Originally posted over on /r/piracy (https://www.reddit.com/r/Piracy/comments/15itrip/1337x_admins_allowing_bg3_torrent_with_bitcoin/)
It looks like a bitcoin miner was included in the installer, and the admins on 1337x may or may not give a shit apparently. Scanned my pc and my wifes and found the same stuff the others mentioned.
According to the other comments, don’t feel the need to uninstall as the miner was installed separate to the game, just give a Malwarebytes scan to get rid of the junk.
If you aren’t scanning every software you download, whether a pirate torrent or normal direct download, that’s kinda your own fault
Motherfuckers out here rawdogging the internet like it’s 1998.
It just feels better… I can’t feel the bits otherwise.
To be fair, I cannot remember a software where no anti virus program turned red. Those cracks always look suspicous to the heuristics.
Of course but it’s usually pretty easy to filter out the false positives that always appear as a Trojan (because of the file modification payload) vs a crypto miner
Do you have a guide or anything I can checkout? I usually google what flags show up and use big name uploaders but never know for sure.
They usually say something generic like HackTool.
Agreed, but if it’s a GOG release it doesn’t need a crack because it never had DRM in the first place.
Oh 100%. Was a dumb moment where I didn’t expect it and didn’t bother, and neither did a lot of other people from the looks of it. Good thing is it was something fixable in less than 5 mins and not a bigger problem.
I would completely reformat all affected machines. AVs are not perfect. Yes it sucks, but imagine the consequences of doing any form of banking on an infected machine.
Amazingly enough this all happened on 2 machines with 2-week-old OS installs so, honestly not a huge hassle to do so lmao.`
No downloading much anyways, but if I were to start, how would I go about scanning the files properly? Could you recommend something to read up on the topic?
For small files virustotal is great
Thanks, will check out! :-)