BEWARE of Suspicious Links

There have been some users posting links to wallets, miners, and even GUI's that contain Trojan viruses! These often claim to be for Windows but a new one claims to be a miner for Linux.

Do not trust Links from users you do not know, especially new users just registered. We make every effort to remove threads and Ban these users as fast as possible if they are posting links to questionable content.

Please Flag and report suspicious posts or threads immediately and notify @moderators

20 Likes

just a thought, can users share the suspect posts and threads they come across here and can the mods share their own finds and reports sent from usrs?

1 Like

I am a new to this site but ave been checking out different sites for the last several weeks, and was wondering when someone was going to start spreading fake links to wallets or the links will lead to some breach of info on your pc I have been visiting the zcash forum for a couple of weeks, but this time when I went to read some postings on the a blog I received a warning that the website was not safe, it was not a secure connection, warning of stolen passwords, financial information, and malicious software. I visited the site yesterday and it was fine, and now not so much...... be careful everyone

and that link to the blog was?

I will send you the name of a couple links that I received a warning from, I took a photo of the warning stating the website was not safe, warning of malicious activities.

1 Like

no need to send through directly, just share here.

does anyone know if this is safe?

from brief skim of their README.md, one could say that vaklinov means well.
this is based on the fact of them requesting users to file problems and bugs etc. to issues, recommending to always build from source (yet fail to sign their commits, however do ask to verify checksums of the elf binaries) and state their non-affiliations.
do note mind you that this is their first repo, the account only opened late september this year and their are no other links which show this dev's past track record.

like this i suppose ? downloaded from flypool ?

av of all breeds has a tendency to flag any miners as allegedly a threat due to past abuse, so don't take this at face value.
with that said, you should still look at compiling the exe from source if possible instead of just blindly trusting unknown binaries from the web.
upload that binary to https://virustotal.com and send through the result link here along with the originating download url and k can take a further look for you

thanks man, i thought about it and i had the same thing with other miners since they spread around ... normally i use linux and am not tooled up to build windoze stuff ... taking the risk for now; separate non admin accounts, supposed stuff on github is clean by the rules ... till there's some good cuda linux miners around

you'd be surprised. not even github is free of maliciousness.
for example, hekingrteam and mirai mirrors, exploit-db, one could go on :triumph:

"a new one claims to be a miner for Linux"

That one was probably from me: the official static build of nheqminer 0.4b compiled on Fedora 24 64 meant for all Linux distros (since it's static - it can even run as an init process). I take full responsibility for it. After all, I've been known on the Internet since 2009 and I have no reasons to deceive anyone. Anyway, if you google for

'nheqminer miner for linux download' - you'll find it right away.

You can go build one and link it statically yourself and compare the resulting checksums. What sucks about you removing the link to my build is that you didn't even bother to verify it. A knee jerk reaction in its finest.

Also, to all security "pros" here: virustotal.com is a joke in regard to unknown viruses and Linux binaries. Almost all AVs on its list are pure shat - they look for signatures and don't even try to analyze the code - for that you'll need certain sandbox technologies or/and AI.

After all, I've been known on the Internet since 2009 and I have no reasons to deceive anyone.

Self-verification won't save you.

Also, to all security "pros" here: virustotal.com is a joke in regard to unknown viruses and Linux binaries.

why hello master cissp, tell us who said anything about blindly trusting AV?

Yeah, right, except I have a reputation to keep unlike you, "anon" or in other words anybody. Anyways, this thread has wandered away too much and I won't comment on it any longer.

you joined two days, use the name of a service as your chosen pseudonym which provides creds to allow users bypass mandatory registration on websites and somehow think that this qualifies as worthy reputation?!

So? How can this be my fault? And why are the users, who registered earlier, say weeks ago, more reputable? For what exact reasons?

Yes, because nothing on this forum feels real. Not a single real person. On other websites I use either my real name or most used nickname (both can be easily googled for). Also I have exactly zero reasons to trust this forum with my e-mail. I've already got enough SPAM in my mailbox.

Nope. My reputation has been built on other websites: my personal website which has existed since 2009, and various news websites and forums like Slashdot, techpowerup, devtalk.nvidia.com and others.

Anyways, feck it. Don't use my malware infested binary. Please. Spare me.

It's your fault if you could have joined earlier, got a reputation with the forum and then started plugging your builds instead of emerging out of no where and asking for something which is earned over time; trust.

The realness factor is entirely subjective seeing as its based on personal interactions with other users.

You're speaking to someone who used a dea, even though the mods here have been nothing but trusting.

You're self-verifying again.
Just because you have a reputation elsewhere, doesn't mean that you carry that rep elsewhere, especially under a differing handle.

Have no need seeing as compiling from source is a thing.
Others however should be cautious.