Anyone who downloaded the GOG Baldur's Gate 3 release from 1337x, scan with Malwarebytes asap! - eviltoast

Originally posted over on /r/piracy (https://www.reddit.com/r/Piracy/comments/15itrip/1337x_admins_allowing_bg3_torrent_with_bitcoin/)

It looks like a bitcoin miner was included in the installer, and the admins on 1337x may or may not give a shit apparently. Scanned my pc and my wifes and found the same stuff the others mentioned.

According to the other comments, don’t feel the need to uninstall as the miner was installed separate to the game, just give a Malwarebytes scan to get rid of the junk.

  • empireOfLove@lemmy.one
    link
    fedilink
    English
    arrow-up
    96
    arrow-down
    13
    ·
    1 year ago

    If you aren’t scanning every software you download, whether a pirate torrent or normal direct download, that’s kinda your own fault

    • kniescherz@feddit.de
      link
      fedilink
      English
      arrow-up
      74
      arrow-down
      1
      ·
      1 year ago

      To be fair, I cannot remember a software where no anti virus program turned red. Those cracks always look suspicous to the heuristics.

      • empireOfLove@lemmy.one
        link
        fedilink
        English
        arrow-up
        24
        ·
        1 year ago

        Of course but it’s usually pretty easy to filter out the false positives that always appear as a Trojan (because of the file modification payload) vs a crypto miner

        • Graphy@lemmy.world
          link
          fedilink
          English
          arrow-up
          10
          ·
          1 year ago

          Do you have a guide or anything I can checkout? I usually google what flags show up and use big name uploaders but never know for sure.

      • boonhet@lemm.ee
        link
        fedilink
        English
        arrow-up
        3
        ·
        1 year ago

        Agreed, but if it’s a GOG release it doesn’t need a crack because it never had DRM in the first place.

    • GeekFTW@kbin.socialOP
      link
      fedilink
      arrow-up
      19
      arrow-down
      1
      ·
      1 year ago

      Oh 100%. Was a dumb moment where I didn’t expect it and didn’t bother, and neither did a lot of other people from the looks of it. Good thing is it was something fixable in less than 5 mins and not a bigger problem.

      • AceBonobo@lemmy.world
        link
        fedilink
        English
        arrow-up
        7
        ·
        1 year ago

        I would completely reformat all affected machines. AVs are not perfect. Yes it sucks, but imagine the consequences of doing any form of banking on an infected machine.

        • GeekFTW@kbin.socialOP
          link
          fedilink
          arrow-up
          1
          ·
          1 year ago

          Amazingly enough this all happened on 2 machines with 2-week-old OS installs so, honestly not a huge hassle to do so lmao.`

    • realherald@lemmy.world
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 year ago

      No downloading much anyways, but if I were to start, how would I go about scanning the files properly? Could you recommend something to read up on the topic?