Originally posted over on /r/piracy (https://www.reddit.com/r/Piracy/comments/15itrip/1337x_admins_allowing_bg3_torrent_with_bitcoin/)

It looks like a bitcoin miner was included in the installer, and the admins on 1337x may or may not give a shit apparently. Scanned my pc and my wifes and found the same stuff the others mentioned.

According to the other comments, don’t feel the need to uninstall as the miner was installed separate to the game, just give a Malwarebytes scan to get rid of the junk.

  • mlg@lemmy.world
    link
    fedilink
    English
    arrow-up
    17
    ·
    1 year ago

    I mean

    He said it installed separately

    So blocking the network for the game or the installer wouldn’t achieve anything lol

      • mlg@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        I don’t run a whole ass DPS firewall for my home network lmao.

        Firewall won’t do anything if the mining software was made decently well and just hides every connection through outgoing HTTPS.

        • AndrewZen@lemmy.dbzer0.com
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          Firewall won’t do anything if the mining software was made decently well and just hides every connection through outgoing HTTPS.

          explain please. How would an executable ‘hide’ from the host system?

          • mlg@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 year ago

            I’m talking about the firewall which is network handling only.

            Most host firewalls only block incoming traffic.

            All you have to do is get all mining data by making outgoing web connections to some random proxy, which can optionally have a domain to look more legit.

            Firewall won’t care, and unless you’re pouring over the logs or looking at active connections, you won’t find it either.

            Since it’s mining software, the fastest giveaway would be high usage or running an anti-virus to find sketchy executables.

            I’m assuming OP is on windows which means the installer asked for admin perms to install to program files which is a really easy way to hide your mining executable assuming it hasn’t been fingerprinted by popular anti virus yet.

            • AndrewZen@lemmy.dbzer0.com
              link
              fedilink
              English
              arrow-up
              2
              ·
              1 year ago

              ah ok. I don’t install anything to a protected folder like program files and I do keep an eye on my task manager and network manager for wonky stuff.

              I can see how someone might not do that and end up with malware.