Take care everyone, found a trojan in source forge with avira.
Attention everyone!
Don't download the software from:
sourceforge.net\projects\scryptguiminer
There seems to be a stealing trojan in it!
The versions from the first post in this thread seem to be ok.
greetings
al
Don't download the software from:
sourceforge.net\projects\scryptguiminer
There seems to be a stealing trojan in it!
The versions from the first post in this thread seem to be ok.
greetings
al
Good finds but let's not freak out just yet as they're most likely false positives. I tried running the entire folder through Virus Total but it won't accept a folder so I ran it through Malwarebytes and returned;
Code:
Files Detected: 2
*\guiminer-scrypt\cgminer\cgminer.exe (PUP.BitCoinMiner) -> No action taken.
*\guiminer-scrypt\stratumproxy\mining_proxy.exe (PUP.Proxy.BCM) -> No action taken.
*\guiminer-scrypt\cgminer\cgminer.exe (PUP.BitCoinMiner) -> No action taken.
*\guiminer-scrypt\stratumproxy\mining_proxy.exe (PUP.Proxy.BCM) -> No action taken.
They're coming back as potentially unwanted programs, not actual viruses. A lot of mining tools seem to be getting reported as false positives.
I then ran those two files through Virus Total.
mining_proxy.exe has 3 hits but only as a pup.
cgminer.exe had a whopping 31/46 hits! Most do not say it's a virus (Kaspersky even says, "not-a-virus:RiskTool.Win32.BitCoinMiner.cpc"), just a Bitcoin tool but a few are coming back with it as a trojan but I believe this is because they don't bother to distinguish between pup and actual viruses (never going to bother using AV software from a company like that). I wouldn't worry too much but it would be nice to hear from the author.
