Bitcoin Forum
October 19, 2017, 02:19:47 AM *
News: Latest stable version of Bitcoin Core: 0.15.0.1  [Torrent]. (New!)
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Wallet Injector 2.0 on Youtube . Anyone wanna check it?  (Read 5479 times)
bitrebel
Sr. Member
****
Offline Offline

Activity: 364


View Profile
August 05, 2011, 07:25:11 PM
 #1

http://www.youtube.com/watch?v=lxaigv0Ymgk

Do not click on the link unless you have good virus protection and know your stuff.
Anyone wanna check it for us? Post the results. Relay the info. Is this a new virus or an improvement on an old one?

I won't click many of those links because I got a virus by clicking on a youtube video once. Now i'm a bit paranoid, even though I run antivirus.

Why does Bitrebel have 65+ Ignores?
Because Bitrebel says things that some people do not want YOU to hear.
1508379587
Hero Member
*
Offline Offline

Posts: 1508379587

View Profile Personal Message (Offline)

Ignore
1508379587
Reply with quote  #2

1508379587
Report to moderator
"Bitcoin: mining our own business since 2009" -- Pieter Wuille
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1508379587
Hero Member
*
Offline Offline

Posts: 1508379587

View Profile Personal Message (Offline)

Ignore
1508379587
Reply with quote  #2

1508379587
Report to moderator
1508379587
Hero Member
*
Offline Offline

Posts: 1508379587

View Profile Personal Message (Offline)

Ignore
1508379587
Reply with quote  #2

1508379587
Report to moderator
1508379587
Hero Member
*
Offline Offline

Posts: 1508379587

View Profile Personal Message (Offline)

Ignore
1508379587
Reply with quote  #2

1508379587
Report to moderator
newminerr
Member
**
Offline Offline

Activity: 112

like no other.


View Profile
August 05, 2011, 07:26:05 PM
 #2

imma give it a go  Smiley
bitplane
Sr. Member
****
Offline Offline

Activity: 321

Firstbits: 1gyzhw


View Profile WWW
August 05, 2011, 07:28:25 PM
 #3

That's stupid. Even if it can inject a payment into your wallet, that doesn't mean you can spend the funds on the network; you just have a corrupted wallet!

Most likely a scam that empties your wallet too.
bitrebel
Sr. Member
****
Offline Offline

Activity: 364


View Profile
August 05, 2011, 07:36:33 PM
 #4

That's stupid. Even if it can inject a payment into your wallet, that doesn't mean you can spend the funds on the network; you just have a corrupted wallet!

Most likely a scam that empties your wallet too.

It is a scam. It's used to steal people's wallet files. I'm wondering if it works, how well it works, and if the virus can be downloaded to you by watching the video. If it's already advertising the stealing of wallets, who's to say if he disguises the method and uses it against you?

Why does Bitrebel have 65+ Ignores?
Because Bitrebel says things that some people do not want YOU to hear.
newminerr
Member
**
Offline Offline

Activity: 112

like no other.


View Profile
August 05, 2011, 07:54:58 PM
 #5

Here is a quick anatomy of the file  Kiss

First of all you won't get infected if you watched the video you will get infected if you downloaded the file in the video description [megaupload link].


It is a visualbasic file
It steals your \Bitcoin\wallet.dat.

It collects your conputer information.

It connects to smtp.gmail.com and sends an email to xplxOdy@hotmail.com with the info.

E.G:
Quote
Wallet taken from:
System Information

Operating System
Platform
Version
User
Language
Network
Display
Resolution
Workspace
Client-IP
It's pooly coded, most likely a ripped source or something, not custom made, i doubt it will succeed in stealing your info Roll Eyes
Are-you-a-wizard?
Member
**
Offline Offline

Activity: 98



View Profile
August 05, 2011, 07:55:55 PM
 #6

You know, I think I'm going to pass on clicking that link.
bitrebel
Sr. Member
****
Offline Offline

