kira4light (OP)
Newbie
Offline
Activity: 37
Merit: 0
|
|
July 04, 2013, 02:11:22 PM |
|
I believed a lot of guys posted on the "5 Bitcoin Independence Day Raffle !" https://bitcointalk.org/index.php?topic=246400.msg2612378I just received a PM this morning saying I win it. It says it's a private key. But I found out it is some MS-DOS program, which makes me cautious. So does everyone received a PM like this? If you do please let me know. I think the guy named 'legitnick' is a completely scam, so everyboy let's put a negative comment on his trust! https://bitcointalk.org/index.php?action=profile;u=35697Can anyone tell me what this little MS-DOS program (".5 btc bode rdeem@mtgox.com") is? Is a Trojans, virus or something? Does it put my wallet or private key in danger?
|
|
|
|
|
|
|
|
|
"The nature of Bitcoin is such that once version 0.1 was released, the
core design was set in stone for the rest of its lifetime." -- Satoshi
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
naphto
|
|
July 04, 2013, 02:25:23 PM |
|
Proof? Screenshot?
Seems a scam.
|
|
|
|
xeroc
|
|
July 04, 2013, 02:29:51 PM |
|
positive .. it's a scam .. received PM too
|
|
|
|
pedrog
Legendary
Offline
Activity: 2786
Merit: 1031
|
|
July 04, 2013, 02:30:17 PM |
|
Haha, I'm also a winner, well I guess everybody won! Phishing attempt: Redeem code at mtqox .net
|
|
|
|
cp1
|
|
July 04, 2013, 02:31:43 PM |
|
this is the list of winners i got pmed:
riazg princesshannah Transisto cp1 felix123 Obama juronimo albert speer hurro bachelor
Did everyone win a .com virus?
|
|
|
|
BitcoinBarrel
Legendary
Offline
Activity: 1961
Merit: 1020
Fill Your Barrel with Bitcoins!
|
|
July 04, 2013, 02:33:10 PM |
|
|
▄▄▄▄▄▄▄▄▄▄ ▄██████████████▄ ▄█████████████████▌ ▐███████████████████▌ ▄█████████████████████▄ ███████████████████████ ▐███████████████████████ ▐███████████████████████ ▐███████████████████████ ▐███████████████████████ ██████████████████████▀ ▀████████████████████▀ ▀██████████████████ ▀▀████████████▀▀
| .
| .....█ .....█ .....█ .....█ .....█ .....█ | | █ █ █ █ █ █ |
|
|
|
IIOII
Legendary
Offline
Activity: 1153
Merit: 1012
|
|
July 04, 2013, 03:32:19 PM |
|
If I remember correctly there was a very similar scam/phishing ongoing with alleged btc-e codes not long ago.
I would not be surprised if the same scamming entity is behind this "giveaway".
|
|
|
|
firstlast
|
|
July 04, 2013, 04:00:03 PM |
|
After explaining my problem I was pleasantly surprised by the outpouring of ridicule I received from members in the chat room. One guy who went by the name of "kjwallet" took his time and worked me through my problem, then was kind enough to scam me out of 30 bitcoins. After that event, I made a promise to myself that one day I would take back from the community in full.
|
|
|
|
P239
Newbie
Offline
Activity: 14
Merit: 0
|
|
July 04, 2013, 04:59:04 PM |
|
I hate to be a wet blanket, but ".5 btc bode rdeem@mtgox.com" looks like a description (of the key file?) ending in an email address, which, obviously will end in .com ... many Windows computers may confuse this to be an old "MS DOS" COM executable file.. if you forward the message/file to me I will take a look.. I'm on a Mac so I'm not worried about your silly virii & trojans.. (although i will still be careful )
|
|
|
|
jag2k2
Member
Offline
Activity: 62
Merit: 10
|
|
July 04, 2013, 05:52:56 PM |
|
reminds me of that 10btc giveaway we had a few months ago.
|
I believe that banking institutions are more dangerous to our liberties than standing armies... The issuing power should be taken from the banks and restored to the people, to whom it properly belongs. - Thomas Jefferson
|
|
|
colinistheman
|
|
July 04, 2013, 06:17:33 PM |
|
I got scammed by him with this too. Good thing i didn't run any program
|
|
|
|
bitcoinstarter
|
|
July 04, 2013, 06:20:26 PM |
|
reminds me of that 10btc giveaway we had a few months ago.
