bitminers (OP)
Member
Offline
Activity: 84
Merit: 10
|
|
July 28, 2011, 01:34:05 PM |
|
|
|
|
|
Morebitcoinsplease
Member
Offline
Activity: 84
Merit: 10
|
|
July 28, 2011, 01:53:19 PM |
|
LOL if only it was that easy to make bitcoins
|
|
|
|
|
kwukduck
Legendary
Offline
Activity: 1937
Merit: 1001
|
|
July 28, 2011, 02:03:52 PM |
|
Seems some kind of botnet...
|
14b8PdeWLqK3yi3PrNHMmCvSmvDEKEBh3E
|
|
|
Morebitcoinsplease
Member
Offline
Activity: 84
Merit: 10
|
|
July 28, 2011, 02:16:07 PM |
|
lol. It's a double compressed archive. extract the BIT.rar file and you will get: extract the "Bitcoin Wallet Injector.exe" and you will get: .... bot.exe....pretty lame Wow that is just awesome.... bot.exe Hrmm perhaps later I will get some time to reverse engineer it and see what it does =)
|
|
|
|
bitminers (OP)
Member
Offline
Activity: 84
Merit: 10
|
|
July 28, 2011, 02:36:09 PM |
|
Thats the 2nd or 3rd Ive found on YouTube, they seem to be reasonably consistent in this crap.
|
|
|
|
Jaime Frontero
|
|
July 28, 2011, 02:51:22 PM |
|
lol. It's a double compressed archive. extract the BIT.rar file and you will get: extract the "Bitcoin Wallet Injector.exe" and you will get: .... bot.exe....pretty lame Wow that is just awesome.... bot.exe Hrmm perhaps later I will get some time to reverse engineer it and see what it does =) i'd be interested - should you happen to take the thing apart - in knowing how sophisticated the wallet-stealer is. can it find a wallet.dat anywhere on any hard drive or partition? if the wallet is on an unmounted file system, can it mount that? if wallet.dat is renamed to something else - i.e., foo.bar - could it find the renaming line in bitcoin.conf and steal foo.bar?
|
|
|
|
airdata
|
|
July 28, 2011, 02:58:23 PM |
|
im guessing it just looks for wallet.dat. most likely not very sophisticated.
|
|
|
|
fabianhjr
Sr. Member
Offline
Activity: 322
Merit: 250
Do The Evolution
|
|
July 28, 2011, 03:53:16 PM |
|
Most likely the path is hardcoded, what would be interesting to find out is if it also has some authentication hardcoded and we can mess with that, ex. change the password and rm -rf / the bitch.
Also, my heart is crying over such a stupid interface when you could have had only one fucking button. D:<
|
|
|
|
timmey
Newbie
Offline
Activity: 28
Merit: 0
|
|
July 28, 2011, 04:12:50 PM |
|
|
|
|
|
|
bitminers (OP)
Member
Offline
Activity: 84
Merit: 10
|
|
July 29, 2011, 08:17:11 AM |
|
My Point is, this crap needs to be flagged etc, and removed just like all that spam that was going up on YouTube before, but especially these damn Trojans, Wallet Stealers etc!
|
|
|
|
triforcelink
Member
Offline
Activity: 112
Merit: 10
|
|
July 29, 2011, 02:25:25 PM |
|
|
|
|
|
Yuusha
|
|
July 29, 2011, 02:30:32 PM |
|
Flagged as scam/fraud. Everyone else should flag it as well.
|
|
|
|
MemoryDealers
VIP
Legendary
Offline
Activity: 1052
Merit: 1155
|
|
July 31, 2011, 12:52:03 AM |
|
|
|
|
|
nmat
|
|
July 31, 2011, 12:57:28 AM |
|
Flagged as scam/fraud. Everyone else should flag it as well.
This
|
|
|
|
bitminers (OP)
Member
Offline
Activity: 84
Merit: 10
|
|
July 31, 2011, 01:13:33 AM |
|
Thanks Memory Dealers! If enough of us monitor this rubbish and flag them!
|
|
|
|
fabianhjr
Sr. Member
Offline
Activity: 322
Merit: 250
Do The Evolution
|
|
July 31, 2011, 02:01:42 AM |
|
Just got one son of a bitch. http://www.youtube.com/watch?v=x4-nesXzBOwhabbocrazy543, his account got closed and videos removed. They will still appear in searched though.
|
|
|
|
bitminers (OP)
Member
Offline
Activity: 84
Merit: 10
|
|
July 31, 2011, 10:27:29 AM |
|
Excellent, Ive been also been flagging when I can
|
|
|
|
BitMofo
Member
Offline
Activity: 112
Merit: 10
|
|
July 31, 2011, 11:03:30 AM |
|
Flagged...
All the bitcoin theft going on is just like the gold rush was...
|
1HNffyHktcD2iB6WJhPxKbALJdg4dwerTG
|
|
|
|