Lauda (OP)
Legendary
 Offline
Activity: 2674
Merit: 2965
Terminated.
|
 |
May 02, 2017, 02:36:53 PM |
|
It looks like someone is using the forums hacked database again for nefarious purposes. Several individuals have mentioned receiving these emails, and at least some have already fallen victim to them. 
Do not download. |
"The Times 03/Jan/2009 Chancellor on brink of second bailout for banks" 😼 Bitcoin Core ( onion) |
|
|
|
|
|
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
Zepher
Copper Member
Hero Member
Offline
Activity: 686
Merit: 603
Electricity is really just organized lightning
|
 |
May 02, 2017, 02:47:44 PM |
|
 Email came from brianbooker@uk2.netAs Lauda says, do not open any attachments. This is ransomware or malware. |
My only payment address: 1ZephertJThxkHih7XcaUHBkMSnvkTt5u
|
|
|
goinmerry
Legendary
Offline
Activity: 2940
Merit: 1083
|
|
May 02, 2017, 02:52:35 PM |
|
Anyone have an idea how it is possible to acquired information to us? Kinda want some technical knowledge about this kind of phishing attempt*.
As I mentioned in related thread to this, I used my unused extra old laptop (the stock one) to find out what will happened out of my curiousity. Connect it to internet, download, remove internet and open it. My security there are not triggered. Im wondering how it can access those inside stuffs?
|
|
|
|
|
Lauda (OP)
Legendary
Offline
Activity: 2674
Merit: 2965
Terminated.
|
|
May 02, 2017, 02:54:45 PM |
|
Anyone have an idea how it is possible to acquired information to us?
The forum was hacked in 2015. I assume the database used for this phishing attempt is from that hack. Kinda want some technical knowledge about this kind of phishing attempt*.
Use Google then? As I mentioned in related thread to this, I used my unused extra old laptop (the stock one) to find out what will happened out of my curiousity. Connect it to internet, download, remove internet and open it. My security there are not triggered. Im wondering how it can access those inside stuffs?
You won't really figure out what it is doing or attempting to do without adequate technical knowledge, unless it is plainly obvious (e.g. ransomware screen). |
"The Times 03/Jan/2009 Chancellor on brink of second bailout for banks" 😼 Bitcoin Core ( onion) |
|
|
Quickseller
Copper Member
Legendary
Offline
Activity: 2870
Merit: 2298
|
|
May 02, 2017, 03:10:58 PM |
|
The btc-e DB has been hacked multiple times. I suspect the emails came from one of these hacks.
|
|
|
|
|
Lauda (OP)
Legendary
Offline
Activity: 2674
Merit: 2965
Terminated.
|
|
May 02, 2017, 03:13:06 PM |
|
The btc-e DB has been hacked multiple times. I suspect the emails came from one of these hacks.
I have not registered on BTC-e with this username, nor this email. Therefore, it had to be from Bitcointalk considering that other BTCT users have been getting them as well. |
"The Times 03/Jan/2009 Chancellor on brink of second bailout for banks" 😼 Bitcoin Core ( onion) |
|
|
LeGaulois
Copper Member
Legendary
Offline
Activity: 2870
Merit: 4088
Top Crypto Casino
|
|
May 02, 2017, 03:22:47 PM |
|
Got it as well and as Lauda the email used the username that i use only here. So it comes from the previous hack
the domain used to send the email is globo.com
|
|
|
|
helloeverybody
Legendary
Offline
Activity: 1008
Merit: 1000
★YoBit.Net★ 350+ Coins Exchange & Dice
|
|
May 02, 2017, 03:51:34 PM |
|
I can confirm i also got this email today as well and theres no other places ive used that email so its definitely from the hacked database.
|
|
|
|
owlcatz
Legendary
Offline
Activity: 3612
Merit: 1965
|
|
May 02, 2017, 04:03:52 PM |
|
I can confirm i also got this email today as well and theres no other places ive used that email so its definitely from the hacked database.
There is a new wave of phishing scams in the past 24 hours - a few users have already been burnt over .3 btc -  Then the url looks just like bitcointalk and wants you to login... so this is new, ongoing - not good!!! I reported one yesterday as well and gave it red trust - https://bitcointalk.org/index.php?action=profile;u=986625Thanks, and be careful out there - bitcointalk.org links will be green not blue!!!  EDit - https://bitcointalk.org/index.php?topic=1898264.msg18840021#msg18840021 |
.
I C Λ R U S | | | | █████▄▄█████▄▄
████████▀▀▀████
██████▀█████▀███
████████████████
████████████████
████████████████
░▄█████████████████
███████████████████
███████████████████
████████░░░▀▀▀▀▀▀▀▀
████████▄▄▄████████
███████████████████
█████████████████▀ | ░░░███
▄▄▄███
██████
░░░███
░░░███
░░░███
░░░███
░░░███
░░░███
░░░███
▄████████
███▌░▐███
████████▀ | | | | | █████████████████████
█████████████████████
█████████████████████
██████▀▀▀▀████▀▀█████
█████░░▄▄░░██░░░█████
█████▄▄██░░███░░█████
█████▀▀▀▀░░▀██░░█████
████░░░░▄▄▄▄█▀░░▀████
████░░░░░░░░█░▀▀░████
█████████████████████
█████████████████████
█████████████████████
█████████████████████ | ████
██
██
██
██
██
██
██
██
██
██
██
████ | ████
██
██
██
██
██
██
██
██
██
██
██
████ | ████
██
██
██
██
██
██
██
██
██
██
██
████ | | | | ████
██
██
████ | | ████
██
██
████ |
[/ce |
|
|
|
zekoroger
|
|
May 02, 2017, 04:10:37 PM |
|
be careful, that phishing fucker scammer make me alot damage today  |
|
|
|
|
owlcatz
Legendary
Offline
Activity: 3612
Merit: 1965
|
|
May 02, 2017, 06:24:03 PM |
|
be careful, that phishing fucker scammer make me alot damage today  Fixed link for ya... |
.
