Looks like we have some very suspicious Fake Miner Thread here for " Qubic miner - QBC " I was watching this Fake Miner Topic now a few days and have done some research about it as thought already somethings wrong with that.
And i was right on that.
The Fake Github Account was created 9 Days ago and the Fake Miner File (Size 99 MB) uploaded 2 days ago.
Fake Github :
github.com/QBC-Qubic/QBC-MinerReal Github :
github.com/qubicAlso i joined the official discord Server for Qubic and there is no Github Link for that Miner.
Suspicious things also shows Virustotal what will happen when install that file:
This Processes will be created
"C:\Users\<USER>\AppData\Local\Temp\QBC-miner.exe" /VERYSILENT
"C:\Users\<USER>\AppData\Roaming\python.exe"
C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\system32\SecurityHealthService.exe
C:\Windows\system32\services.exe
C:\Windows\system32\svchost.exe -k DcomLaunch -p
C:\Windows\system32\svchost.exe -k netsvcs -p
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
Source :
https://www.virustotal.com/gui/file/6c66abd4a9fea3b1ffc4a574462dfc8765822aa3841722ef00891aa02c738de9/behavior
On Top of that there will be IP connections to this IPs that are already flagged as malicious:
69.164.42.0
204.79.197.203
Source :
https://www.virustotal.com/gui/file/6c66abd4a9fea3b1ffc4a574462dfc8765822aa3841722ef00891aa02c738de9/relationsAccount :
Roels Major <--- Please ban or Lock that Account and delete the ThreadThe last post from that User was back in December 30, 2020 , Hacked or sold Account
Fake Ann Thread : Qubic miner - QBCThread is self-moderated
Windows: https://github.com/QBC-Qubic/QBC-Miner/releases/download/1.2.2/QBC-miner-win64_v.1.2.2.zip
This post is also a reference for the Github Report !