|
Title: Another Bitcoin Scam on YouTube? Post by: bitminers on July 28, 2011, 01:34:05 PM http://www.youtube.com/watch?v=8Hws-OruuqE (http://www.youtube.com/watch?v=8Hws-OruuqE)
Just Found this! Another Scam I presume! Title: Re: Another Bitcoin Scam on YouTube? Post by: Morebitcoinsplease on July 28, 2011, 01:53:19 PM http://www.youtube.com/watch?v=8Hws-OruuqE (http://www.youtube.com/watch?v=8Hws-OruuqE) Just Found this! Another Scam I presume! LOL if only it was that easy to make bitcoins Title: Re: Another Bitcoin Scam on YouTube? Post by: timmey on July 28, 2011, 01:55:25 PM lol. It's a double compressed archive.
extract the BIT.rar file and you will get: http://img638.imageshack.us/img638/8312/scam2i.jpg extract the "Bitcoin Wallet Injector.exe" and you will get: http://img31.imageshack.us/img31/5793/scamuw.jpg ....bot.exe....pretty lame edit: i should add "do not double click 'Bitcoin Wallet Injector.exe' , that's not how you extract bot.exe from the inner archive" Title: Re: Another Bitcoin Scam on YouTube? Post by: kwukduck on July 28, 2011, 02:03:52 PM Seems some kind of botnet...
Title: Re: Another Bitcoin Scam on YouTube? Post by: Morebitcoinsplease on July 28, 2011, 02:16:07 PM lol. It's a double compressed archive. extract the BIT.rar file and you will get: http://img638.imageshack.us/img638/8312/scam2i.jpg extract the "Bitcoin Wallet Injector.exe" and you will get: http://img31.imageshack.us/img31/5793/scamuw.jpg ....bot.exe....pretty lame Wow that is just awesome.... bot.exe Hrmm perhaps later I will get some time to reverse engineer it and see what it does =) Title: Re: Another Bitcoin Scam on YouTube? Post by: bitminers on July 28, 2011, 02:36:09 PM Thats the 2nd or 3rd Ive found on YouTube, they seem to be reasonably consistent in this crap.
Title: Re: Another Bitcoin Scam on YouTube? Post by: Jaime Frontero on July 28, 2011, 02:51:22 PM lol. It's a double compressed archive. extract the BIT.rar file and you will get: http://img638.imageshack.us/img638/8312/scam2i.jpg extract the "Bitcoin Wallet Injector.exe" and you will get: http://img31.imageshack.us/img31/5793/scamuw.jpg ....bot.exe....pretty lame Wow that is just awesome.... bot.exe Hrmm perhaps later I will get some time to reverse engineer it and see what it does =) i'd be interested - should you happen to take the thing apart - in knowing how sophisticated the wallet-stealer is. can it find a wallet.dat anywhere on any hard drive or partition? if the wallet is on an unmounted file system, can it mount that? if wallet.dat is renamed to something else - i.e., foo.bar - could it find the renaming line in bitcoin.conf and steal foo.bar? Title: Re: Another Bitcoin Scam on YouTube? Post by: airdata on July 28, 2011, 02:58:23 PM im guessing it just looks for wallet.dat. most likely not very sophisticated.
Title: Re: Another Bitcoin Scam on YouTube? Post by: fabianhjr on July 28, 2011, 03:53:16 PM Most likely the path is hardcoded, what would be interesting to find out is if it also has some authentication hardcoded and we can mess with that, ex. change the password and rm -rf / the bitch.