I C Λ R U S | | | | █████▄▄█████▄▄
████████▀▀▀████
██████▀█████▀███
████████████████
████████████████
████████████████
░▄█████████████████
███████████████████
███████████████████
████████░░░▀▀▀▀▀▀▀▀
████████▄▄▄████████
███████████████████
█████████████████▀ | ░░░███
▄▄▄███
██████
░░░███
░░░███
░░░███
░░░███
░░░███
░░░███
░░░███
▄████████
███▌░▐███
████████▀ | | | | | █████████████████████
█████████████████████
█████████████████████
██████▀▀▀▀████▀▀█████
█████░░▄▄░░██░░░█████
█████▄▄██░░███░░█████
█████▀▀▀▀░░▀██░░█████
████░░░░▄▄▄▄█▀░░▀████
████░░░░░░░░█░▀▀░████
█████████████████████
█████████████████████
█████████████████████
█████████████████████ | ████
██
██
██
██
██
██
██
██
██
██
██
████ | ████
██
██
██
██
██
██
██
██
██
██
██
████ | ████
██
██
██
██
██
██
██
██
██
██
██
████ | | | | ████
██
██
████ | | ████
██
██
████ |
[/ce |
|
|
Joel_Jantsen
Legendary
Offline
Activity: 1862
Merit: 1308
Get your game girl
|
|
May 02, 2017, 07:22:14 PM |
|
I can sort of establish a connection.The attacker is probably sending mails to coin collectors who are assumed to be having more bitcoins on them ? Lauda and Zepher is merely a case but it does connect the dots.
|
|
|
|
|
erikalui
Legendary
Offline
Activity: 2632
Merit: 1094
|
|
May 02, 2017, 07:30:29 PM |
|
I thought that I got this mail as a payment of one of the campaigns I have participated. I downloaded the attachment as well but since I don't have btc-e account, is it something I can do to now? I deleted the word doc file from my computer but my antivirus did not give me any alert. This was the email I received: http://prntscr.com/f3cucm |
|
|
|
Zepher
Copper Member
Hero Member
Offline
Activity: 686
Merit: 603
Electricity is really just organized lightning
|
|
May 02, 2017, 08:12:22 PM |
|
I thought that I got this mail as a payment of one of the campaigns I have participated. I downloaded the attachment as well but since I don't have btc-e account, is it something I can do to now? I deleted the word doc file from my computer but my antivirus did not give me any alert. This was the email I received: http://prntscr.com/f3cucmIf you used the password to unlock the attachment, consider your PC infected. Keyloggers/coin stealers/and a bunch of other stuff could be running in the background. Wipe your PC. Start off with a fresh operating system. |
My only payment address: 1ZephertJThxkHih7XcaUHBkMSnvkTt5u
|
|
|
|
Coin-Keeper
|
|
May 02, 2017, 08:45:37 PM |
|
Haven't seen one of these yet. Stuff like this is why I use Linux virtual machines for all my workspace! Snapshots are your friend.
|
|
|
|
|
anonymoustroll420
|
|
May 02, 2017, 09:05:57 PM |
|
It's most likely the old Bitcointalk database
|
Please don't stop us from using ASICBoost which we're not using
|
|
|
HeroC
Legendary
Offline
Activity: 858
Merit: 1000
|
|
May 03, 2017, 02:06:14 AM |
|
I got this email too, encrypted docx that wanted editing privileges from some random email @mail.com
|
|
|
|
|
chronicsky
Legendary
Offline
Activity: 2786
Merit: 1222
Just looking for peace
|
|
May 03, 2017, 04:45:38 AM |
|
and stupidly, my friend clicked download on the file.
Fortunately i noticed in time before he put the password in it.
is it gonna do anything if it has been downloaded?
I deleted it instantly :/
|
|
|
|
|
pooya87
Legendary
Offline
Activity: 3430
Merit: 10491
|
|
May 03, 2017, 05:19:48 AM |
|
This may be a good reminder: Real link is green when you move your mouse over: bitcointalk forum (real link)Fake link is not: bitcointalk forum (with different/fake link)p.s. i am referring to the attempt that owlcatz mentioned not the email (obviously  ) |
.
.BLACKJACK ♠ FUN. | | | ███▄██████
██████████████▀
████████████
█████████████████
████████████████▄▄
░█████████████▀░▀▀
██████████████████
░██████████████
█████████████████▄
░██████████████▀
████████████
███████████████░██
██████████ | | CRYPTO CASINO &
SPORTS BETTING | | │ | | │ | ▄▄███████▄▄
▄███████████████▄
███████████████████
█████████████████████
███████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████████████
█████████████████████
███████████████████
▀███████████████▀
███████████████████ | | .
|
|
|
|
|
Gimpeline
|
|
May 03, 2017, 05:37:47 AM |
|
I got the mail too.
I dont have an BTC-e account or use this e-mail in other places so it must come from here
|
|
|
|
|
|
