[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] vwfws4obovm2cydl.onion ??

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] vwfws4obovm2cydl.onion ??
From: Zebro kojos <zebro.kojos@xxxxxxxxx>
Date: Sat, 23 Jun 2012 16:26:32 +0300
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sat, 23 Jun 2012 09:27:08 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:from:date :x-google-sender-auth:message-id:subject:to:content-type; bh=VVyXiFpKYcSjvwhrQAkT+bz8m9KHVWmeF6juK4I8ybg=; b=PCX4O6mymWO1SrH2oNSOYWc+KKqtUBKmd32ddSidyphDM3y1FZ5FD//Baq9apSons7 EYJ3TDa585VsCDNSl/UqnqPga3gdqf1tNR6bTKg9Uh46YJKHcDuuxPSSOFPMqbmfITpb vnIatTYdbTXkWnzf+hEtCQiEREs9eLexu9YbUOoiEl7BysI1ygnDlq1GCeiP0Y55INlt uvSqizrfdukn/n1J4v+SGrZ1/MejiGGJ9IhAubVoOChm6gvyPMv1ZpPZR8kKLnlPs7u4 y2fx5taMeLTroY1NW4MnSDSV1LNTwy/3FwvcUPQPH+Bu/6jNDdT7wxhyWerW6v/GOxj/ MpfQ==
In-reply-to: <js4f1f$udt$1@xxxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "This mailing list is for all discussion about theory, design, and development of Onion Routing." <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <js2pgo$t5d$1@xxxxxxxxxxxxxxx> <CAD2Ti2_F+uzAHY2jpnCD1Rdb0hAAJUruV34p-fiUg1AsaqLFYg__22647.4040923224$1340409362$gmane$org@xxxxxxxxxxxxxx> <js4f1f$udt$1@xxxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx

So from what it seems, the malware included a bitcoin miner that perhaps is
to report found blocks / sub-hashes (? is that a term; i.e. if it works in
a mining pool) to a server, perhaps this site in question.

On Sat, Jun 23, 2012 at 4:06 PM, David H. Lipman <DLipman@xxxxxxxxxxx>wrote:

> From: "grarpamp" <grarpamp@xxxxxxxxx>
>
>  Anbody have any information on;  vwfws4obovm2cydl.onion  ?
>>>
>>
>> You must have obtained the address from somewhere.
>> So what did the ad copy or context associated with it say?
>>
>
> 1.    It was harvested from malware which dropped a file; hostname.tmp
> which contained the name;  vwfws4obovm2cydl.onion
>
> 2.    It contained a script file named;  poclbm120222.cl
>   // -ck modified kernel taken from Phoenix taken from poclbm, with
> aspects of
>   // phatk and others.
>   // Modified version copyright 2011-2012 Con Kolivas
>
>   // This file is taken and modified from the public-domain poclbm
> project, and
>   // we have therefore decided to keep it public-domain in Phoenix.
>
> 3.   It contained the file;  private_key.tmp  which contains certificate
> keys
>
> 4.   It contained the DLLs;  pthreadGC2.dll, libpdcurses.dll, libcurl-4.dll
>
>
>
>
> --
> Dave
> Multi-AV Scanning Tool - http://multi-av.thespykiller.**co.uk<http://multi-av.thespykiller.co.uk>
> http://www.pctipp.ch/**downloads/dl/35905.asp<http://www.pctipp.ch/downloads/dl/35905.asp>
>
> ______________________________**_________________
> tor-talk mailing list
> tor-talk@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/**cgi-bin/mailman/listinfo/tor-**talk<https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>
>
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] vwfws4obovm2cydl.onion ??
  - From: grarpamp

References:
- [tor-talk] vwfws4obovm2cydl.onion ??
  - From: David H. Lipman
- Re: [tor-talk] vwfws4obovm2cydl.onion ??
  - From: David H. Lipman

Prev by Author: Re: [tor-talk] email
Previous by thread: Re: [tor-talk] vwfws4obovm2cydl.onion ??
Next by thread: Re: [tor-talk] vwfws4obovm2cydl.onion ??
Index(es):
- Author
- Thread