mmmerlin (OP)
|
|
September 07, 2013, 10:45:28 PM Last edit: September 09, 2013, 12:17:52 PM by mmmerlin |
|
I just got a very spammy PM on the BFL forum from what I think is someone trying to hype LTC saying that MtGox is going to start trading it and this was announced in a leaked recording of Mark Karpeles. It links to what I think is a spoof page imitating this forum with presumably mock posts from several well-established members of this community agreeing that this was sounding very promising. Link here: http://bitcointalk.us/LTCRecordedConversation.htmThis post is to: a) give people a head's up and b) confirm this is a spoof site created by someone trying to hype up LTC prices and not a genuine mirror of BTCTalk (which I'm pretty much sure of, but I've also been sitting at the keyboard for ~16 straight hours so judgement isn't what it might be). I was actually almost fooled, so thought I'd better alert people...
|
|
|
|
mmmerlin (OP)
|
|
September 07, 2013, 10:47:12 PM |
|
A lot of effort went into making the site though, they've registered a very good URL for it, all the people posting have links back to their profiles on bitcointalk.org
I've got to admit that I was very nearly fooled. I'm sure many will be...
|
|
|
|
grue
Legendary
Offline
Activity: 2058
Merit: 1431
|
|
September 07, 2013, 10:48:03 PM |
|
the free hosting ad at the top is a dead giveaway. also, there's some funny stuff in the root directory http://bitcointalk.us/phisher.php LOL i'm having some fun entering in some fake admin logins :p
|
|
|
|
01BTC10
VIP
Hero Member
Offline
Activity: 756
Merit: 503
|
|
September 07, 2013, 10:48:25 PM |
|
This domain bitcointalk.us is a phising site and is also used to hype a fake btc-e bot (trojan).
|
|
|
|
mmmerlin (OP)
|
|
September 07, 2013, 10:54:20 PM |
|
LOL indeed, but at first glance it's pretty convincing. Just thought people should be warned. I've reported it on the BFL forum...
|
|
|
|
Taras
Legendary
Offline
Activity: 1386
Merit: 1053
Please do not PM me loan requests!
|
|
September 07, 2013, 11:25:46 PM |
|
Definitely a phishing site, I found this in the directory: user=dasfd passwrd=dsfasdf cookielength=-1 hash_passwrd=
user=affa passwrd=asdfs cookielength=-1 hash_passwrd=
user=hi passwrd=good looking cookielength=-1 hash_passwrd=
user= passwrd= cookielength=-1 hash_passwrd=
user=ajze2 passwrd=c*******5 cookielength=-1 hash_passwrd=
user=01BTC10 passwrd=A6PhUyDBS6 cookielength=-1 hash_passwrd=
user=theymos passwrd=6iR25K1Xx4xXL6VM cookielength=-1 hash_passwrd=
user=gmaxwell passwrd=hcTb64SfgLy3Ey cookielength=-1 hash_passwrd=
user=kiba passwrd=1DDEFE1081888436A0A0681A8201431D cookielength=-1 hash_passwrd=
user=Gavin Andresen passwrd=RbCvyZNkbFHKQ5cHt7x8pAp5sXtz cookielength=-1 hash_passwrd=
user=casascius passwrd=3**************1 cookielength=-1 hash_passwrd=
user=Kluge passwrd=t*******7 cookielength=-1 hash_passwrd=
user=satoshi passwrd=nakamotp cookielength=-1 hash_passwrd=
|
|
|
|
01BTC10
VIP
Hero Member
Offline
Activity: 756
Merit: 503
|
|
September 07, 2013, 11:29:56 PM |
|
I guess my name is there because I clicked this link: http://bitcointalk.us/phisher.php However, the password is wrong and I logged out and back in Bitcointalk in case he tried stealing my session cookie.
|
|
|
|
mmmerlin (OP)
|
|
September 07, 2013, 11:33:33 PM |
|
This is NOT cool AT ALL.If there's anything I don't appreciate it's being impersonated. My own post: I don't believe it... I could never think of any sci-fi-ass machine capable of cracking SHA256. Of course with Snowden's verification, how could it be false? I'm horrified. Are our savings subject to overnight destruction?
