Bitcoin Forum
December 15, 2024, 01:02:34 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: ANN: Someone made a PD clone and put a virus on their clone. Please Report  (Read 1123 times)
Stunna (OP)
Legendary
*
Offline Offline

Activity: 3192
Merit: 1279


Primedice.com, Stake.com


View Profile
October 12, 2013, 04:49:44 AM
 #1

Re-Posting http://www.reddit.com/r/Bitcoin/comments/1o9tmi/ann_someone_has_cloned_my_bitcoin_website_and_put/   for increased awareness.

Hey Everyone,

I run www.primedice.com , unfortunately right now when you google primedice the first result is a google ad for a clone called [PLEASE DO NOT VISIT THIS SITE]: (Primedicebot.com) which prompts you to download the latest version of java which will thus infect your computer. They even appear slightly convincing as they have copy and pasted the source to our site.
I'd strongly appreciate it if everyone could report that malware/clone website (primedicebot.com) to http://www.google.com/safebrowsing/report_badware/

Thank you

Stake.com Fastest growing crypto casino & sportsbook
Primedice.com The original bitcoin instant dice game
Shallow
Sr. Member
****
Offline Offline

Activity: 938
Merit: 255


SmartFi - EARN, LEND & TRADE


View Profile
October 12, 2013, 04:52:17 AM
 #2

Wow. Well at least you know you've made it when people start trying to impersonate you Tongue

████
██
██
██
██
██
██
██
██
██
██
██
████
...The Open..............
...Lending Platform...
████
████
████
████
████
████
████
████
████
████
████
████
████
▄▄█████████▄▄
▄█████████████████▄
▄██████████▀▀▀▀███████▄
█████████▀        ███████
████████▀        ▄█████████
█████████       ▄▀▀██████████
█████████     ▄▀   ▀█████████
██████████  ▄▀      █████████
█████████▀▀       ▄████████
███████        ▄█████████
▀███████▄▄▄▄██████████▀
▀█████████████████▀
▀▀█████████▀▀
.SMARTFI..████
████
████
████
████
████
████
████
████
████
████
████
████
...Join the SmartFi.....
...Token Sale...
████
██
██
██
██
██
██
██
██
██
██
██
████
████████████████████████████
████████████████████████████
████████████████████████████
█████████████████▀▀  ███████
█████████████▀▀      ███████
█████████▀▀   ▄▄     ███████
█████▀▀    ▄█▀▀     ████████
█████████ █▀        ████████
█████████ █ ▄███▄   ████████
██████████████████▄▄████████
████████████████████████████
████████████████████████████
████████████████████████████
████████████████████████████
████████████████████████████
████████████████████████████
████████▀▀▄██████▄▀▀████████
███████  ▀        ▀  ███████
██████                ██████
█████▌   ███    ███   ▐█████
█████▌   ▀▀▀    ▀▀▀   ▐█████
██████                ██████
███████▄  ▀██████▀  ▄███████
████████████████████████████
████████████████████████████
████████████████████████████
escrow.ms
Legendary
*
Offline Offline

Activity: 1274
Merit: 1004


View Profile
October 12, 2013, 07:21:52 AM
 #3

Reported to google and godaddy.
cowandtea
Sr. Member
****
Offline Offline

Activity: 434
Merit: 250


View Profile
October 12, 2013, 07:30:30 AM
 #4

Reported, hopefully google take down the website before someone lost their wallet.

Stunna (OP)
Legendary
*
Offline Offline

Activity: 3192
Merit: 1279


Primedice.com, Stake.com


View Profile
October 12, 2013, 07:36:16 AM
 #5

Reported to google and godaddy.

Reported, hopefully google take down the website before someone lost their wallet.

Really appreciate it, thanks

Stake.com Fastest growing crypto casino & sportsbook
Primedice.com The original bitcoin instant dice game
escrow.ms
Legendary
*
Offline Offline

Activity: 1274
Merit: 1004


View Profile
October 12, 2013, 07:39:35 AM
Last edit: October 12, 2013, 07:55:27 AM by escrow.ms
 #6

I have checked that java file, some stupid guy from HF is probably doing this.



