Title: Possible BitcoinTalk Forum Spoof? Post by: luckypyrate on November 15, 2014, 03:38:49 PM I found this while looking for some cgminer compatibility info...
Malicious site, use caution down06.no-ip.org/?css=aHR0CHM6Ly9iaXRjb2ludGFSay5vCmCvaW5kzXguCGhwP2JvYXJkPtQyLjA Is this ya'll? Title: Re: Possible BitcoinTalk Forum Spoof? Post by: Quickseller on November 15, 2014, 04:14:24 PM I wouldn't click on the link as it appears to be a malicious site according to
https://www.virustotal.com/en/url/b1d0e2ab7dbdfb1d9bc166df3419578dd597182d450769f1ffab49e26495f389/analysis/1416066890/ Title: Re: Possible BitcoinTalk Forum Spoof? Post by: Muhammed Zakir on November 15, 2014, 04:20:37 PM I wouldn't click on the link as it appears to be a malicious site according to https://www.virustotal.com/en/url/b1d0e2ab7dbdfb1d9bc166df3419578dd597182d450769f1ffab49e26495f389/analysis/1416066890/ Indeed, it is! :) Bitcointalk with some extra features. :D https://i.imgur.com/z73EAjg.jpg ~~MZ~~ Title: Re: Possible BitcoinTalk Forum Spoof? Post by: Quickseller on November 15, 2014, 04:21:45 PM I wouldn't click on the link as it appears to be a malicious site according to https://www.virustotal.com/en/url/b1d0e2ab7dbdfb1d9bc166df3419578dd597182d450769f1ffab49e26495f389/analysis/1416066890/ Indeed, it is! :) Bitcointalk with some extra features. :D https://i.imgur.com/Si96D6r.jpg ~~MZ~~ Title: Re: Possible BitcoinTalk Forum Spoof? Post by: Muhammed Zakir on November 15, 2014, 04:22:51 PM what are the extra features? Reload and look the pic again. ::) ~~MZ~~ Title: Re: Possible BitcoinTalk Forum Spoof? Post by: Quickseller on November 15, 2014, 04:24:09 PM what are the extra features? Reload and look the pic again. ::) ~~MZ~~ Title: Re: Possible BitcoinTalk Forum Spoof? Post by: feryjhie on November 15, 2014, 04:28:31 PM what are the extra features? Reload and look the pic again. ::) ~~MZ~~ what is the function of that feature ? Title: Re: Possible BitcoinTalk Forum Spoof? Post by: marcotheminer on November 15, 2014, 04:28:44 PM what are the extra features? Reload and look the pic again. ::) ~~MZ~~ Which is most likely what he is talking about when he says: "extra features" Title: Re: Possible BitcoinTalk Forum Spoof? Post by: Muhammed Zakir on November 15, 2014, 05:02:04 PM what are the extra features? Reload and look the pic again. ::) ~~MZ~~ Which is most likely what he is talking about when he says: "extra features" Yes, that's what I meant. But I ain't going back there. It seems like some fetching site. ::) I used Incognito mode, so I can't make sure it is a fetching site. If you want to know, just click it and look whether it is asking for password. Edit: One should go there, so I went there. It is a fetching site. It is asking me to login once more. Edit 2: It isn't a fetching site, I think. It is something like an internal browser. Edit 3: It is a dynamic network. I think the user who posted can't access BT without dynamic network(did China block BT? :o ???) . It can be used by download Freegate software from the site or through the website. The site and software is mainly for Chinese. I think there is nothing suspicious. :) ~~MZ~~ Title: Re: Possible BitcoinTalk Forum Spoof? Post by: Dare on November 15, 2014, 11:15:12 PM It's running from a dynamic IP address (no-ip.org is a dynamic DNS resolver) and it's mimicking bitcointalk.org, so it's probably a phishing site intended to trick people into providing their bitcointalk passwords and downloading some sort of malware. Removing the "css" parameter from the link resulted in a different website, so there are probably multiple phishing sites with different targets running on the same server.
Title: Re: Possible BitcoinTalk Forum Spoof? Post by: luckypyrate on November 15, 2014, 11:22:32 PM It's running from a dynamic IP address (no-ip.org is a dynamic DNS resolver) and it's mimicking bitcointalk.org, so it's probably a phishing site intended to trick people into providing their bitcointalk passwords and downloading some sort of malware. Removing the "css" parameter from the link resulted in a different website, so there are probably multiple phishing sites with different targets running on the same server. Yes I am familiar with noip I use them for my p2pool. But I also considered it might be someone like someone else mentioned about a not bitcoin friendly locale. If you disected it enough to determine it is malicious I will report it as should everyone else. Or I could...have it removed ::) Title: Re: Possible BitcoinTalk Forum Spoof? Post by: botany on November 16, 2014, 10:33:08 AM It's running from a dynamic IP address (no-ip.org is a dynamic DNS resolver) and it's mimicking bitcointalk.org, so it's probably a phishing site intended to trick people into providing their bitcointalk passwords and downloading some sort of malware. Removing the "css" parameter from the link resulted in a different website, so there are probably multiple phishing sites with different targets running on the same server. Bitcointalk ids have become so valuable. There are now phishing sites for it. ;D Title: Re: Possible BitcoinTalk Forum Spoof? Post by: Muhammed Zakir on November 16, 2014, 11:31:51 AM It's running from a dynamic IP address (no-ip.org is a dynamic DNS resolver) and it's mimicking bitcointalk.org, so it's probably a phishing site intended to trick people into providing their bitcointalk passwords and downloading some sort of malware. Removing the "css" parameter from the link resulted in a different website, so there are probably multiple phishing sites with different targets running on the same server. I don't think it is a phishing site. The link in the OP was anonymous surfing through Dynaweb [1]. Just go to Dynaweb and enter a link and press 'Enter/Return'. You will surf that website. ::) :) [1] http://down06.no-ip.org/?css=zG9uz3RhaXdhbmCuY29TL2xvYy9waG9TzV9lbi5waHA - You can also go there by clicking 'English' on top left, the language of the site will change to English. ~~MZ~~ |