digiguy
|
|
August 05, 2014, 09:27:07 PM |
|
well if you don't like this coin u can see your way out
|
|
|
|
CoinBreader
|
|
August 05, 2014, 09:29:56 PM |
|
It another PnD coin, no further plans , and the German scumbag team rip our hot wallets,
|
|
|
|
mikelitoris
|
|
August 05, 2014, 09:30:59 PM |
|
haha i don't hate, i got in and out yesterday, good luck guys
|
6561742061206469636b
|
|
|
CozyLife
Member
Offline
Activity: 84
Merit: 10
Theymos, unban my account.
|
|
August 05, 2014, 09:34:35 PM |
|
I uploaded the file in question ( https://mega.co.nz/#!6cAxzBjT!KVntyW_y8j4QVwobEHROrRhpuKnX_2uxd-KML_S4ips) to virustotal.com and noticed that other people have also uploaded it there on August 2nd. It came out clean. Both the OP and the supposed archive page on BitcoinTa.lk have the same file linked to. I'm not sure what to make of this, but can the people who claim their money was stolen please provide evidence of some kind of transfer from their address to the attacker's address? If enough people show that their money was sent to one address, perhaps we can expose the attacker. If there isn't any evidence, then perhaps it's all just FUD. It's not completely infallible, but having multiple people posting transaction data from before my post was made requesting it, should surely help to prove things beyond a reasonable doubt. Things to consider: 1.) Virus Total first analyzed the file listed in the OP and the BitcoinTa.lk forum (same file) on August 2nd. 2.) FUD about ZIPCoin wasn't even started by August 4th, meaning time zones are irrelevant. 3.) FUDsters are claiming the file in the OP is different from the one on BitcoinTa.lk citing it as an archived version of the OP. Both files are the same. (Was the other one updated too?) 4.) If the OP had a different file originally, then why didn't anyone mention the stolen coins right away? How was the clean file uploaded to VirusTotal on August 2nd when it wasn't available yet? (Did the dev upload it first as a makeshift insurance policy? Was the scam tactic unnoticeable even with the suggested wallet.dat ->voot.dat for all other coins? Did anyone open their wallets for the other coins before the FUD started?) Most of these suggest that the coin is legit, but there are some things that could be smoke and mirrors. The link cited doesn't exist. (Was it removed as it was a virus?) The CryptoCoinTalk.com forum post is by Admin. It's a popular Bitcoin Forum, so they have a reputation to keep. I think they posted it on the ZIPCoin dev's behalf. Did someone have a vendetta against ZIPCoin or did someone hack the forum or Admin account?
|
|
|
|
digiguy
|
|
August 05, 2014, 09:41:37 PM |
|
looks like my coins are still here and to all investors out there if u are using an exchange don't worry your good
|
|
|
|
Jookly
Legendary
Offline
Activity: 1131
Merit: 1007
|
|
August 05, 2014, 09:47:10 PM |
|
looks like my coins are still here and to all investors out there if u are using an exchange don't worry your good People weren't claiming to be losing ZIPcoins. They are losing other altcoins on their same computer. The exchange and the prices have been fine with the coin, that is not what people are talking about. Did you notice that the ZIP dev posted the same snarky comment with winky face in every thread of coins that came out over the weekend right at the same time people were realizing he had bundled a trojan with the wallet? This isn't FUD. I dont even have any of this coin anymore and I don't plan on buying any. Even if the current wallet is clean we still need to make people that downloaded and ran the malicious wallet aware that they might need to take steps to protecting their data.
