Latest investigation about coins stolen

[freee101]

A few days ago, my friend has lost 1.23BTC and 325LTC. after several days of investigation, we have found some important thing, and decide to publich our result.
My friend has an infinitecoin wallet at the same computer. When he found the thief has stolen BTC and LTC, then he quickly transfer infinitecoin to another wallet, but the transaction is unconfirmed. and a few days later, coins go back. and even more, he found he receive more infinitecoins (but don't happy, hacker can send coins to you, he should take back again). actually,  today, 13, Aug, 2014, hacker stole all of infinitecoins.
When we reinstall the OS again, and only run infinitecoin wallet, we can detect virus warning by tool. So, it's clear that the  infinitecoin wallet is malware, but my friend download from infinitecoin official website http://www.infinitecoin.com/ifc-wallet-download.
the result is:  thief is in the infinitecoin team. He/they have control inifitecoin, they can launch 51% attacking. they can unconfirm any inifitecoin transaction, they can transfer your inifitecoin to any wallet address.
the infinitecoin wallet has become the thief tool to steal password and BTC and LTC, and they even send some IFC to you to prevent you from removing the software.

Though I have recomended the IFC, but now, it's dead. thief has gone into its team.
I hope other expert can seize the thief from infinte team, the hacker is thief, thief is very cheap.
from:https://bitcointalk.org/index.php?topic=737420.msg8332327#msg8332327

[balanghai]

This seems to be something need to be looked at. Any blogpost about your full result/findings?

[LiteCoinGuy]

stopped reading at "infinitecoin wallet".

most of the alts are scam or maleware. just use bitcoin and litecoin and you are fine but thx for the info.

[Aswan]

Thats why you should use a separate virtual system for each altcoin client you run

[freee101]

This seems to be something need to be looked at. Any blogpost about your full result/findings?

http://www.3-coin.com/2014-08-13/5732/

[bitsmichel]

Thats why you should use a separate virtual system for each altcoin client you run

This is much better in terms of security. You can use vmware or a similar program and multiple images - or use an offline wallet. Many alt coins are scam or virus.

[ShameOnYou]

This is why all altcoins sources would be vetted properly by professionals.

[oceans]

I have all alt coins installed in Virtualbox except for mutidoge. I think it is probably the safest way to go at the moment. I also keep my BTC on my main pc in a watch only electrum wallet and sign transactions on a laptop that has never been connected to the net.

[freee101]

I have all alt coins installed in Virtualbox except for mutidoge. I think it is probably the safest way to go at the moment. I also keep my BTC on my main pc in a watch only electrum wallet and sign transactions on a laptop that has never been connected to the net.

is electrum wallet is a distribution wallet?  main program is in PC, the send box is in laptop.

[Spoetnik]

This is why all altcoins sources would be vetted properly by professionals.

that does not mean a lick of shit.. i can post any source code i want and any binary i want.

and to the other guy about "i stopped reading at"
that is dumb IFC is fucking old school and not some random clone coin..
IFC has had a very large following and was the most popular coin in crypto besides Bitcoin last year.
that shows me you don't know anything about altcoins.. or at least older ones.

@OP
I will see what i can do to look into for you if you want..
I just got  new version of IDA hours ago actually and have plenty of tools for reversing Malware such as OllyDBG etc.
BUT i need you to upload the exact files from your wallet though so i can make sure they are the same as the servers files.
I don't think adding the Block chain and wallet data is needed so don't upload your "roaming folder"
and if you don't know what i mean by roaming folder let me know before you uploading anything.

So please .zip or .rar up the wallet .exe files and any .dll's it came with and upload them somewhere like a file locker service.
This is a quick and easy service for file hosting and you can remove the link after easy too..
www.datafilehost.com/

I can't make any guarantees about finding anything but i do have a LOT of experience at finding Malware first on the internet all over the web including here.

[Spoetnik]

I have all alt coins installed in Virtualbox except for mutidoge. I think it is probably the safest way to go at the moment. I also keep my BTC on my main pc in a watch only electrum wallet and sign transactions on a laptop that has never been connected to the net.

putting all your altcoin wallets in a virtualbox will not do anything to protect you.
at least not with Sandboxie (Which is what i use specifically for testing files)
you see what will happen is when all these various wallets are launched they create a roaming coin folder..
and that will ALSO reside in your sandbox.
So think about it..
You run 1 sandbox and then run 5 wallets in it then all 5 wallets will have a wallet.dat file in the 1 sandbox
and if any one of the 5 wallet .exe's has a keylogger etc or other malware like a wallet stealer
it then has complete access to ALL your other wallet files to copy and upload to a remote destination.
In this case using a sandbox is probably making it easier actually than it is helping anything.

[lemfuture]

happened to my bro too, the pawncoin wallet had malware and he lost 7 btc. that's why i  stopped downloading new altcoin wallets

[Spoetnik]

not seeing anything fishy with the windows wallet yet..

i have an old block chain still but no matter how many seed nodes i find none of them are working

new topic = https://bitcointalk.org/index.php?topic=356065.0
old = https://bitcointalk.org/index.php?topic=225891.msg3816575#msg3816575

i guess TECSHARE took over for fisheater at some point in the past..
not surprising TECHSHARE was always fanatical about IFC i recall back on Cryptsy chat and here.
i never see him around though so i dunno..
Also the IFC forums is bombed with spammers fro Viagra etc so it seems like no one is administrating it,
such as the guy i just mentioned who posted a non working seed node.

and no i did NOT look at the source code..


@OP
Please provide as much info as possible and files !

Also you should contact this guy ..he runs the coin !
TECSHARE =  https://bitcointalk.org/index.php?action=profile;u=15728

and since he has legendary status it should mean he is hanging around here 24/7 everyday LOL
Last Active:    Today at 07:17:38 PM

edit:
also i am curious do you have RPC allow ip in your conf file ?

[Spoetnik]

OP vanished and i can't do anything with out more files and info..

and saying only using coins 3+ years old is not too helpful LOL

[Lucky Cris]

What harm can this do? Isn't this supposedly required... At least when you solo mine?

also i am curious do you have RPC allow ip in your conf file ?

Okay... Now you really scaring the fuck out of me.

putting all your altcoin wallets in a virtualbox will not do anything to protect you.

You gotta comprehensive list of approved coins? I need that link.

[schnötzel]

@freee101

you said: "the infinitecoin wallet has become the thief tool to steal password"

Means the wallet was encrypted?

[Litesire]

stopped reading at "infinitecoin wallet".

most of the alts are scam or maleware. just use bitcoin and litecoin and you are fine but thx for the info.

+1 here.

I only have btc/ltc and Guldencoin(NLG) , I really just don't trust any other coins.

[Mt. Gox]

Infinitecoin is one of the older established minor alts. I would be very surprised if it turned out to contain malware.

[chaosknight]

You sure you download the right infinity coin wallet?

[MajidBC]

stopped reading at "infinitecoin wallet".

most of the alts are scam or maleware. just use bitcoin and litecoin and you are fine but thx for the info.

Considering some altcoins bring good advantages over bitcoin, I suggest to find a solution, not just erasing the problem.