Activity: 364


View Profile
August 05, 2011, 07:59:54 PM
 #7

Thanks, Newminerr,
   You are an asset to the community.
So, when you think you'll be able to download a file to help you steal other people's wallet, it actually steals your wallet? That's pretty cool, actually. Now maybe we can upload a fix and steal everything he steals, and mail it all to Bruce.  Wink

Why does Bitrebel have 65+ Ignores?
Because Bitrebel says things that some people do not want YOU to hear.
bitplane
Sr. Member
****
Offline Offline

Activity: 321

Firstbits: 1gyzhw


View Profile WWW
August 05, 2011, 08:18:30 PM
 #8

Here is a quick anatomy of the file  Kiss

First of all you won't get infected if you watched the video you will get infected if you downloaded the file in the video description [megaupload link].


It is a visualbasic file
It steals your \Bitcoin\wallet.dat.

It collects your conputer information.

It connects to smtp.gmail.com and sends an email to xplxOdy@hotmail.com with the info.

E.G:
Quote
Wallet taken from:
System Information

Operating System
Platform
Version
User
Language
Network
Display
Resolution
Workspace
Client-IP
It's pooly coded, most likely a ripped source or something, not custom made, i doubt it will succeed in stealing your info Roll Eyes

Nice work! Get the smtp password, log into gmail and set up a forward + delete rule, send the stolen coins to the faucet Wink
Yuusha
Full Member
***
Offline Offline

Activity: 196



View Profile
August 05, 2011, 08:22:39 PM
 #9

Flagged the video and reported the Megaupload download.
Vod
Legendary
*
Offline Offline

Activity: 2170


Licking my boob since 1970


View Profile WWW
August 05, 2011, 08:29:23 PM
 #10

Flagged the video and reported the Megaupload download.

I also flagged the video and commented.  Wouldn't let me copy the thread link.

I'm into creating universes, smiting people, writing holy books and listening to prayers.
If you want your prayers answered, you must donate to 1CDyx8AUTiYXS1ThcBU3vy4SJWQq6pdFMH
BitcoinTalk Public Information Project
newminerr
Member
**
Offline Offline

Activity: 112

like no other.


View Profile
August 05, 2011, 09:30:03 PM
 #11

He is not very smart, showing his wallet address.

Here is where he sent his coinies Cheesy
0.01, 0.01, 0.01, 1.0 as shown in the video.
http://blockexplorer.com/address/1CCaPTSfkRYhn3ukWDLv4ur4AKLmdjePme

And here is the scan
http://www.virustotal.com/file-scan/report.html?id=7ca463885caaf3db2dc15a62edcdffa1cc4e820625fcbb4cabc4a95659afb148-1312572029

Too bad it's not fully detected yet, but VT will distribute it to antivius vendors to analyze/scan it again Smiley

Edit 1:
BTW can someone explain this transaction to me?
http://blockexplorer.com/tx/1d9c7ca2668f3173b0145969e58be2c281503add5830ffa3a82568253bd3d5ad#o1

http://blockexplorer.com/address/1618dCnRi6U2unkTn4fWGXhXLzQYi9dqGy
I am still not familiar with blockexplorer but 1000BTC looks interesting..

Edit 2:
I found out that's not the original video, he just downloaded and uploaded the video and put his own link/stealer.

The original one [with higher quality is most likely the original]

http://www.youtube.com/watch?v=8Hws-OruuqE
It contains also a malicious file i will reverse that one tomorrow, but it creates "Bitcoins Wallet Injecting.exe" [261120 Bytes] and "bot.exe" [33792 Bytes] in the temp folder, so it's obvious it's malicious :]

I second what bitrebel said, Don't download any of those files unless you know what you are doing.
mdbitcoin
Newbie
*
Offline Offline

Activity: 29


View Profile
August 31, 2011, 04:45:20 AM
 #12

The video is back. I'm reporting it violation of terms of service and all its incarnations. You should too.
BitcoinPorn
Hero Member
*****
Offline Offline

Activity: 574


Posts: 69


View Profile WWW
August 31, 2011, 10:13:20 AM
 #13

Virus through watching a YouTube video?  Now this I gotta see Cheesy

Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!