Bitcoin Mining Accelerator SCAM

[sergio]

if you use linux you can use the string command to take a look at ascii characters in the binary, there is a web site listed, however I do not know how it is related to the scam mining software.

minero@dragon:~/Downloads$ strings  -a Coin-Miner-v2.7.exe  |more
!This program cannot be run in DOS mode.
Rich
.text
`.rdata
@.data
.rsrc
http://www.clickteam.com
PVQR
PVQR
QRSP
_^][
_^][
L$,QV
=H0B
[u4j&V
=L0B

[casascius]

Sorry for the slow progress, working as fast as I can.

Compromised addresses:
...
More to come; will update this post as I find more.

Consider spending the coins off to another fresh address of your own, editing your post, and inviting the person come get them from you.  Who knows, the victim could re-run the program and send a fresh copy to the malware author.

[Distribution]

My favorite award is most downloaded May/June. Especially considering that the oldest comments are from June 28.

[dacoinminster]

Consider spending the coins off to another fresh address of your own, editing your post, and inviting the person come get them from you.  Who knows, the victim could re-run the program and send a fresh copy to the malware author.

Yes - you will be doing the community a huge favor if you secure these coins as you gain access to them.

[Justsomeforumuser]

I just got an email advertising this wonderfull scam

DO NOT USE THIS SOFTWARE!
www.bitcoin-mining-accelerator.com

This one definitely and 100% got sent to the disclosed MtGox hacked database email. I think I will  deactivate it now, despite all the fun stuff that's been trickling in..

[bitcoinminer]

I just got an email advertising this wonderfull scam

I thought there already was a topic on it but couldn't find it so i thought i'd put this up as a warning.

It's funny how hard they try to make this look legit, the awards are epic!

DO NOT USE THIS SOFTWARE!
www.bitcoin-mining-accelerator.com

how about you chop-up-the-domain-name so that robots don't pick it up for google?

[bitcoinminer]

Sorry for the slow progress, working as fast as I can.

EDIT: At the request of several people, I am spending all of the coins in each address I come across to a secure wallet on my machine.  I will publish a complete list of compromised addresses and where the coins they held are after I finish processing the (growing) collection of wallets that I have.  We can iron out claim details later.  I have a process fetching and deleting new wallets automatically now, so hopefully he won't get his hands on any more.

After all the warnings given out, I think you should spend all of these coins to a charity for the mentally retarded

[dacoinminster]

After all the warnings given out, I think you should spend all of these coins to a charity for the mentally retarded

I want stupid people to be able to use bitcoins safely someday. Plenty of stupid people use cash, and if we limit the bitcoin economy to non-retards, it will be pretty small.

Hopefully future generations of clients will prevent stuff like this.

[Distribution]

How could you figure out who the coins belong to?

[bitcool]

awesome.. i just got it too !!!  Thanks Mt.Gox for letting the world have my personal email address.  appreciate it.

Where should we send the thank-you cards to?

[Chick]

Hey, lets connect to the ftp server and steal the wallets!  

[SolarSilver]

This one definitely and 100% got sent to the disclosed MtGox hacked database email. I think I will  deactivate it now, despite all the fun stuff that's been trickling in..

I got the message twice sent to the same address I used specifically for MtGox:

Received: from o1.bn.sendgrid.net (o1.bn.sendgrid.net [75.126.253.211])
Received: from o1.bn.sendgrid.net ([75.126.253.211])

Thank you MtGox for leaking out this address, can I send a bill for each received spam and you can pay in BTC? Or perhaps you should spend the money on data security.

[xenon481]

When refreshing the FTP directory periodically, three .dat files appeared.  I have downloaded them and removed them from the FTP server.  After starting up bitcoind with them I will report on any addresses they contain that have been seen in the block chain.  If they turn out to be your addresses, create a new wallet on a secure machine and spend all of your coins to one of its addresses ASAP.

EDIT: More keep popping up every so often.  I am downloading and deleting all that I find.

You might want to also set up something that periodically checks to see if the mal-executable changes. The author may change the destination details.

[Chick]

This one definitely and 100% got sent to the disclosed MtGox hacked database email. I think I will  deactivate it now, despite all the fun stuff that's been trickling in..

I got the message twice sent to the same address I used specifically for MtGox:

Received: from o1.bn.sendgrid.net (o1.bn.sendgrid.net [75.126.253.211])
Received: from o1.bn.sendgrid.net ([75.126.253.211])

Thank you MtGox for leaking out this address, can I send a bill for each received spam and you can pay in BTC? Or perhaps you should spend the money on data security.

You should definitely report this to abuse@sendgrid.net.

[cdhowie]

When refreshing the FTP directory periodically, three .dat files appeared.  I have downloaded them and removed them from the FTP server.  After starting up bitcoind with them I will report on any addresses they contain that have been seen in the block chain.  If they turn out to be your addresses, create a new wallet on a secure machine and spend all of your coins to one of its addresses ASAP.

EDIT: More keep popping up every so often.  I am downloading and deleting all that I find.

You might want to also set up something that periodically checks to see if the mal-executable changes. The author may change the destination details.

Yup, already doing that too.

[Chick]

Where does it install? I don't see anything relating to Coin_Miner in the Program Files directory.

I'm running this on a crappy 5 year old computer, hoping to log it's connections.

[mouse]

It's pretty depressing that virus scam sites have better designs than the legit bitcoin ones :-(

[andes]

It's pretty depressing that virus scam sites have better designs than the legit bitcoin ones :-(

Defininitely, we need better marketing for legitimate bitcoin uses.

[bitplane]

if you use linux you can use the string command to take a look at ascii characters in the binary, there is a web site listed, however I do not know how it is related to the scam mining software.

minero@dragon:~/Downloads$ strings  -a Coin-Miner-v2.7.exe  |more
!This program cannot be run in DOS mode.
Rich
.text
`.rdata
@.data
.rsrc
http://www.clickteam.com

Haha, newbs. Made in one of clickteam's game creation kits, might even be traceable back to their serial number if they actually bought it.

I suggest submitting this to all the AV companies ASAP. I am submitting it to Microsoft now.

edit: also reported to Google's safe browsing

[BitcoinPorn]

Defininitely, we need better marketing for legitimate bitcoin uses.

On a very real note that has nothing to do with this thread.  I've only charged one user for a graphic (suuuper cheap mind you), made a few for free, and honestly if I didn't have more work myself, I'd do more.  I'd ask for donations on all that shit, but obviously the start up people don't have it, so it comes down to, if any graphic designer has invested in coin, they should further seal their investment by helping out the stores that would make Bitcoin have that look legitimacy that is lacking on most these place.  I trust so few based on looks alone.