Claymore's miner v10.2 issue

digimondigimon Member Posts: 43
I can download and extract the Claymore's miner v10.1 ZIP file, but when I try to do download v10.2 ZIP file, the Windows Defender deletes the ZIP file with a message "This file contained a virus and was deleted".
What is different in v10.2 ZIP file that triggers this action, while v10.1 ZIP file does not?

Best Answer

Answers

  • digimondigimon Member Posts: 43
    edited November 2017
    ecs87 said:

    I bet it's the packer he used to prevent people from disassembling his program. By obfuscating his program, your antivirus isn't able to fully analyze it and considers it malicious.

    I would agree, if the ZIP file for the earlier v10.1 (that I am sure was also packed) was deleted as well. This happens only to v10.2 ZIP file.

    Defender finds Trojan:Win32/Fuery.A!cl:

    Threat behavior

    This threat has been identified by heuristics as an emerging malware attack. There is no specific behavior that identifies this threat, since this threat is a collection of different malware types. This includes malware categories such as:
    •Bank theft
    •Botnets
    •Click-fraud
    •Ransomware
    •Trojans
    Post edited by digimon on
  • digimondigimon Member Posts: 43
    Correction: the current version of Defender does this with v10.1 as well.
    I agree with @ecs87 comment above.
  • buggybearbuggybear Member Posts: 1
    Just started mining on 26/12. From 27/12 to 30/12, I was fully hacked.( a shame as I was 2 days off)
    Paypal, amazon, multiple sites, a lot of passwords (spoofing to my bank), bitcoins stolen on a wallet, ...etc, more that 60 k€ of purchases with my cards..
    When I was back, I finally found out that claymore 10.2, dowloaded from nanopool website, was fitted with a trojan (idp.alexa.51) which gave access to my network.
    At that time, I did not yet install a proper antivirus and defender/windows 10 saw nothing.
    Please pass the word, nanopool/claymore are probably thieves.
    Cheers
  • digimondigimon Member Posts: 43
    buggybear said:

    Just started mining on 26/12. From 27/12 to 30/12, I was fully hacked.( a shame as I was 2 days off)
    Paypal, amazon, multiple sites, a lot of passwords (spoofing to my bank), bitcoins stolen on a wallet, ...etc, more that 60 k€ of purchases with my cards..
    When I was back, I finally found out that claymore 10.2, dowloaded from nanopool website, was fitted with a trojan (idp.alexa.51) which gave access to my network.
    At that time, I did not yet install a proper antivirus and defender/windows 10 saw nothing.
    Please pass the word, nanopool/claymore are probably thieves.
    Cheers

    I am sorry to hear about your trouble. I do not usually download software from third party web sites, but rather from the official source, in Claymore's miner case it is here: https://bitcointalk.org/index.php?topic=1433925.0
  • rmhrmh Member Posts: 410 ✭✭✭
    buggybear said:

    Just started mining on 26/12. From 27/12 to 30/12, I was fully hacked.( a shame as I was 2 days off)
    Paypal, amazon, multiple sites, a lot of passwords (spoofing to my bank), bitcoins stolen on a wallet, ...etc, more that 60 k€ of purchases with my cards..
    When I was back, I finally found out that claymore 10.2, dowloaded from nanopool website, was fitted with a trojan (idp.alexa.51) which gave access to my network.
    At that time, I did not yet install a proper antivirus and defender/windows 10 saw nothing.
    Please pass the word, nanopool/claymore are probably thieves.
    Cheers

    I'm sorry for your loss. :(

    Your other machines was compromised through your local network?
    Or your machine with the downloaded claymore had the information for the btc wallet and 60k eur, etc?

    If the first is true, what services listened on the local network? (it's a very serious issue)
    If the second is true, then the issue is not that serious (besides that if true, nanopool is in big trouble), but an expensive lesson for you. If you can't separate the tasks to different computers, just use different users. For example the miner user can't access your joe user's browser passwords without some local root exploit.

  • digimondigimon Member Posts: 43
    By the way, Claymore released version 10.3, that I like better, because it does not make the PC sluggish while mining, and the previous versions did.
Sign In or Register to comment.