Bitcoin Forum

Economy => Scam Accusations => Topic started by: minifrij on August 19, 2015, 03:06:18 PM



Title: User (0_0) spreading coin stealing Malware using CoinDesk phishing site.
Post by: minifrij on August 19, 2015, 03:06:18 PM
Scammer profile: https://bitcointalk.org/index.php?action=profile;u=404399
Link to scam: https://archive.is/IgT7m - http://www.coindesk.us/CoinDesk-US-Research-Bitcoin-Downfall-Complete-Analysis-August19.html

This user has posted a link to a CoinDesk phishing site (CoinDesk.us) under the reasoning of an article on Bitcoin's Downfall. This article prompts you to then download an EXE file to view the presentation.
I am sure this is malware for two reasons, the first being that the EXE file has a description of 'Windows Explorer', perhaps suggesting that it was a file which would be injected into System32 or was created to look legit. The other is VirusTotal showing signs of malware on this file (https://www.virustotal.com/en/file/c3a3aab15b2c17f2e9e856962a534248f9a71d7a6dc26f283992c371fa34c76a/analysis/1439996343/), one especially sticks out as it is labeled 'MSIL/CoinStealer.W!tr.pws'.

Avoid any links posted by this user, and never run any EXE file that is not trusted.


Title: Re: User (0_0) spreading coin stealing Malware using CoinDesk phishing site.
Post by: marcotheminer on August 19, 2015, 03:21:35 PM
He's been banned by BadBear already.