[ANN] Zipcoin [ZIPC]- X13 PoW/PoS - NO Premine - 7 days PoW - Ninja

[digiguy]

well if you don't like this coin u can see your way out

[CoinBreader]

It another PnD coin, no further plans , and the German scumbag team rip our hot wallets,

[mikelitoris]

haha i don't hate, i got in and out yesterday, good luck guys

[CozyLife]

I uploaded the file in question (https://mega.co.nz/#!6cAxzBjT!KVntyW_y8j4QVwobEHROrRhpuKnX_2uxd-KML_S4ips) to virustotal.com and noticed that other people have also uploaded it there on August 2nd. It came out clean. Both the OP and the supposed archive page on BitcoinTa.lk have the same file linked to. I'm not sure what to make of this, but can the people who claim their money was stolen please provide evidence of some kind of transfer from their address to the attacker's address? If enough people show that their money was sent to one address, perhaps we can expose the attacker. If there isn't any evidence, then perhaps it's all just FUD. It's not completely infallible, but having multiple people posting transaction data from before my post was made requesting it, should surely help to prove things beyond a reasonable doubt.

Things to consider:

1.) Virus Total first analyzed the file listed in the OP and the BitcoinTa.lk forum (same file) on August 2nd.
2.) FUD about ZIPCoin wasn't even started by August 4th, meaning time zones are irrelevant.
3.) FUDsters are claiming the file in the OP is different from the one on BitcoinTa.lk citing it as an archived version of the OP. Both files are the same. (Was the other one updated too?)
4.) If the OP had a different file originally, then why didn't anyone mention the stolen coins right away? How was the clean file uploaded to VirusTotal on August 2nd when it wasn't available yet? (Did the dev upload it first as a makeshift insurance policy? Was the scam tactic unnoticeable even with the suggested wallet.dat ->voot.dat for all other coins? Did anyone open their wallets for the other coins before the FUD started?)

Most of these suggest that the coin is legit, but there are some things that could be smoke and mirrors.

Not entirely... where did the virus-version come from, and was it created by the same author of Zipcoin?

As far as I can tell, this link has been claimed to be the link where the virus version originally came from (although its content has since been removed): https://mega.co.nz/#!JAoyiajC!0ND16g-6qVDRGVuxnNBZmd-NInXzpbdaW9Pe9dDlDUo

The first reference I can find of that link is over in this forum by an admin, so I doubt it was created by them: https://cryptocointalk.com/topic/13908-zipcoin-zip-information/?p=116755

I posted a question asking where the link came from, we'll see if there's any reply.

The link cited doesn't exist. (Was it removed as it was a virus?) The CryptoCoinTalk.com forum post is by Admin. It's a popular Bitcoin Forum, so they have a reputation to keep. I think they posted it on the ZIPCoin dev's behalf. Did someone have a vendetta against ZIPCoin or did someone hack the forum or Admin account?

[digiguy]

looks like my coins are still here and to all investors out there if u are using an exchange don't worry your good

[Jookly]

looks like my coins are still here and to all investors out there if u are using an exchange don't worry your good

People weren't claiming to be losing ZIPcoins.  They are losing other altcoins on their same computer.  The exchange and the prices have been fine with the coin, that is not what people are talking about. 

Did you notice that the ZIP dev posted the same snarky comment with winky face in every thread of coins that came out over the weekend right at the same time people were realizing he had bundled a trojan with the wallet?  This isn't FUD.  I dont even have any of this coin anymore and I don't plan on buying any.

Even if the current wallet is clean we still need to make people that downloaded and ran the malicious wallet aware that they might need to take steps to protecting their data.

[oreoeater]

I uploaded the file in question (https://mega.co.nz/#!6cAxzBjT!KVntyW_y8j4QVwobEHROrRhpuKnX_2uxd-KML_S4ips) to virustotal.com and noticed that other people have also uploaded it there on August 2nd. It came out clean. Both the OP and the supposed archive page on BitcoinTa.lk have the same file linked to. I'm not sure what to make of this, but can the people who claim their money was stolen please provide evidence of some kind of transfer from their address to the attacker's address? If enough people show that their money was sent to one address, perhaps we can expose the attacker. If there isn't any evidence, then perhaps it's all just FUD. It's not completely infallible, but having multiple people posting transaction data from before my post was made requesting it, should surely help to prove things beyond a reasonable doubt.

