Infecting people with fake "Darkwallet"

[OmegaStarScream]

I just wanted to give you a heads up guys , we all know that Darkwallet is not fully funded and developers dropped the project , I noticed since yesterday that there is few posts about it but it's not the same wallet obviously ...

Someone probably bought the domain (fake) just to scam and infect people : Darkwallet.co while the real domain is : Darkwallet.is
Darkwallet.co executable : https://www.virustotal.com/pt/file/3a5474cdc3bd26746686f11c67e9b008911d8f1e4432cb746564969082b3745a/analysis/1451326638/ (thanks to pedrog for checking)

Here are few posts :

https://bitcointalk.org/index.php?topic=1305921.0
https://bitcointalk.org/index.php?topic=1306144.msg13375884#msg13375884
https://bitcointalk.org/index.php?topic=1307436.msg13385072#msg13385072
https://bitcointalk.org/index.php?topic=1307430.msg13385011#msg13385011
https://bitcointalk.org/index.php?topic=1306144.msg13375884#msg13375884

Stay safe and don't download it or even visit the website .

[1715176500]

1715176500

[1715176500]

1715176500

[1715176500]

1715176500

[1715176500]

1715176500

[1715176500]

1715176500

[mexxer-2]

-snip-

Thanks for the warning(even though I don't use altcoinsseems bitcoin related, haven't used it anyway). Another thing that I might add is report such posts to the moderators using the (similarly named) feature, with the comment as "Malware , virustotal link: LINK", as any posts containing malware are not accepted in the forum.

[shorena]

-snip-

Thanks for the warning(even though I don't use altcoins). Another thing that I might add is report such posts to the moderators using the (similarly named) feature, with the comment as "Malware , virustotal link: LINK", as any posts containing malware are not accepted in the forum.

I usually report them as well, I didnt get around to it yet.

Darkwallet is no alt coin though, its a chrome plugin wallet for bitcoin that focused heavily on anonymity (build in stealth addresses (can be reused without compromising privacy) and coinjoin sending). One of the main devs has vanished a while back, I honestly though the wallet is back. Either with a fork or the original dev team. Didnt have the time to check though.

[OmegaStarScream]

It seems like are back to work : https://bitcointalk.org/index.php?topic=1320350.new#new

[shorena]

Best "news" money can buy, I yelled at them on twitter, maybe it will do something. Does "themerkle" have a thread and/or account here?

Edit: they also have a mail, can anyone inform the reddit sheep? -> https://www.reddit.com/r/Bitcoin/comments/404hg4/dark_wallet_new_amazing_updates_2016_most/

[OmegaStarScream]

Best "news" money can buy, I yelled at them on twitter, maybe it will do something. Does "themerkle" have a thread and/or account here?

Yes It seems like they do :

Signature campaign : https://bitcointalk.org/index.php?topic=1249297.0
User : https://bitcointalk.org/index.php?action=profile;u=534999

[shorena]

Left them a negative rating for now.

link to article: http://themerkle.com/news/dark-wallet-offers-privacy-and-anonymity-to-bitcoin-users/
archive: https://archive.is/s9I2a

[Xmaseven]

I just wanted to give you a heads up guys , we all know that Darkwallet is not fully funded and developers dropped the project , I noticed since yesterday that there is few posts about it but it's not the same wallet obviously ...

Someone probably bought the domain (fake) just to scam and infect people : Darkwallet.co while the real domain is : Darkwallet.is
Darkwallet.co executable : https://www.virustotal.com/pt/file/3a5474cdc3bd26746686f11c67e9b008911d8f1e4432cb746564969082b3745a/analysis/1451326638/ (thanks to pedrog for checking)

Here are few posts :

https://bitcointalk.org/index.php?topic=1305921.0
https://bitcointalk.org/index.php?topic=1306144.msg13375884#msg13375884
https://bitcointalk.org/index.php?topic=1307436.msg13385072#msg13385072
https://bitcointalk.org/index.php?topic=1307430.msg13385011#msg13385011
https://bitcointalk.org/index.php?topic=1306144.msg13375884#msg13375884

Stay safe and don't download it or even visit the website .

why not post also in scam accusation board? is a scam attempt!
No all users read this forum section

[S3cco]

Stay safe and don't download it or even visit the website .

Thanks for the alert. A similar post appeared on Bitcoin Garden, too: http://bitcoingarden.tk/forum/index.php?topic=6054.0

I did not delete the original post, I just deactivated the link and moved the topic in the scam board, adding a comment. When I saw that something immediately let me think there's was something wrong there. I think it could be educative leaving that post alive to show how a scam post looks like.

This is not the first time somebody try to post a fake op to convince people downloading malware. It is very common to see this kind of posts for software claiming to be super bitcoin miners (allowing to solo mine btc on normal pc) or bitcoin private key generators (from public addresses). Needless to say this kind of software cannot exist.

My suggestion is to mentally count from 1 to 1,000,000 before downloading binary files from a source you don't know. Do some google research instead, the truth will emerge in short time.

[Lauda]

Nothing special when it comes to malware. Just report and we will nuke them on sight. I've already nuked several myself.

[shorena]

Just got a message from them on twitter, the article was updated to show the proper link.

Post on reddit was removed as well.

[OmegaStarScream]

Nothing special when it comes to malware. Just report and we will nuke them on sight. I've already nuked several myself.

Posts were already removed by mods already , I posted something else related to that . I suppose you can only nuke someone on the forums and not on blogs and newspaper websites .

Just got a message from them on twitter, the article was updated to show the proper link.

Post on reddit was removed as well.

I'm going to close scam accusations topic for now then , In case they come back with that kind of stuff I will open it once again .

[OmegaStarScream]

It seems like they are back . See this user : https://bitcointalk.org/index.php?action=profile;u=748438;sa=showPosts , he is spamming in different sections .

[deepceleron]

It's much better to just go after the resources of the person directly.

The registrar of the .co TLD is:
http://www.cointernet.com.co/

Their US parent company is:
https://www.neustar.biz/services/domain-name-registry

I'll bet you can get the domain pulled for abuse of the registrar's policies.

http://www.cointernet.com.co/politicas-procedimientos - 4.4 of Política de Administración del Dominio .CO states that the domain shall not be used for any illegal purposes.

Then go after the hosting, the cloud proxy account, etc. Get them to turn over account details.