Founded on Youtube.com with a search ”Bitcoin stealer”.
How to use it… the uploader helps you.
- Senha: Techup
- Desativar Antivirus (Claro, se trata de um hack)
- Servidor de Ligação
- Adicionar a sua carteira
- Use Proxy
- Aceite os termos
- Verifique se o programa está atualizado
- Password: Techup
- Disable Antivirus (Of course, this is a hack)
- Connection Server
- Add to your wallet
- Use Proxy
- Accept the terms
- Make sure the program is up to date
All you have to do is to download it, run it and you become a rich guy…
We will not double click the .exe file…( it looks like a .exe).. or better say this SFX rar archive?!?
Let’s see something about the archive with richt click and propreties!
I dont like this SILENT=1. LOL If we dont run the ”.exe”, the backdoor will not run in the background, so let’s Extract it … and surprise.. there are more then one file, including the backdoor files.
After reversing the backdoor files i found this:
… so what about this minergate?!?
With this lovely usage:
And so many options:
minergate-cli [-version] -user <email> [-proxy <url>] -<currency> <threads> [<gpu intensity>] [-<currency> <threads> [<gpu intensity>] …] [-o <pool> -u <login> [-t <threads>] [-i <gpu intensity>]]
Conecting to: h**ps://minergate.com
-user account email from minergate.com
proxy server URL. Supports only socks protocols (for example: socks://192.168.0.1:1080
possible values: bcn xmr qcn xdn fcn mcn aeon dsh inf8 <mm_cc>+bcn <mm_cc>+xmr <mm_cc>+qcn <mm_cc>+xdn <mm_cc>+aeon <mm_cc>+dsh. Where <mm_cc> is fcn or mcn
threads count for specified currency
GPU mining intensity (NVidia only) (values range: 1..4. Recommended: 2)
mining pool URL
mining pool login
CPU threads count
GPU mining intensity
It seems that we have a nice backdoored software.
After you will run it.. in the backgound a silent miner will be instaled on your computer and in front of you will apare a nice error like this:
If you dont understand, you will download this software, after the first run will appear a error message and it will not work, but in underground you will have already instaled a virus.
Blockchain Wallet Stealer 2017\message.vbs
x=msgbox(“Hardware is not compatible, try on another PC or restart and run with disabled antivirus.”, 0+16, “Error“)
This time the virus is a Silent Miner, that will use your computer to work for some hacker and this will help hit to make some bitcoins.