Things to consider:

1.) Virus Total first analyzed the file listed in the OP and the BitcoinTa.lk forum (same file) on August 2nd.
2.) FUD about ZIPCoin wasn't even started by August 4th, meaning time zones are irrelevant.
3.) FUDsters are claiming the file in the OP is different from the one on BitcoinTa.lk citing it as an archived version of the OP. Both files are the same. (Was the other one updated too?)
4.) If the OP had a different file originally, then why didn't anyone mention the stolen coins right away? How was the clean file uploaded to VirusTotal on August 2nd when it wasn't available yet? (Did the dev upload it first as a makeshift insurance policy? Was the scam tactic unnoticeable even with the suggested wallet.dat ->voot.dat for all other coins? Did anyone open their wallets for the other coins before the FUD started?)

Most of these suggest that the coin is legit, but there are some things that could be smoke and mirrors.

Not entirely... where did the virus-version come from, and was it created by the same author of Zipcoin?

As far as I can tell, this link has been claimed to be the link where the virus version originally came from (although its content has since been removed): https://mega.co.nz/#!JAoyiajC!0ND16g-6qVDRGVuxnNBZmd-NInXzpbdaW9Pe9dDlDUo

The first reference I can find of that link is over in this forum by an admin, so I doubt it was created by them: https://cryptocointalk.com/topic/13908-zipcoin-zip-information/?p=116755

I posted a question asking where the link came from, we'll see if there's any reply.

The link cited doesn't exist. (Was it removed as it was a virus?) The CryptoCoinTalk.com forum post is by Admin. It's a popular Bitcoin Forum, so they have a reputation to keep. I think they posted it on the ZIPCoin dev's behalf. Did someone have a vendetta against ZIPCoin or did someone hack the forum or Admin account?

I dont know if this can qualify as proof but it is evidence...so here is the post I made in the vertcoin reddit as soon as I noticed that my coins were gone. The post was made when I had NO CLUE about the trojan at all...

http://www.reddit.com/r/vertcoin/comments/2cik3k/so_i_think_i_lost_all_my_verts/

[btchris]

I uploaded the file in question (https://mega.co.nz/#!6cAxzBjT!KVntyW_y8j4QVwobEHROrRhpuKnX_2uxd-KML_S4ips) to virustotal.com

That's not the file in question. As far as I can tell, that file seems clean (but again, unless it's compiled via Gitian, it's very hard to tell).

The file in question was allegedly originally available here, but as I said has since been remove: https://mega.co.nz/#!JAoyiajC!0ND16g-6qVDRGVuxnNBZmd-NInXzpbdaW9Pe9dDlDUo

The suspicious file, which as far as I can tell was first referenced by user oreoeater in this post: https://bitcointalk.org/index.php?topic=721306.msg8198136#msg8198136  is still available here: https://mega.co.nz/#!L1IBwTzB!sHUsuf3fLQ-PJrtScL7IZaT99DPNesSSrUfJ_ehFjkg. It's definitely malware, see here: https://bitcointalk.org/index.php?topic=721306.msg8201918#msg8201918. I think oreoeater may have uploaded at the request of others looking to investigate it, but I haven't read the whole thread so I'm not sure.

The link cited doesn't exist. (Was it removed as it was a virus?) The CryptoCoinTalk.com forum post is by Admin. It's a popular Bitcoin Forum, so they have a reputation to keep. I think they posted it on the ZIPCoin dev's behalf. Did someone have a vendetta against ZIPCoin or did someone hack the forum or Admin account?

Or did the admin simply copy and paste the link from somewhere else? Those are the questions, and I hope the admin will respond (over here).

[madbit1000]

It's important for people to know. The original file exists and can be inspected. This may turn out to unfortunately be a new tactic.

- Release new coin with "special" wallet
- After 30 minutes change it to the clean wallet
- Wait a few days and watch a small group claim they had coins stolen
- The larger group will have the clean file and it will look like the small group of victims are just fudders
- Someone makes off with the stolen wallets of the victims

Hey, someone with a brain..

