Bitcoin Forum
September 18, 2018, 06:27:07 PM *
News: Latest stable version of Bitcoin Core: 0.16.2  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Bitgo Hacked? My computer Hacked? Or false positive?  (Read 60 times)
acegilz
Full Member
***
Offline Offline

Activity: 179
Merit: 100

1ACEGiLZnZoG7KUNkMwAT8tBuJ6jsrwj5Q


View Profile
May 11, 2018, 05:01:03 PM
 #1

https://imgur.com/a/VSDBeHc


1537295227
Hero Member
*
Offline Offline

Posts: 1537295227

View Profile Personal Message (Offline)

Ignore
1537295227
Reply with quote  #2

1537295227
Report to moderator
1537295227
Hero Member
*
Offline Offline

Posts: 1537295227

View Profile Personal Message (Offline)

Ignore
1537295227
Reply with quote  #2

1537295227
Report to moderator
1537295227
Hero Member
*
Offline Offline

Posts: 1537295227

View Profile Personal Message (Offline)

Ignore
1537295227
Reply with quote  #2

1537295227
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1537295227
Hero Member
*
Offline Offline

Posts: 1537295227

View Profile Personal Message (Offline)

Ignore
1537295227
Reply with quote  #2

1537295227
Report to moderator
AdolfinWolf
Hero Member
*****
Offline Offline

Activity: 798
Merit: 590


-- “We are the biological bootloader for AI”


View Profile
May 11, 2018, 06:05:22 PM
 #2


Seems like this happend to some people before, https://twitter.com/jronkain/status/919923991313375233 This happend in 2017. If that was real i think some more people would've noticed by now.

https://www.virustotal.com/url/5f41b558cc90c0dd5c8a6506f67ecb38daf343eb4375565ef8adcecaf3187bbb/analysis/1526061180/ gives a 0 / 67.
(Although i doubt that it scanned it correctly.)

Bitgo.com is a pretty popular site though, so if there was indeed something like a keylogger injected into the site, i'm sure people would've noticed by now.

Also, https://github.com/bitgo most of their wallets & tools seem to be open source. Not sure if their website itself is, but trying to hide a keylogger there really doesn't make sense.

ETFbitcoin
Legendary
*
Online Online

Activity: 1442
Merit: 1093


Use SegWit and enjoy lower fees


View Profile
May 11, 2018, 06:27:20 PM
 #3

Since BitGo have good reputation, i think the problem either :
1. Your PC might be infected, but it's unlikely since you already use an antivirus.
2. Your browser have malicious add-ons.
3. Your connection is intercepted by hacker or 3rd party. Try to use BitGo with paid VPN or Tor with proper configuration.

▄▄▄▄▄▄▄▄
██▀▀▀▀██
██▀▀▀▀██
██▀▀▀▀██
██▀▀▀▀██
██▀▀▀▀██
██▀▀▀▀██
██▀▀▀▀██
██▀▀▀▀██
██▀▀▀▀██
██▀▀▀▀██
▀▀▀▀▀▀▀▀
          ▄▄▄▄       
     ▄▄█▀▀▀▄▄▀▀▀█▄▄   
   ▄█▀▄▄████████▄▄▀█▄
 ▄█▀▄██████████████▄▀█▄
▐█ ██████████████████ █▌
█▌▐██████████████████▌▐█
█▌▐██████████████████▌▐█
▐█ ██████████████████ █▌
 ▀█▄▀██████████████▀▄█▀
   ▀█▄▀▀████████▀▀▄█▀   
     ▀▀█▄▄▄▀▀▄▄▄█▀▀     
          ▀▀▀▀         
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
███▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀███
██▌                 ▐██
██▌                 ▐██
██▌                 ▐██
██▌                 ▐██
██▌                 ▐██
▐██                 ██▌
 ███▄             ▄███
  ▀███▄         ▄███▀ 
    ▀▀███▄▄▄▄▄███▀▀   
        ▀▀▀▀▀▀▀       
 
██ ████  ██████  ██████ ███ ████ ██████████████████████

..WHITEPAPER..





             ▄████▄▄   ▄
█▄          ██████████▀▄
███        ███████████▀
▐████▄     ██████████▌
▄▄██████▄▄▄▄█████████▌
▀████████████████████
  ▀█████████████████
  ▄▄███████████████
   ▀█████████████▀
    ▄▄█████████▀
▀▀██████████▀
    ▀▀▀▀▀





▄█████████████████████████▄
███████████████████████████
███████████████▀       ████
██████████████      ▄▄▄████
██████████████    ▐████████
██████████████    ▐████████
██████████            ▐████
██████████            █████
██████████████    ▐████████
██████████████    ▐████████
██████████████    ▐████████
▀█████████████    ▐███████▀





                   ▄▄████
              ▄▄████████▌
         ▄▄█████████▀███
    ▄▄██████████▀▀ ▄███▌
▄████████████▀▀  ▄█████
▀▀▀███████▀   ▄███████▌
      ██    ▄█████████
       █  ▄██████████▌
       █  ███████████
       █ ██▀ ▀██████▌
       ██▀     ▀████
                 ▀█▌
bL4nkcode
Copper Member
Hero Member
*****
Offline Offline

Activity: 952
Merit: 573


Beware of Scam and Fraud ICO


View Profile WWW
May 11, 2018, 06:32:15 PM
 #4

Seems it only appears on your computer or on AVG database particularly, I didn't get any error or alert when visiting the site using Norton while Bitgo has good reputation IMO

3. Your connection is intercepted by hacker or 3rd party. Try to use BitGo with paid VPN or Tor with proper configuration.
This might be the close reason of your issue.

