master131
commented
2 years ago Thanks for the clarification, I had no idea where these accusations were coming from, it literally made 0 sense to me.
Open FumoNeko opened 2 years ago
master131
commented
2 years ago Thanks for the clarification, I had no idea where these accusations were coming from, it literally made 0 sense to me.
FumoNeko
commented
2 years ago The malicious file also has an obfuscated .bat file that loads itself in temp, I am assuming most of the powershell work is done in that file. Regardless, for any random viewers this repository is the ONLY official repository, please hashcheck your files either with virustotal or alternatively:
on windows, use
certutil -hashfile extreme_injector.exe SHA256
mac os:
shasum -a 256 extreme_injector.exe
Linux: sha256sum extreme_injector.exe
The correct hash is b65f40618f584303ca0bcf9b5f88c233cc4237699c0c4bf40ba8facbe8195a46
master131
commented
2 years ago Thanks, kindly request people to report the user below and mention the crypto miner: https://github.com/ExtremeInjector
Again, the above user is not me, and any repository listed under them is not official. Do not download any releases/files from this user under any cirucumstances.
The HASH referenced in this issue is an EXACT MATCH to the extreme injector found on this repository: https://github.com/ExtremeInjector/ExtremeInjector The extreme injector on this fake repository looks EXACTLY the same as this repository and does indeed install mnerd.exe and nanominer as well as installs task schedulers to auto launch and stop working when not idle through powershell and .NET libraries (C# probably) The program also replaces GPU drivers related to shaders (???) assuming for better crypto mining.
Please inform that the only correct hash is in this repository and that there are no viruses, as well as report the fake repository and account.
""" yeah the malicious actor is you. the >bats show it came from the program on top of that here is the HASH( 6d04bd042d09bef9de22f97275ee57db8cfe09818ab58897aa9197d4c6d3f68b ) It has the .NET libs aswell. even windows defender caught your crypto injector.
Originally posted by @nocryptoinjectorspls in https://github.com/master131/ExtremeInjector/issues/79#issuecomment-1159583812 """