS to me. I downloaded the wallet from here early, I haven't had one problem , nothing shows up in my task manager to indicate anything unusual, This wallet doesn't run on the tor network, never did.  However, OP on page one now says "Mod Note, run this software at your own risk." Is this an elaborate scam to get cheap coins? If there was a virus in the software, and the OP knows it..  putting a warning on the OP page is like signing this coins death warrant. Something is fishy here, not sure what it is.

No man I fucking got robbed and so did others. What are you saying about the tor network, read my post from earlier please. The malicious code ran as a process called "ztor.exe", that could have been named anything like "takinallyourmoney.exe", it has nothing to do with tor network. The dev has changed the wallet link that was here 2 days ago and added a new one to cover up.

The dev is putting a warning probably to try to cover his tracks, and to buy more time to steal more people money, since there is a lot of misinformation in this thread he is trying to capitalize on that hoping people will believe him.

Agreed, Im out.. Dont buy this shitcoin or mine it.. Bye..

[TheFridge]

You are taking losing 2.5btc pretty good, I'd be freaking out. Sounds like a bunch of BS to me. I downloaded the wallet from here early, I haven't had one problem , nothing shows up in my task manager to indicate anything unusual, This wallet doesn't run on the tor network, never did.  However, OP on page one now says "Mod Note, run this software at your own risk." Is this an elaborate scam to get cheap coins? If there was a virus in the software, and the OP knows it..  putting a warning on the OP page is like signing this coins death warrant. Something is fishy here, not sure what it is.

i downloaded wallet , couple of hours into launch, it was only zipcoin.exe it was not zip package either(i don't know if he changed it afterward) , i also scan every wallet as soon as i download with malwarebytes, it seemed clean.. i just saw this and i checked appdata local and i don't see that folderthat people describe(i have hidden files and folders showing as well) i also checked running processes on my task manager i see nothing unusual , now i do not know if he changed the wallet after to a malicious one. (i will scan my pc with malwarebytes again and with super anti spyware(someone said that they find it with that software) and report back .(i downloaded wallet 2 hours into launch and it was only zipcoin-qt.exe unpackaged

It doesnt have to be packaged to be a virus. Avast was the first virus scan that picked it up for me

[whatdidshedo]

You are taking losing 2.5btc pretty good, I'd be freaking out. Sounds like a bunch of BS to me. I downloaded the wallet from here early, I haven't had one problem , nothing shows up in my task manager to indicate anything unusual, This wallet doesn't run on the tor network, never did.  However, OP on page one now says "Mod Note, run this software at your own risk." Is this an elaborate scam to get cheap coins? If there was a virus in the software, and the OP knows it..  putting a warning on the OP page is like signing this coins death warrant. Something is fishy here, not sure what it is.

i downloaded wallet , couple of hours into launch, it was only zipcoin.exe it was not zip package either(i don't know if he changed it afterward) , i also scan every wallet as soon as i download with malwarebytes, it seemed clean.. i just saw this and i checked appdata local and i don't see that folderthat people describe(i have hidden files and folders showing as well) i also checked running processes on my task manager i see nothing unusual , now i do not know if he changed the wallet after to a malicious one. (i will scan my pc with malwarebytes again and with super anti spyware(someone said that they find it with that software) and report back .(i downloaded wallet 2 hours into launch and it was only zipcoin-qt.exe unpackaged

It doesnt have to be packaged to be a virus. Avast was the first virus scan that picked it up for me

i'm just saying what i had and when to help if i can.

[untalented]

What's special with this coin? Has the dev proved he is legit? any type of innovation here?

innovation is zipped trojan

[oreoeater]

You are taking losing 2.5btc pretty good, I'd be freaking out. Sounds like a bunch of BS to me. I downloaded the wallet from here early, I haven't had one problem , nothing shows up in my task manager to indicate anything unusual, This wallet doesn't run on the tor network, never did.  However, OP on page one now says "Mod Note, run this software at your own risk." Is this an elaborate scam to get cheap coins? If there was a virus in the software, and the OP knows it..  putting a warning on the OP page is like signing this coins death warrant. Something is fishy here, not sure what it is.

i downloaded wallet , couple of hours into launch, it was only zipcoin.exe it was not zip package either(i don't know if he changed it afterward) , i also scan every wallet as soon as i download with malwarebytes, it seemed clean.. i just saw this and i checked appdata local and i don't see that folderthat people describe(i have hidden files and folders showing as well) i also checked running processes on my task manager i see nothing unusual , now i do not know if he changed the wallet after to a malicious one. (i will scan my pc with malwarebytes again and with super anti spyware(someone said that they find it with that software) and report back .(i downloaded wallet 2 hours into launch and it was only zipcoin-qt.exe unpackaged

It doesnt have to be packaged to be a virus. Avast was the first virus scan that picked it up for me

i'm just saying what i had and when to help if i can.

You are taking it well indeed. I lost like.3 .4 VTC worth and am really upset!