mouse
Newbie
Offline
Activity: 56
Merit: 0
|
|
June 30, 2011, 12:28:16 AM |
|
His name is Brett, he is also linked to http://www.prankcallradio.net/ and he was implicated earlier in a bitcoin heist on OTC, but I wasn't involved so I can't vouch either way.
|
|
|
|
BCEmporium
Legendary
Offline
Activity: 1218
Merit: 1000
|
|
June 30, 2011, 12:29:23 AM |
|
His fancy website gives us a treasure trove of information about him. I say he is a college educated American who visits this forum daily. In fact he is following this thread. Social engineering is a two way street dude.
What are your observations about our thief and his website?
Doubt they're connect, they probably bought that crap from someone. They're using someone else's tool.
|
|
|
|
cdhowie
|
|
June 30, 2011, 12:30:43 AM |
|
I currently have 41.91003938 secured. One of the wallets I checked had an email address as the label for a receiving address, so at least I have a lead on who owns them.
Time to commute home, it's 8:30 PM already. I'll try to work through a lot more of these tonight.
|
Tips are always welcome and can be sent to 1CZ8QgBWZSV3nLLqRk2BD3B4qDbpWAEDCZ Thanks to ye, we have the final piece.PGP key fingerprint: 2B7A B280 8B12 21CC 260A DF65 6FCE 505A CF83 38F5 SerajewelKS @ #bitcoin-otc
|
|
|
Raoul Duke
aka psy
Legendary
Offline
Activity: 1372
Merit: 1002
|
|
June 30, 2011, 12:34:50 AM |
|
DON'T VISIT THE MODERNAMERICANREVOLUTION.US WEBSITE!
IT HAS A JAVA EXPLOIT THAT WILL PAWN YOU!
|
|
|
|
andes
Jr. Member
Offline
Activity: 42
Merit: 2
|
|
June 30, 2011, 12:36:50 AM |
|
DON'T VISIT THE MODERNAMERICANREVOLUTION.US WEBSITE!
IT HAS A JAVA EXPLOIT THAT WILL PAWN YOU!
Oops, too late. What could be the consequences of doing just that?
|
|
|
|
RodeoX
Legendary
Offline
Activity: 3066
Merit: 1147
The revolution will be monetized!
|
|
June 30, 2011, 12:38:43 AM |
|
His fancy website gives us a treasure trove of information about him. I say he is a college educated American who visits this forum daily. In fact he is following this thread. Social engineering is a two way street dude.
What are your observations about our thief and his website?
Doubt they're connect, they probably bought that crap from someone. They're using someone else's tool. I was looking at the content of the email. Whoever wrote it likely knows it is a scam.
|
|
|
|
vragnaroda
Newbie
Offline
Activity: 40
Merit: 0
|
|
June 30, 2011, 12:39:00 AM |
|
DON'T VISIT THE MODERNAMERICANREVOLUTION.US WEBSITE!
IT HAS A JAVA EXPLOIT THAT WILL PAWN YOU!
seriously, who lets Java run on strange websites?
|
|
|
|
BCEmporium
Legendary
Offline
Activity: 1218
Merit: 1000
|
|
June 30, 2011, 12:41:20 AM |
|
His fancy website gives us a treasure trove of information about him. I say he is a college educated American who visits this forum daily. In fact he is following this thread. Social engineering is a two way street dude.
What are your observations about our thief and his website?
Doubt they're connect, they probably bought that crap from someone. They're using someone else's tool. I was looking at the content of the email. Whoever wrote it likely knows it is a scam. You mean the email + today's robbery? That's sure. I mean this American Revolution guy and the Bitcoin Accelerator, those seams to had bought the same tool, different versions, but same tool.
|
|
|
|
Raoul Duke
aka psy
Legendary
Offline
Activity: 1372
Merit: 1002
|
|
June 30, 2011, 12:42:21 AM |
|
DON'T VISIT THE MODERNAMERICANREVOLUTION.US WEBSITE!
IT HAS A JAVA EXPLOIT THAT WILL PAWN YOU!
Oops, too late. What could be the consequences of doing just that? No idea, honnestly... didn't let it run to find out
|
|
|
|
andes
Jr. Member
Offline
Activity: 42
Merit: 2
|
|
June 30, 2011, 12:44:42 AM Last edit: June 30, 2011, 12:58:26 AM by andes |
|
DON'T VISIT THE MODERNAMERICANREVOLUTION.US WEBSITE!
IT HAS A JAVA EXPLOIT THAT WILL PAWN YOU!
Oops, too late. What could be the consequences of doing just that? No idea, honnestly... didn't let it run to find out I use Firefox 4.01, but got no warning when entered the site. Someone knows if it could ran the java without my permission? Also for all the technical geniuses, a question: where can I learn the best practices for safe surfing?
|
|
|
|
casascius
Mike Caldwell
VIP
Legendary
Offline
Activity: 1386
Merit: 1140
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
|
|
June 30, 2011, 12:45:15 AM |
|
I notice on the BitcoinMiningAccelerator screen shot, there's a screenshot of three miner processes apparently submitting shares, possibly to a real pool.
