|
Title: [Warning] Phishing, Scam, trojan Post by: tob101 on September 09, 2013, 06:25:40 PM A couples of hours ago, at BTC-e trollbox, someone posted this link
http : //bitcointalk.us/index.phptopic=251052.0.htm please be warned that this is not a real bitcointalk address. note the lack of HTTPS. I scanned the file to be downloaded and Virustotal.com reports lots of threats, so don't run that file! What I find really interesting is the amount of work put into this scam! I'm really impressed! those who tried to log in to reply, please change your bitcointalk password, 'cause your password have been stolen! I'm posting in this forum 'cause this is the only forum I frequent, please feel free to repost in other forum/subforum. Title: Re: [Warning] Phishing, Scam, trojan Post by: Tomatocage on September 09, 2013, 06:28:18 PM Please edit the link out so people don't click it.
Title: Re: [Warning] Phishing, Scam, trojan Post by: tob101 on September 09, 2013, 06:32:35 PM Please edit the link out so people don't click it. just edited the link. Title: Re: [Warning] Phishing, Scam, trojan Post by: zeta1 on September 09, 2013, 07:30:38 PM But virus total says its a clean site?! Don't type your password however
Title: Re: [Warning] Phishing, Scam, trojan Post by: eule on September 09, 2013, 08:39:17 PM http:// bitcointalk .us/
https://i.imgur.com/y7hvp6B.jpg lolwut edit: Yes, passes.txt is what you think. WTF edit: the amount of boot.ini and win.ini in that file is interesting, i bet the site has some drive by shit aswell. Title: Re: [Warning] Phishing, Scam, trojan Post by: Mitchell on September 09, 2013, 08:42:24 PM Thanks for the passwords ;D Or whatever it is.
http:// bitcointalk .us/passes.txt Title: Re: [Warning] Phishing, Scam, trojan Post by: tob101 on September 09, 2013, 08:55:59 PM I think the .us would be the first sign. ~BCX~ Well, I almost fall for it :D The download was a .zip file, had it be an .exe I would of know it was a scam right away. ;D But the "story" was really well done, it was actually an interesting reading :D http:// bitcointalk .us/ lolwut edit: Yes, passes.txt is what you think. WTF edit: the amount of boot.ini and win.ini in that file is interesting, i bet the site has some drive by shit aswell. I found "http:// bitcointalk .us/" too, but didn't want to make it public because of the passes.txt I'm new to bitcointalk so I didn't know who theymos was until I searched his profile. Let's hope those password aren't real ::) now that it's public, let's hope those people who tried to log in are aware of the phishing and have changed their password. Title: Re: [Warning] Phishing, Scam, trojan Post by: eule on September 09, 2013, 09:04:31 PM Yeah I thought about posting it too, but I think disclosure was the way to go, especially since I was sure I wasn't the only one who'd find it. From what i saw the file doesn't contain much legit account info, it even looks like someone let run a script to spam the file (look at all the g00dpa$$w0rd), ofcourse I could be wrong.
Anyways, this looks like the work of an amateur, could be a reverse honeypot though (making us feel safe, then using a 0day on us). Totally hope affected users noticed the site is fake and changed their passwords. Title: Re: [Warning] Phishing, Scam, trojan Post by: zeta1 on September 09, 2013, 10:10:57 PM I don't get it it is a scam right?
|
