undefined | Better HN

0 pointswslh2y ago0 comments

Great twist, as someone who knows Sergio since elementary school he was always perfectly capable of being him but from my knowledge of other details I don't think so. Just an opinion.

BTW2: adding a little bit of serendipity to this Sunday I came up with this repository [1] which seems very dangerous and fishy. It says that "34 000 Satoshi Nakamoto wallets with pubkeys (50 BTC each other)" but the download points to a .zip with an .exe. In GitHub you can denounce people but do you suggest to investigate the .exe before right? Seems like a good, and probably simple, reversing play.

On the context of Satoshi's public keys, you cannot (like some other blockchains) get his/her/their public keys from the address.

[1] [potential malware]

0 comments

nullc2y ago

99.99% chance you're linking to malware, it might be polite to break the url.

wslhOP2y ago

Yes, I removed it but I assume someone could check that collaborative here since I put the warning/warning/warning beforehand.

It would be great if you add to your comment the best way to act in this case? I could research the potential malware but I assume that GitHub has some tooling/resources to quickly research it? It is like the automatic scanning in Gmail. If it is an obvious malware it could be detected with existing tools. You can also run it in a very isolated VM and/or computer and see what happens behind the scene in a black box manner.

BTW3: I played with our AI friends to do an image of this conversation [1].

[1] https://nitter.net/coinfabrik/status/1743992974067867868#m

nullc2y ago

A lot of cryptostealer malware is bespoke and won't get caught by scanners, but you could start by dropping it into virustotal.

Particularly anything that looks like wallet crackers is frequently full of malware-- as I assume people feel less worry of arrest and less moral concern with robbing other (wanna-be) thieves.

From my experience on bitcointalk ... It's often hard to prove it's malware, as a popular technique is to make the software phone home for some quasi legitimate looking purpose and then have an RCE vulnerability in the phone home interface.

It may even be the same guy that keeps making new trojans that work this way over and over again.

1 more reply

j / k navigate · click thread line to collapse

0 pointswslh2y ago0 comments

Great twist, as someone who knows Sergio since elementary school he was always perfectly capable of being him but from my knowledge of other details I don't think so. Just an opinion.

On the context of Satoshi's public keys, you cannot (like some other blockchains) get his/her/their public keys from the address.

[1] [potential malware]

0 comments

nullc2y ago

99.99% chance you're linking to malware, it might be polite to break the url.

wslhOP2y ago

Yes, I removed it but I assume someone could check that collaborative here since I put the warning/warning/warning beforehand.

BTW3: I played with our AI friends to do an image of this conversation [1].

[1] https://nitter.net/coinfabrik/status/1743992974067867868#m

nullc2y ago

A lot of cryptostealer malware is bespoke and won't get caught by scanners, but you could start by dropping it into virustotal.

Particularly anything that looks like wallet crackers is frequently full of malware-- as I assume people feel less worry of arrest and less moral concern with robbing other (wanna-be) thieves.

It may even be the same guy that keeps making new trojans that work this way over and over again.

1 more reply

j / k navigate · click thread line to collapse