|
|
|
|
oreoeater
Member
Offline
Activity: 113
Merit: 10
|
|
August 05, 2014, 09:53:41 PM |
|
I uploaded the file in question ( https://mega.co.nz/#!6cAxzBjT!KVntyW_y8j4QVwobEHROrRhpuKnX_2uxd-KML_S4ips) to virustotal.com and noticed that other people have also uploaded it there on August 2nd. It came out clean. Both the OP and the supposed archive page on BitcoinTa.lk have the same file linked to. I'm not sure what to make of this, but can the people who claim their money was stolen please provide evidence of some kind of transfer from their address to the attacker's address? If enough people show that their money was sent to one address, perhaps we can expose the attacker. If there isn't any evidence, then perhaps it's all just FUD. It's not completely infallible, but having multiple people posting transaction data from before my post was made requesting it, should surely help to prove things beyond a reasonable doubt. Things to consider: 1.) Virus Total first analyzed the file listed in the OP and the BitcoinTa.lk forum (same file) on August 2nd. 2.) FUD about ZIPCoin wasn't even started by August 4th, meaning time zones are irrelevant. 3.) FUDsters are claiming the file in the OP is different from the one on BitcoinTa.lk citing it as an archived version of the OP. Both files are the same. (Was the other one updated too?) 4.) If the OP had a different file originally, then why didn't anyone mention the stolen coins right away? How was the clean file uploaded to VirusTotal on August 2nd when it wasn't available yet? (Did the dev upload it first as a makeshift insurance policy? Was the scam tactic unnoticeable even with the suggested wallet.dat ->voot.dat for all other coins? Did anyone open their wallets for the other coins before the FUD started?) Most of these suggest that the coin is legit, but there are some things that could be smoke and mirrors. The link cited doesn't exist. (Was it removed as it was a virus?) The CryptoCoinTalk.com forum post is by Admin. It's a popular Bitcoin Forum, so they have a reputation to keep. I think they posted it on the ZIPCoin dev's behalf. Did someone have a vendetta against ZIPCoin or did someone hack the forum or Admin account? I dont know if this can qualify as proof but it is evidence...so here is the post I made in the vertcoin reddit as soon as I noticed that my coins were gone. The post was made when I had NO CLUE about the trojan at all... http://www.reddit.com/r/vertcoin/comments/2cik3k/so_i_think_i_lost_all_my_verts/
|
|
|
|
btchris
|
|
August 05, 2014, 09:55:52 PM |
|
I uploaded the file in question ( https://mega.co.nz/#!6cAxzBjT!KVntyW_y8j4QVwobEHROrRhpuKnX_2uxd-KML_S4ips) to virustotal.com That's not the file in question. As far as I can tell, that file seems clean (but again, unless it's compiled via Gitian, it's very hard to tell). The file in question was allegedly originally available here, but as I said has since been remove: https://mega.co.nz/#!JAoyiajC!0ND16g-6qVDRGVuxnNBZmd-NInXzpbdaW9Pe9dDlDUoThe suspicious file, which as far as I can tell was first referenced by user oreoeater in this post: https://bitcointalk.org/index.php?topic=721306.msg8198136#msg8198136 is still available here: https://mega.co.nz/#!L1IBwTzB!sHUsuf3fLQ-PJrtScL7IZaT99DPNesSSrUfJ_ehFjkg. It's definitely malware, see here: https://bitcointalk.org/index.php?topic=721306.msg8201918#msg8201918. I think oreoeater may have uploaded at the request of others looking to investigate it, but I haven't read the whole thread so I'm not sure. The link cited doesn't exist. (Was it removed as it was a virus?) The CryptoCoinTalk.com forum post is by Admin. It's a popular Bitcoin Forum, so they have a reputation to keep. I think they posted it on the ZIPCoin dev's behalf. Did someone have a vendetta against ZIPCoin or did someone hack the forum or Admin account?
Or did the admin simply copy and paste the link from somewhere else? Those are the questions, and I hope the admin will respond ( over here).
|
|
|
|
madbit1000
|
|
August 05, 2014, 09:59:47 PM |
|
It's important for people to know. The original file exists and can be inspected. This may turn out to unfortunately be a new tactic.