This Java driveby downloads exe file from here


Virus scan of jar : 0/48 (It's FUD)
https://www.virustotal.com/en/file/4be0944c1ba24240798c1de430c9592c0d56e6338c84c18a7c2084aecb227aa8/analysis/1381564324/

Virus scan of exe file: 2/48 (It's crypted)

https://www.virustotal.com/en/file/c2c20a1f614402b93fe79d11bffda53b35c07e37eebd44e1455cd80ad590aa00/analysis/1381564166/

marcotheminer
Legendary
*
Offline Offline

Activity: 2114
Merit: 1049


┴puoʎǝq ʞool┴


View Profile
October 12, 2013, 09:43:07 AM
 #7

Reported, hope this clears!

""Man am I glad to be back on these forums! - time for a surf! ... "yeww which boards bro?!" Cool
٩(- ̮̮̃-̃)۶ (-(-_(-_-)_-)-) ٩(̾●̮̮̃̾•̃̾)۶ ♫♪.ılılıll|̲̅̅●̲̅̅|̲̅̅=̲̅̅|̲̅̅●̲̅̅|llılılı.♫♪ »-(¯`·.·´¯)-> BTC <-(¯`·.·´¯)-« ♫♪.ılılıll|̲̅̅●̲̅̅|̲̅̅=̲̅̅|̲̅̅●̲̅̅|llılılı.♫♪ ٩(̾●̮̮̃̾•̃̾)۶ (-(-_(-_-)_-)-) ٩(- ̮̮̃-̃)۶ ascii art source: 1lineart.kulaone.com
nenelsparadise
Sr. Member
****
Offline Offline

Activity: 324
Merit: 250


View Profile
October 12, 2013, 09:55:41 AM
 #8

Reported !!!!
icey
Legendary
*
Offline Offline

Activity: 1578
Merit: 1000


May the coin be with you..


View Profile
October 12, 2013, 09:59:54 AM
 #9

Reported, hopefully it gets taken down soon
ninjaboon
Legendary
*
Offline Offline

Activity: 2128
Merit: 1002



View Profile WWW
October 13, 2013, 03:37:19 AM
 #10

reported to Google too

Stunna (OP)
Legendary
*
Offline Offline

Activity: 3192
Merit: 1279


Primedice.com, Stake.com


View Profile
October 13, 2013, 08:09:50 AM
 #11

Appreciate  the help, unfortunately it appears to still be up and their ads are still running. As long as their ads get cancelled users should be safe, waiting on google still.

Stake.com Fastest growing crypto casino & sportsbook
Primedice.com The original bitcoin instant dice game
ITsTanked
Newbie
*
Offline Offline

Activity: 54
Merit: 0


View Profile
October 13, 2013, 05:18:41 PM
 #12

I think I find a time based sql injection place for the file host of the virus.  Is too unethical to try to remove virus from host?  Host not seem care what file kind it host.
niallog1
Newbie
*
Offline Offline

Activity: 46
Merit: 0


View Profile
October 13, 2013, 06:24:37 PM
 #13

Thanks for the heads up Stunna, reported it, hopefully it gets taken down soon.
b!z
Legendary
*
Offline Offline

Activity: 1582
Merit: 1010



View Profile
October 14, 2013, 09:04:46 AM
 #14

I think I find a time based sql injection place for the file host of the virus.  Is too unethical to try to remove virus from host?  Host not seem care what file kind it host.

Depends on how legal that is in your jurisdiction.
escrow.ms
Legendary
*
Offline Offline

Activity: 1274
Merit: 1004


View Profile
October 14, 2013, 09:15:18 AM
 #15

Appreciate  the help, unfortunately it appears to still be up and their ads are still running. As long as their ads get cancelled users should be safe, waiting on google still.

Looks like godaddy guys are lazy, filed a report again.
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!