This ^^ . These guys are back with a scam!
|
|
|
|
tarrant_01
|
|
July 04, 2013, 06:28:24 PM |
|
We'll see if robert5's 1 BTC give-away is a scam also.
|
1P95gCUCw3Tjb7yyoYtW3ARZZQyTpFgk6H
|
|
|
elebit
|
|
July 04, 2013, 06:36:03 PM |
|
Cool, can I get a copy of the alleged trojan? It would be interesting to look inside.
|
|
|
|
cp1
|
|
July 04, 2013, 06:40:13 PM |
|
Cool, can I get a copy of the alleged trojan? It would be interesting to look inside.
It looks like the moderators deleted the PM he sent me, so I can't forward it to you.
|
|
|
|
kira4light (OP)
Newbie
Offline
Activity: 37
Merit: 0
|
|
July 04, 2013, 07:23:14 PM |
|
Cool, can I get a copy of the alleged trojan? It would be interesting to look inside.
http://rghost.net/47200539?r=1096Please tell me what is inside. I actually clicked on the program... really anxious right now...
|
|
|
|
kira4light (OP)
Newbie
Offline
Activity: 37
Merit: 0
|
|
July 04, 2013, 07:23:40 PM |
|
I hate to be a wet blanket, but ".5 btc bode rdeem@mtgox.com" looks like a description (of the key file?) ending in an email address, which, obviously will end in .com ... many Windows computers may confuse this to be an old "MS DOS" COM executable file.. if you forward the message/file to me I will take a look.. I'm on a Mac so I'm not worried about your silly virii & trojans.. (although i will still be careful ) http://rghost.net/47200539?r=1096Please tell me what is inside. I actually clicked on the program... really anxious right now...
|
|
|
|
Welsh
Staff
Legendary
Offline
Activity: 3262
Merit: 4110
|
|
July 04, 2013, 07:28:48 PM |
|
It's a scam. It's very obvious. That's why I don't allow any java script or anything to run until I know I can trust the site. Legitnick isn't so legit.
|
|
|
|
elebit
|
|
July 04, 2013, 07:40:31 PM |
|
Please tell me what is inside. I actually clicked on the program... really anxious right now...
It's a .net program. I don't have the proper tools to disassemble that, at least not for now. But if it is similar to what the other people got it's probably a dropper that downloads another program from somewhere and executes it. So it's impossible to know what that program does unless you actually get hold of it and look at it, but most probably it would be some sniffer and/or rootkit of some kind. If you want my professional advice it would be: Don't take any chances with this. The attacker could be a script kiddie and the malware possible to remove, but why risk it? Boot from a CD and back up any data you do not have previously backed up. Take special care to backup your bitcoin wallet and any password files you use. Wipe your system completely and reinstall your operating system. Take care not to reinstall anything executable from whatever backups to took after you got infected. Never run software from strangers on the Internet ever again. Unless you opened your wallet and entered your password after you run this malware, the attacker can not get hold of your coins. Consider this a lesson and yourself lucky under the circumstances. Never run software from strangers on the Internet ever again. And back up your data.
|
|
|
|
Welsh
Staff
Legendary
Offline
Activity: 3262
Merit: 4110
|
|
July 04, 2013, 07:44:41 PM |
|
Something like this happened before. But, a lot more people fell for it. I think the attacker got away with around 30 Bitcoins maybe more. It was valued at around $110-140 at the time, so it was a big blow.
After doing some research on legitnick, I realised that he has been pretty shady the last few posts he had made, to be honest I didn't really care about it, I knew it was a scam but couldn't call him out because it may of not of been.
|
|
|
|
|