Do the mining pool operators keep track of the actual hashes of the shares received? I'd be amused to find a mining pool operator be able to sniff out the person behind the scam just by matching the sequence of hashes in the picture against their submissions.
|
Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable. I never believe them. If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins. I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion. Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice. Don't keep coins online. Use paper or hardware wallets instead.
|
|
|
BCEmporium
Legendary
Offline
Activity: 1218
Merit: 1000
|
|
June 30, 2011, 12:45:30 AM |
|
The only applet found there is from this http://rg.revolvermaps.com/Still, a) Java sucks and I don't have such thing installed (and won't I REALLY, and I mean REALLY, need it); b) Even if I had such installed, I wonder why I would let an unknown site to run some applet.
|
|
|
|
MadCoinMan
Newbie
Offline
Activity: 13
Merit: 0
|
|
June 30, 2011, 12:46:15 AM |
|
Well done guys. This just shows that you simply can't pull shit like that.
|
|
|
|
Raoul Duke
aka psy
Legendary
Offline
Activity: 1372
Merit: 1002
|
|
June 30, 2011, 12:48:35 AM |
|
DON'T VISIT THE MODERNAMERICANREVOLUTION.US WEBSITE!
IT HAS A JAVA EXPLOIT THAT WILL PAWN YOU!
Oops, too late. What could be the consequences of doing just that? No idea, honnestly... didn't let it run to find out I use Firefox 4.01, but got no warning when entered the site. Someone knows if it could ran the java without my permission? Usually it runs if you have the java plugin activated. seriously, who lets Java run on strange websites?
Curious persons, like me, in virtual machines lol This is the exploit: http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?name=Exploit%3aJava%2fCVE-2010-0840.CI&threatid=2147645887
|
|
|
|
UniverseMan
Newbie
Offline
Activity: 26
Merit: 0
|
|
June 30, 2011, 12:49:19 AM |
|
That facebook page is fantastic. This quote, in particular, really tickled me. f the American people ever allow private banks to control the issue of their money, first by inflation and then by deflation, the banks and corporations that will grow up around them (around the banks), will deprive the people of their property until their children will wake up homeless on the continent their fathers conquered.
Give me control of a nation's money and I care not who makes the laws. -Mayer Rothschild Yeah, it might be hard for the banks to deprive people of their property after someone has already deprived them of their wallets. And I think you've taken that "give me control of a nation's money" bit way too seriously.
|
|
|
|
antares
|
|
June 30, 2011, 12:51:02 AM |
|
lol, does someone have a screenshot from that website?
btw, this scam shows that the scammers are actually noobs. They might have done some nice site, I won't know that unless someone has a screen, but WHO THE FUCK IS THAT STUPID to create a wallet stealer and then use a ftp account that is not write-only?
|
|
|
|
Maged
Legendary
Offline
Activity: 1204
Merit: 1015
|
|
June 30, 2011, 12:53:51 AM |
|
I currently have 41.91003938 secured. One of the wallets I checked had an email address as the label for a receiving address, so at least I have a lead on who owns them.
Time to commute home, it's 8:30 PM already. I'll try to work through a lot more of these tonight.
Maybe run the addresses through this list that was scraped earlier today? http://forum.bitcoin.org/index.php?topic=24346.0I wonder if unemployed still has the unfiltered list... (any address added to a sig after this was released can't be trusted)
|
|
|
|
andes
Jr. Member
Offline
Activity: 42
Merit: 2
|
|
June 30, 2011, 12:57:55 AM Last edit: June 30, 2011, 01:26:23 AM by andes |
|
You know what, I smell something fishy here. This whole americanrevolution thing with the java exploit, associated with this professionally designed site seems like an outside organization to me targeting bitocoin using a libertarian site as camouflage. It does not seem to me like the profile of a corrupted independent techie inside the community. They were just too lousy on the programming side, and too good on the marketing side (in fact, better than any other bitcoin site). To me it could be some top-down order, like: infiltrate this thing and start attacking them to break the trust. Its just another conspiracy theory, I know, but just made that association after watching this today: http://www.youtube.com/user/BitcoinChannel This will be my only and last conspiracy speculation, btw.
|
|
|
|
mouse
Newbie
Offline
Activity: 56
Merit: 0
|
|
June 30, 2011, 12:59:28 AM |
|
lol, does someone have a screenshot from that website?
btw, this scam shows that the scammers are actually noobs. They might have done some nice site, I won't know that unless someone has a screen, but WHO THE FUCK IS THAT STUPID to create a wallet stealer and then use a ftp account that is not write-only?
http://imageshack.us/photo/my-images/804/bitcoinminingaccelerato.jpg/
|
|
|
|
|
|