Title: Probable malicious site: bitcoin-address.org Post by: theymos on May 28, 2013, 02:09:17 AM Bitcoin-address.org was being spammed by JayKEy00. It's malicious, right?
Title: Re: Probable malicious site: bitcoin-address.org Post by: OpenYourEyes on May 28, 2013, 07:12:23 PM Certainly seems so. There is a javascript function at the bottom of the page which seems to send the public/private key off in an email:
Code: ... And here's the POST headers each time a new address is generated: Quote Accept:*/* Accept-Encoding:gzip,deflate,sdch Accept-Language:en-GB,en-US;q=0.8,en;q=0.6 Connection:keep-alive Content-Length:118 Content-Type:application/x-www-form-urlencoded; charset=UTF-8 DNT:1 Host:www.bitcoin-address.org Origin:http://www.bitcoin-address.org Referer:http://www.bitcoin-address.org/ User-Agent: X-Requested-With:XMLHttpRequest Form Dataview sourceview URL encoded btcaddressEmail:147NH6jMB5AXBEhqF3GxyiuxAPv4MCcYHW privateKeyEmail:5J9snkqjAQ5sB4JSm4GnsErvmoyux7dvaM5hRpiayvkoaQm2P2U Quote Registrant Name:Jan Kuhn Registrant Street1:Herzbachweg 22 Registrant Street2: Registrant Street3: Registrant City:Gelnhausen Registrant State/Province: Registrant Postal Code:63571 Registrant Country:DE Registrant Phone:+49.51818553717 Registrant Phone Ext.: Registrant FAX:+49.51818553718 Title: Re: Probable malicious site: bitcoin-address.org Post by: jackjack on May 28, 2013, 08:59:02 PM I'm sure it's only for statistics ::)
Title: Re: Probable malicious site: bitcoin-address.org Post by: OpenYourEyes on May 29, 2013, 12:20:51 AM I'm sure it's only for statistics ::) Indeed. I'm sure I can find him some marketing companies that would be very interested in them. :DAnd, yet, the scammers account and his AE/shrills still remain active. ??? Title: Re: Probable malicious site: bitcoin-address.org Post by: kodo on May 29, 2013, 04:23:07 AM So what does the site do thats malicious?
Title: Re: Probable malicious site: bitcoin-address.org Post by: greyhawk on May 29, 2013, 08:17:53 AM Quote Registrant Name:Jan Kuhn Registrant Street1:Herzbachweg 22 Registrant Street2: Registrant Street3: Registrant City:Gelnhausen Registrant State/Province: Registrant Postal Code:63571 Registrant Country:DE Registrant Phone:+49.51818553717 Registrant Phone Ext.: Registrant FAX:+49.51818553718 That's an 18 year old chess talent living at home with his father who's a defense lawyer. At least he doesn't have to go very far when the crackdown cracks down. Title: Re: Probable malicious site: bitcoin-address.org Post by: OpenYourEyes on May 29, 2013, 01:25:33 PM So what does the site do thats malicious? Nothing, unless you don't mind the private key being email to the site owner which then gives them full access to any funds sent to one of their generated addresses.Edit: Aha. Seems he has taking the site down. Hope it is because of a script I had an a loop which generated over 10,000 BTC addresses, bet his inbox is pretty full. :D Title: Re: Probable malicious site: bitcoin-address.org Post by: greyhawk on May 29, 2013, 01:33:35 PM And I didn't even call his father yet... :(
Title: Re: Probable malicious site: bitcoin-address.org Post by: OpenYourEyes on May 29, 2013, 01:36:31 PM And I didn't even call his father yet... :( Is your bio on him legit? Source? I've got a copy of the website, so I'll quite happily contact his family :D Title: Re: Probable malicious site: bitcoin-address.org Post by: greyhawk on May 29, 2013, 01:42:18 PM And I didn't even call his father yet... :( Is your bio on him legit? Source? Only as legit as the WHOIS entry. So there's always the possibility of someone having entered another one's adress. In any case he deleted it now. Seems to have gotten the message. Also he's like an hour away from where I am. So there's no problem in going there to split a neighbourly piece of cake. Title: Re: Probable malicious site: bitcoin-address.org Post by: niko on May 31, 2013, 02:43:17 PM I wonder how many newcomers step in dogshit like this on their first step, and turn away for good. It would be much better for everyone if bitcoin was trademarked by any entity that is at least more trustworthy than the average person on this planet. I know Tibanne started working on this, but not sure how far they got.
Title: Re: Probable malicious site: bitcoin-address.org Post by: Lohoris on May 31, 2013, 03:05:31 PM I wonder how many newcomers step in dogshit like this on their first step, and turn away for good. It would be much better for everyone if bitcoin was trademarked by any entity that is at least more trustworthy than the average person on this planet. Very wrong: even if it was trademarked, scam sites could still pop-up, and since they are likely already illegal anyway, they wouldn't care about the trademark and do it anyway.It's like DRM: legit business would be hurt, while criminals would be unaffected. Title: Re: Probable malicious site: bitcoin-address.org Post by: niko on June 01, 2013, 02:12:29 AM I wonder how many newcomers step in dogshit like this on their first step, and turn away for good. It would be much better for everyone if bitcoin was trademarked by any entity that is at least more trustworthy than the average person on this planet. Very wrong: even if it was trademarked, scam sites could still pop-up, and since they are likely already illegal anyway, they wouldn't care about the trademark and do it anyway.It's like DRM: legit business would be hurt, while criminals would be unaffected. How come there is no citi-bank.com where I would be asked to log in? Title: Re: Probable malicious site: bitcoin-address.org Post by: Lohoris on June 03, 2013, 08:15:55 AM How come there is no citi-bank.com where I would be asked to log in? are you serious? (https://www.google.com/search?q=citi-bank.com+phishing&oq=citi-bank.com+phishing&aqs=chrome.0.57j58j0l3.2373j0&sourceid=chrome&ie=UTF-8)Title: Re: Probable malicious site: bitcoin-address.org Post by: niko on June 03, 2013, 11:15:25 AM How come there is no citi-bank.com where I would be asked to log in? are you serious? (https://www.google.com/search?q=citi-bank.com+phishing&oq=citi-bank.com+phishing&aqs=chrome.0.57j58j0l3.2373j0&sourceid=chrome&ie=UTF-8)Title: Re: Probable malicious site: bitcoin-address.org Post by: escrow.ms on June 03, 2013, 11:24:57 AM How come there is no citi-bank.com where I would be asked to log in? are you serious? (https://www.google.com/search?q=citi-bank.com+phishing&oq=citi-bank.com+phishing&aqs=chrome.0.57j58j0l3.2373j0&sourceid=chrome&ie=UTF-8)Wrong,They don't do because stealing money from banks isn't easy. Plus there are several TLD's available for registration. Take a Look at this thread. https://bitcointalk.org/index.php?topic=219284.0;topicseen |