Wallet Injector 2.0 on Youtube . Anyone wanna check it?

[bitrebel]

http://www.youtube.com/watch?v=lxaigv0Ymgk

Do not click on the link unless you have good virus protection and know your stuff.
Anyone wanna check it for us? Post the results. Relay the info. Is this a new virus or an improvement on an old one?

I won't click many of those links because I got a virus by clicking on a youtube video once. Now i'm a bit paranoid, even though I run antivirus.

[newminerr]

imma give it a go 

[bitplane]

That's stupid. Even if it can inject a payment into your wallet, that doesn't mean you can spend the funds on the network; you just have a corrupted wallet!

Most likely a scam that empties your wallet too.

[bitrebel]

That's stupid. Even if it can inject a payment into your wallet, that doesn't mean you can spend the funds on the network; you just have a corrupted wallet!

Most likely a scam that empties your wallet too.

It is a scam. It's used to steal people's wallet files. I'm wondering if it works, how well it works, and if the virus can be downloaded to you by watching the video. If it's already advertising the stealing of wallets, who's to say if he disguises the method and uses it against you?

[newminerr]

Here is a quick anatomy of the file  

First of all you won't get infected if you watched the video you will get infected if you downloaded the file in the video description [megaupload link].


It is a visualbasic file
It steals your \Bitcoin\wallet.dat.

It collects your conputer information.

It connects to smtp.gmail.com and sends an email to xplxOdy@hotmail.com with the info.

E.G:

Wallet taken from:
System Information

Operating System
Platform
Version
User
Language
Network
Display
Resolution
Workspace
Client-IP

It's pooly coded, most likely a ripped source or something, not custom made, i doubt it will succeed in stealing your info

[Are-you-a-wizard?]

You know, I think I'm going to pass on clicking that link.

[bitrebel]

Thanks, Newminerr,
   You are an asset to the community.
So, when you think you'll be able to download a file to help you steal other people's wallet, it actually steals your wallet? That's pretty cool, actually. Now maybe we can upload a fix and steal everything he steals, and mail it all to Bruce. 

[bitplane]

Here is a quick anatomy of the file 

First of all you won't get infected if you watched the video you will get infected if you downloaded the file in the video description [megaupload link].


It is a visualbasic file
It steals your \Bitcoin\wallet.dat.

It collects your conputer information.

It connects to smtp.gmail.com and sends an email to xplxOdy@hotmail.com with the info.

E.G:

Wallet taken from:
System Information

Operating System
Platform
Version
User
Language
Network
Display
Resolution
Workspace
Client-IP

It's pooly coded, most likely a ripped source or something, not custom made, i doubt it will succeed in stealing your info

Nice work! Get the smtp password, log into gmail and set up a forward + delete rule, send the stolen coins to the faucet

[Yuusha]

Flagged the video and reported the Megaupload download.

[Vod]

Flagged the video and reported the Megaupload download.

I also flagged the video and commented.  Wouldn't let me copy the thread link.

[newminerr]

He is not very smart, showing his wallet address.

Here is where he sent his coinies
0.01, 0.01, 0.01, 1.0 as shown in the video.
http://blockexplorer.com/address/1CCaPTSfkRYhn3ukWDLv4ur4AKLmdjePme

And here is the scan
http://www.virustotal.com/file-scan/report.html?id=7ca463885caaf3db2dc15a62edcdffa1cc4e820625fcbb4cabc4a95659afb148-1312572029

Too bad it's not fully detected yet, but VT will distribute it to antivius vendors to analyze/scan it again

Edit 1:
BTW can someone explain this transaction to me?
http://blockexplorer.com/tx/1d9c7ca2668f3173b0145969e58be2c281503add5830ffa3a82568253bd3d5ad#o1

http://blockexplorer.com/address/1618dCnRi6U2unkTn4fWGXhXLzQYi9dqGy
I am still not familiar with blockexplorer but 1000BTC looks interesting..

Edit 2:
I found out that's not the original video, he just downloaded and uploaded the video and put his own link/stealer.

The original one [with higher quality is most likely the original]

http://www.youtube.com/watch?v=8Hws-OruuqE
It contains also a malicious file i will reverse that one tomorrow, but it creates "Bitcoins Wallet Injecting.exe" [261120 Bytes] and "bot.exe" [33792 Bytes] in the temp folder, so it's obvious it's malicious :]

I second what bitrebel said, Don't download any of those files unless you know what you are doing.

[mdbitcoin]

The video is back. I'm reporting it violation of terms of service and all its incarnations. You should too.

[BitcoinPorn]

Virus through watching a YouTube video?  Now this I gotta see