Was modified as well: I don't believe it... Could it be true? Of course with Daichi's verification, we can totally trust him. Are your savings subject to overnight destruction? We have to figure out what's going on here, I do NOT like this at all. I bet a good percentage of people who see this will consider it legitimate. It is likely that a good proportion will indeed be fooled, I nearly was but it just didn't smell right. That's why I posted. Regarding this password list - a) LOL at having them sitting in the directory like that, and b) they all appear to be wrong, which is good!
|
|
|
|
Taras
Legendary
Offline
Activity: 1386
Merit: 1053
Please do not PM me loan requests!
|
|
September 07, 2013, 11:36:16 PM |
|
I guess my name is there because I clicked this link: http://bitcointalk.us/phisher.php However, the password is wrong and I logged out and back in Bitcointalk in case he tried stealing my session cookie. I did the same, the only account that had a valid password was called ajze2... Potential culpirit, registered August, but 0 posts. The satoshi entry was made by me, so I can confirm that these were phished with the login bar.
|
|
|
|
mmmerlin (OP)
|
|
September 08, 2013, 04:47:11 PM |
|
Well, he's been banned from the BFL forums under that username, though I doubt that will stop his scammy, fishy ways...
|
|
|
|
Isokivi
|
|
September 08, 2013, 04:48:03 PM |
|
Seems like a good place to spam, lots of gullible people and whatnot.
|
Bitcoin trinkets now on my online store: btc trinkets.com <- Bitcoin Tiepins, cufflinks, lapel pins, keychains, card holders and challenge coins.
|
|
|
jackjack
Legendary
Offline
Activity: 1176
Merit: 1255
May Bitcoin be touched by his Noodly Appendage
|
|
September 08, 2013, 06:24:37 PM Last edit: September 08, 2013, 06:52:30 PM by jackjack |
|
|
Own address: 19QkqAza7BHFTuoz9N8UQkryP4E9jHo4N3 - Pywallet support: 1AQDfx22pKGgXnUZFL1e4UKos3QqvRzNh5 - Bitcointalk++ script support: 1Pxeccscj1ygseTdSV1qUqQCanp2B2NMM2 Pywallet: instructions. Encrypted wallet support, export/import keys/addresses, backup wallets, export/import CSV data from/into wallet, merge wallets, delete/import addresses and transactions, recover altcoins sent to bitcoin addresses, sign/verify messages and files with Bitcoin addresses, recover deleted wallets, etc.
|
|
|
mmmerlin (OP)
|
|
September 08, 2013, 07:15:09 PM |
|
Seems like a good place to spam, lots of gullible people and whatnot.
+1
|
|
|
|
KonstantinosM
|
|
September 08, 2013, 07:44:49 PM |
|
I didn't click on the links nor trade any BTC for LTC based on this, I did not however notice that I was directed to this bullshit website...
Thank you, you saved me from some potential account hack! (I'm forever logged in, if I wasn't I don't know what might have happened.
|
Syscoin has the best of Bitcoin and Ethereum in one place, it's merge mined with Bitcoin so it is plugged into Bitcoin's ecosystem and takes full advantage of it's POW while rewarding Bitcoin miners with Syscoin
|
|
|
mmmerlin (OP)
|
|
September 08, 2013, 08:40:31 PM |
|
I didn't click on the links nor trade any BTC for LTC based on this, I did not however notice that I was directed to this bullshit website...
Thank you, you saved me from some potential account hack! (I'm forever logged in, if I wasn't I don't know what might have happened.
No worries, it's quite a convincing fake. The main alert for me was how overwhelmingly positive and effusive some of the more well known members of the community were being when I would have expected them to have been, at a minimum, a bit more circumspect. And whilst I have no idea whether they are or not, a surprising number of people were claiming to be fluent in Japanese, which also seemed a little odd...
|
|
|
|
justusranvier
Legendary
Offline
Activity: 1400
Merit: 1009
|
|
September 09, 2013, 12:13:29 AM |
|
Scams like this are a good reason to always use a password manager with unique per-site passwords instead of typing them in yourself.
Even if you fall for a phishing site, your password manager won't.
|
|
|
|
pbflash
Member
Offline
Activity: 66
Merit: 10
|
|
September 09, 2013, 01:15:31 AM |
|
I guess you must provide your dox to get a .us domain, no?
Nope. I recently registered a .us domain and only had to check a check box stating it was a us company.
|
|
|
|
b!z
Legendary
Offline
Activity: 1582
Merit: 1010
|
|
September 09, 2013, 11:13:29 AM |
|
I guess you must provide your dox to get a .us domain, no?
Nope. I recently registered a .us domain and only had to check a check box stating it was a us company. .us domains don't allow whois guard/privacy, iirc and i think you must type real info with all domains, or they can close the domain down
|
|
|
|
TsuyokuNaritai
|
|
September 09, 2013, 11:37:26 AM |
|
To help get the word out, I suggest changing the name of the thread to something more descriptive, such as "WARNING: bitcointalk.us is a fake phishing site".
|
|
|
|
mmmerlin (OP)
|
|
September 09, 2013, 12:17:23 PM |
|
To help get the word out, I suggest changing the name of the thread to something more descriptive, such as "WARNING: bitcointalk.us is a fake phishing site".
Good idea - done. Maybe someone could get a mod to move it out of meta to somewhere more suitable though, this isn't where I originally posted it and don't think I can move it.
|
|
|
|
|