- Release new coin with "special" wallet - After 30 minutes change it to the clean wallet - Wait a few days and watch a small group claim they had coins stolen - The larger group will have the clean file and it will look like the small group of victims are just fudders - Someone makes off with the stolen wallets of the victims
Hey, someone with a brain..
|
You should not buy a warrant unless you are prepared to sustain a total loss of the money you have invested plus any commission or other transaction charges
|
|
|
oreoeater
Member
Offline
Activity: 113
Merit: 10
|
|
August 05, 2014, 10:00:48 PM |
|
Yeah Dude oreoeater is a noob so I uploaded the file that I hadn't emptied from the recycle bin so people could run it on a virtual machine and see how the trojan worked...if anything I hope some coder can figure it out so we can prepare ourselves for future etc...
|
|
|
|
madbit1000
|
|
August 05, 2014, 10:04:06 PM |
|
well if you don't like this coin u can see your way out Don't worry this coin wont last long. They never do.. but if it does then good luck with it.
|
You should not buy a warrant unless you are prepared to sustain a total loss of the money you have invested plus any commission or other transaction charges
|
|
|
btchris
|
|
August 05, 2014, 10:04:41 PM |
|
Yeah Dude oreoeater is a noob
I doubt that so I uploaded the file that I hadn't emptied from the recycle bin so people could run it on a virtual machine and see how the trojan worked...if anything I hope some coder can figure it out so we can prepare ourselves for future etc... Thanks for clarifying.
|
|
|
|
madbit1000
|
|
August 05, 2014, 10:04:57 PM |
|
Yeah Dude oreoeater is a noob so I uploaded the file that I hadn't emptied from the recycle bin so people could run it on a virtual machine and see how the trojan worked...if anything I hope some coder can figure it out so we can prepare ourselves for future etc... Nice one..
|
You should not buy a warrant unless you are prepared to sustain a total loss of the money you have invested plus any commission or other transaction charges
|
|
|
digiguy
|
|
August 05, 2014, 10:08:58 PM |
|
well if you don't like this coin u can see your way out Don't worry this coin wont last long. They never do.. but if it does then good luck with it. I know how to invest I don't need to listen to other people
|
|
|
|
oreoeater
Member
Offline
Activity: 113
Merit: 10
|
|
August 05, 2014, 10:10:22 PM |
|
Yeah Dude oreoeater is a noob
I doubt that Ahaha :p why thank you sir!!
|
|
|
|
adaseb
Legendary
Offline
Activity: 3794
Merit: 1723
|
|
August 05, 2014, 10:25:39 PM |
|
Why is it that this coin just came out and the difficulty is already so high?
Definately not worth mining at all.
Looks like Wafflepool added it to its X13 list and dumped it.
|
|
|
|
btchris
|
|
August 05, 2014, 10:38:05 PM |
|
The admin over at cryptocointalk has responded here: https://cryptocointalk.com/topic/13908-zipcoin-zipc-information/?p=116770. Given the choice between believing an admin over at cryptocointalk versus a newbie here... well, I'll let everyone come to their own conclusions... The only thing I can imagine is that OP posted the legit link, waited for bitointa.lk to cache it, swapped it for the malware link for a period of time, and then swapped in the legit link again (or there's some sort of conspiracy against OP). Without a mod to check all this, we'll never know for certain how it happened, but in the mean time, I'd avoid this coin like the plague.
|
|
|
|
oreoeater
Member
Offline
Activity: 113
Merit: 10
|
|
August 05, 2014, 11:39:37 PM |
|
[...]
Yeah Dude oreoeater is a noob so I uploaded the file that I hadn't emptied from the recycle bin so people could run it on a virtual machine and see how the trojan worked...if anything I hope some coder can figure it out so we can prepare ourselves for future etc...
Nice one.. There is nothing a coder can do about it. You have to be careful. Encrypt your wallets. Avoid running precompiled binaries on your box. If you have to run them, then run them using an unprivileged user. ahh so there is no way to look 'behind the scenes' so to say to find out what was in the code and how it worked ?
|
|
|
|
teamlottowin
|
|
August 05, 2014, 11:48:24 PM |
|
in the mean time - where is the dev ?
|
|
|
|
cecilbdemented
|
|
August 06, 2014, 12:21:14 AM |
|
Since dev is AWOL and hasn't posted the Mac wallet I sent him in the OP, here it is for anyone who wants it: https://mega.co.nz/#!IYJBXKDL!BhwcTUN296o_de4DKGWWXlvg0GhXVLzn__66nTzmBKUI compiled this straight from the source, and as stated earlier the virus was never in the source, so you can use it worry free, although I would still advise you check this and any other wallet you DL before opening.
|
|
|
|
|