Originally posted over on /r/piracy (https://www.reddit.com/r/Piracy/comments/15itrip/1337x_admins_allowing_bg3_torrent_with_bitcoin/)

It looks like a bitcoin miner was included in the installer, and the admins on 1337x may or may not give a shit apparently. Scanned my pc and my wifes and found the same stuff the others mentioned.

According to the other comments, don’t feel the need to uninstall as the miner was installed separate to the game, just give a Malwarebytes scan to get rid of the junk.

    • MonkCanatella@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      20
      ·
      1 year ago

      Yeah the thing is it installs programs that then give themselves access. You can block install.exe all you like, they’re way more advanced than that.

      • src@lemmy.world
        link
        fedilink
        English
        arrow-up
        6
        ·
        edit-2
        1 year ago

        If you have a firewall like Tinywall, you can set it to block all apps from accessing the Internet unless they’re explicitly allowed to. Problem solved?

    • mlg@lemmy.world
      link
      fedilink
      English
      arrow-up
      16
      ·
      1 year ago

      I mean

      He said it installed separately

      So blocking the network for the game or the installer wouldn’t achieve anything lol

        • mlg@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          I don’t run a whole ass DPS firewall for my home network lmao.

          Firewall won’t do anything if the mining software was made decently well and just hides every connection through outgoing HTTPS.

            • mlg@lemmy.world
              link
              fedilink
              English
              arrow-up
              1
              ·
              1 year ago

              I’m talking about the firewall which is network handling only.

              Most host firewalls only block incoming traffic.

              All you have to do is get all mining data by making outgoing web connections to some random proxy, which can optionally have a domain to look more legit.

              Firewall won’t care, and unless you’re pouring over the logs or looking at active connections, you won’t find it either.

              Since it’s mining software, the fastest giveaway would be high usage or running an anti-virus to find sketchy executables.

              I’m assuming OP is on windows which means the installer asked for admin perms to install to program files which is a really easy way to hide your mining executable assuming it hasn’t been fingerprinted by popular anti virus yet.