[oreoeater]

I uploaded the file in question (https://mega.co.nz/#!6cAxzBjT!KVntyW_y8j4QVwobEHROrRhpuKnX_2uxd-KML_S4ips) to virustotal.com

That's not the file in question. As far as I can tell, that file seems clean (but again, unless it's compiled via Gitian, it's very hard to tell).

The file in question was allegedly originally available here, but as I said has since been remove: https://mega.co.nz/#!JAoyiajC!0ND16g-6qVDRGVuxnNBZmd-NInXzpbdaW9Pe9dDlDUo

The suspicious file, which as far as I can tell was first referenced by user oreoeater in this post: https://bitcointalk.org/index.php?topic=721306.msg8198136#msg8198136  is still available here: https://mega.co.nz/#!L1IBwTzB!sHUsuf3fLQ-PJrtScL7IZaT99DPNesSSrUfJ_ehFjkg. It's definitely malware, see here: https://bitcointalk.org/index.php?topic=721306.msg8201918#msg8201918. I think oreoeater may have uploaded at the request of others looking to investigate it, but I haven't read the whole thread so I'm not sure.

The link cited doesn't exist. (Was it removed as it was a virus?) The CryptoCoinTalk.com forum post is by Admin. It's a popular Bitcoin Forum, so they have a reputation to keep. I think they posted it on the ZIPCoin dev's behalf. Did someone have a vendetta against ZIPCoin or did someone hack the forum or Admin account?

Or did the admin simply copy and paste the link from somewhere else? Those are the questions, and I hope the admin will respond (over here).

Yeah Dude oreoeater is a noob so I uploaded the file that I hadn't emptied from the recycle bin so people could run it on a virtual machine and see how the trojan worked...if anything I hope some coder can figure it out so we can prepare ourselves for future etc...

[madbit1000]

well if you don't like this coin u can see your way out

Don't worry this coin wont last long. They never do.. but if it does then good luck with it.

[btchris]

Yeah Dude oreoeater is a noob

I doubt that 

The suspicious file, which as far as I can tell was first referenced by user oreoeater in this post: https://bitcointalk.org/index.php?topic=721306.msg8198136#msg8198136  is still available here: https://mega.co.nz/#!L1IBwTzB!sHUsuf3fLQ-PJrtScL7IZaT99DPNesSSrUfJ_ehFjkg. It's definitely malware, see here: https://bitcointalk.org/index.php?topic=721306.msg8201918#msg8201918. I think oreoeater may have uploaded at the request of others looking to investigate it, but I haven't read the whole thread so I'm not sure.

so I uploaded the file that I hadn't emptied from the recycle bin so people could run it on a virtual machine and see how the trojan worked...if anything I hope some coder can figure it out so we can prepare ourselves for future etc...

Thanks for clarifying.

[madbit1000]

I uploaded the file in question (https://mega.co.nz/#!6cAxzBjT!KVntyW_y8j4QVwobEHROrRhpuKnX_2uxd-KML_S4ips) to virustotal.com

That's not the file in question. As far as I can tell, that file seems clean (but again, unless it's compiled via Gitian, it's very hard to tell).

The file in question was allegedly originally available here, but as I said has since been remove: https://mega.co.nz/#!JAoyiajC!0ND16g-6qVDRGVuxnNBZmd-NInXzpbdaW9Pe9dDlDUo

The suspicious file, which as far as I can tell was first referenced by user oreoeater in this post: https://bitcointalk.org/index.php?topic=721306.msg8198136#msg8198136  is still available here: https://mega.co.nz/#!L1IBwTzB!sHUsuf3fLQ-PJrtScL7IZaT99DPNesSSrUfJ_ehFjkg. It's definitely malware, see here: https://bitcointalk.org/index.php?topic=721306.msg8201918#msg8201918. I think oreoeater may have uploaded at the request of others looking to investigate it, but I haven't read the whole thread so I'm not sure.