Also, my heart is crying over such a stupid interface when you could have had only one fucking button. D:< Title: Re: Another Bitcoin Scam on YouTube? Post by: timmey on July 28, 2011, 04:12:50 PM maybe not a wallet stealer at all but a "normal" trojan:
http://www.virustotal.com/file-scan/report.html?id=d51bfe70bc04cf0266cd6fa83d53951a5c74e6fcb2ea0e37b7ee40da0278eef2-1311868992 Title: Re: Another Bitcoin Scam on YouTube? Post by: fabianhjr on July 28, 2011, 04:31:46 PM maybe not a wallet stealer at all but a "normal" trojan: What about the file as a whole?(The exe with the fake and the virii)http://www.virustotal.com/file-scan/report.html?id=d51bfe70bc04cf0266cd6fa83d53951a5c74e6fcb2ea0e37b7ee40da0278eef2-1311868992 Also, lets flag the bitch up. Googling around more info on the subject gave me this: http://www.hackforums.net/member.php?action=profile&uid=54808 A scam report disclosed his email/msn Popc0rn-xsubter@live.com Which yield more results https://twitter.com/#!/popc0rnftw http://www.sythe.org/showthread.php?t=843802 And found this: http://dazzlepod.com/lulzsec/final/?email=live.com&page=2 - Entry 50322 Due to the similarity between names I tried several combos against Facebook and found this: https://www.facebook.com/popc0rn -> Vincent Zuo due to the info in the page it makes me believe he is not involved in any of this. Looks like the email address is not registered with Facebook. More to come. Title: Re: Another Bitcoin Scam on YouTube? Post by: bitminers on July 29, 2011, 08:17:11 AM My Point is, this crap needs to be flagged etc, and removed just like all that spam that was going up on YouTube before, but especially these damn Trojans, Wallet Stealers etc!
Title: Re: Another Bitcoin Scam on YouTube? Post by: triforcelink on July 29, 2011, 02:25:25 PM This only seems appropriate: http://www.youtube.com/watch?v=zvfD5rnkTws (http://www.youtube.com/watch?v=zvfD5rnkTws)
Title: Re: Another Bitcoin Scam on YouTube? Post by: Yuusha on July 29, 2011, 02:30:32 PM Flagged as scam/fraud. Everyone else should flag it as well.
Title: Re: Another Bitcoin Scam on YouTube? Post by: MemoryDealers on July 31, 2011, 12:52:03 AM It seems there are several dozen new bitcoin scam videos up today.
http://www.youtube.com/results?search_type=videos&search_query=bitcoin&search_sort=video_date_uploaded&suggested_categories=24%2C10%2C27%2C28 (http://www.youtube.com/results?search_type=videos&search_query=bitcoin&search_sort=video_date_uploaded&suggested_categories=24%2C10%2C27%2C28) Title: Re: Another Bitcoin Scam on YouTube? Post by: nmat on July 31, 2011, 12:57:28 AM Flagged as scam/fraud. Everyone else should flag it as well. This Title: Re: Another Bitcoin Scam on YouTube? Post by: bitminers on July 31, 2011, 01:13:33 AM It seems there are several dozen new bitcoin scam videos up today. http://www.youtube.com/results?search_type=videos&search_query=bitcoin&search_sort=video_date_uploaded&suggested_categories=24%2C10%2C27%2C28 (http://www.youtube.com/results?search_type=videos&search_query=bitcoin&search_sort=video_date_uploaded&suggested_categories=24%2C10%2C27%2C28) Thanks Memory Dealers! If enough of us monitor this rubbish and flag them! Title: Re: Another Bitcoin Scam on YouTube? Post by: fabianhjr on July 31, 2011, 02:01:42 AM Just got one son of a bitch.
http://www.youtube.com/watch?v=x4-nesXzBOw habbocrazy543, his account got closed and videos removed. They will still appear in searched though. Title: Re: Another Bitcoin Scam on YouTube? Post by: bitminers on July 31, 2011, 10:27:29 AM Excellent, Ive been also been flagging when I can
Title: Re: Another Bitcoin Scam on YouTube? Post by: BitMofo on July 31, 2011, 11:03:30 AM Flagged...
All the bitcoin theft going on is just like the gold rush was... Title: Re: Another Bitcoin Scam on YouTube? Post by: manifold on July 31, 2011, 03:30:27 PM i flagged it too.
|