The link cited doesn't exist. (Was it removed as it was a virus?) The CryptoCoinTalk.com forum post is by Admin. It's a popular Bitcoin Forum, so they have a reputation to keep. I think they posted it on the ZIPCoin dev's behalf. Did someone have a vendetta against ZIPCoin or did someone hack the forum or Admin account?

Or did the admin simply copy and paste the link from somewhere else? Those are the questions, and I hope the admin will respond (over here).

Yeah Dude oreoeater is a noob so I uploaded the file that I hadn't emptied from the recycle bin so people could run it on a virtual machine and see how the trojan worked...if anything I hope some coder can figure it out so we can prepare ourselves for future etc...

Nice one..

[digiguy]

well if you don't like this coin u can see your way out

Don't worry this coin wont last long. They never do.. but if it does then good luck with it.

I know how to invest I don't need to listen to other people

[oreoeater]

Yeah Dude oreoeater is a noob

I doubt that 

Ahaha :p why thank you sir!!

[adaseb]

Why is it that this coin just came out and the difficulty is already so high?

Definately not worth mining at all.

Looks like Wafflepool added it to its X13 list and dumped it.

[btchris]

I uploaded the file in question (https://mega.co.nz/#!6cAxzBjT!KVntyW_y8j4QVwobEHROrRhpuKnX_2uxd-KML_S4ips) to virustotal.com

That's not the file in question. As far as I can tell, that file seems clean (but again, unless it's compiled via Gitian, it's very hard to tell).

The file in question was allegedly originally available here, but as I said has since been remove: https://mega.co.nz/#!JAoyiajC!0ND16g-6qVDRGVuxnNBZmd-NInXzpbdaW9Pe9dDlDUo

The suspicious file, which as far as I can tell was first referenced by user oreoeater in this post: https://bitcointalk.org/index.php?topic=721306.msg8198136#msg8198136  is still available here: https://mega.co.nz/#!L1IBwTzB!sHUsuf3fLQ-PJrtScL7IZaT99DPNesSSrUfJ_ehFjkg. It's definitely malware, see here: https://bitcointalk.org/index.php?topic=721306.msg8201918#msg8201918. I think oreoeater may have uploaded at the request of others looking to investigate it, but I haven't read the whole thread so I'm not sure.

The link cited doesn't exist. (Was it removed as it was a virus?) The CryptoCoinTalk.com forum post is by Admin. It's a popular Bitcoin Forum, so they have a reputation to keep. I think they posted it on the ZIPCoin dev's behalf. Did someone have a vendetta against ZIPCoin or did someone hack the forum or Admin account?

Or did the admin simply copy and paste the link from somewhere else? Those are the questions, and I hope the admin will respond (over here).

The admin over at cryptocointalk has responded here: https://cryptocointalk.com/topic/13908-zipcoin-zipc-information/?p=116770.

Given the choice between believing an admin over at cryptocointalk versus a newbie here... well, I'll let everyone come to their own conclusions...

The only thing I can imagine is that OP posted the legit link, waited for bitointa.lk to cache it, swapped it for the malware link for a period of time, and then swapped in the legit link again (or there's some sort of conspiracy against OP). Without a mod to check all this, we'll never know for certain how it happened, but in the mean time, I'd avoid this coin like the plague.

[oreoeater]

[...]

Yeah Dude oreoeater is a noob so I uploaded the file that I hadn't emptied from the recycle bin so people could run it on a virtual machine and see how the trojan worked...if anything I hope some coder can figure it out so we can prepare ourselves for future etc...

Nice one..

There is nothing a coder can do about it. You have to be careful. Encrypt your wallets. Avoid running precompiled binaries on your box. If you have to run them, then run them using an unprivileged user.

ahh so there is no way to look 'behind the scenes' so to say to find out what was in the code and how it worked ?

[teamlottowin]

in the mean time - where is the dev ?

[cecilbdemented]

Since dev is AWOL and hasn't posted the Mac wallet I sent him in the OP, here it is for anyone who wants it:

https://mega.co.nz/#!IYJBXKDL!BhwcTUN296o_de4DKGWWXlvg0GhXVLzn__66nTzmBKU

I compiled this straight from the source, and as stated earlier the virus was never in the source, so you can use it worry free, although I would still advise you check this and any other wallet you DL before opening.