▄▄▄▄▄▄▄▄
██▀▀▀▀██
██▀▀▀▀██
██▀▀▀▀██
██▀▀▀▀██
██▀▀▀▀██
██▀▀▀▀██
██▀▀▀▀██
██▀▀▀▀██
██▀▀▀▀██
██▀▀▀▀██
▀▀▀▀▀▀▀▀
          ▄▄▄▄      
     ▄▄█▀▀▀▄▄▀▀▀█▄▄  
   ▄█▀▄▄████████▄▄▀█▄
 ▄█▀▄██████████████▄▀█▄
▐█ ██████████████████ █▌
█▌▐██████████████████▌▐█
█▌▐██████████████████▌▐█
▐█ ██████████████████ █▌
 ▀█▄▀██████████████▀▄█▀
   ▀█▄▀▀████████▀▀▄█▀  
     ▀▀█▄▄▄▀▀▄▄▄█▀▀    
          ▀▀▀▀         
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
███▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀███
██▌                 ▐██
██▌                 ▐██
██▌                 ▐██
██▌                 ▐██
██▌                 ▐██
▐██                 ██▌
 ███▄             ▄███
  ▀███▄         ▄███▀ 
    ▀▀███▄▄▄▄▄███▀▀   
        ▀▀▀▀▀▀▀       
 
██ ████  ██████  ██████ ███ ████ ██████████████████████

..WHITEPAPER..





             ▄████▄▄   ▄
█▄          ██████████▀▄
███        ███████████▀
▐████▄     ██████████▌
▄▄██████▄▄▄▄█████████▌
▀████████████████████
  ▀█████████████████
  ▄▄███████████████
   ▀█████████████▀
    ▄▄█████████▀
▀▀██████████▀
    ▀▀▀▀▀





▄█████████████████████████▄
███████████████████████████
███████████████▀       ████
██████████████      ▄▄▄████
██████████████    ▐████████
██████████████    ▐████████
██████████            ▐████
██████████            █████
██████████████    ▐████████
██████████████    ▐████████
██████████████    ▐████████
▀█████████████    ▐███████▀





                   ▄▄████
              ▄▄████████▌
         ▄▄█████████▀███
    ▄▄██████████▀▀ ▄███▌
▄████████████▀▀  ▄█████
▀▀▀███████▀   ▄███████▌
      ██    ▄█████████
       █  ▄██████████▌
       █  ███████████
       █ ██▀ ▀██████▌
       ██▀     ▀████
                 ▀█▌
TryNinja
Hero Member
*****
Offline Offline

Activity: 770
Merit: 756


ChipMixer's Badge of Honor


View Profile
May 11, 2018, 06:35:12 PM
 #5

This is the js file (which can be found in the BitGo login page) and that your antivirus is detecting as malicious: https://www.bitgo.com/js/BitGoJS.14b27091ae4a5ec9.js

And there is nothing wrong with it (AFAIK). Thus this is most likely just a false positive.

acegilz
Full Member
***
Offline Offline

Activity: 179
Merit: 100

1ACEGiLZnZoG7KUNkMwAT8tBuJ6jsrwj5Q


View Profile
May 11, 2018, 08:02:17 PM
 #6

can please someone using avg visit that login page and check if it also appears?

I use avg mac for some years and this is the first time.. weird

I have tried different browsers / vpn and the error persists

acegilz
Full Member
***
Offline Offline

Activity: 179
Merit: 100

1ACEGiLZnZoG7KUNkMwAT8tBuJ6jsrwj5Q


View Profile
May 11, 2018, 09:18:23 PM
 #7

I have another computer running avg windows and there is no issue. Cry

However, after installing avg antivirus on another mac computer and the error pops up also when visiting the site so Im a little bit more relieved, the strange thing is that scanning the direct js link OR scanning that js file (after dl) even on avg shows no virus.

The trojan name just by itself JS::Banker-ACK scares the shit out of me, especially showing on bitgo.. .  Shocked

Koadharber
Hero Member
*****
Offline Offline

Activity: 784
Merit: 500



View Profile
May 12, 2018, 09:30:40 PM
 #8

This is the js file (which can be found in the BitGo login page) and that your antivirus is detecting as malicious: https://www.bitgo.com/js/BitGoJS.14b27091ae4a5ec9.js

And there is nothing wrong with it (AFAIK). Thus this is most likely just a false positive.
Ive been getting this notification too which it is detected with my ESET nod32 AV. which I do really see this is just a false positive yet that js file is really just into that log-in page and I had encountered some sites which do have that kind of detection. Sometimes these AV make me paranoid. Cheesy

.......PLAY MOBILE GAMES MINE ......
███     CRYPTO-TOKENS EARN REAL MONEY      ███
                    ▄▄██▄▄
                ▄▄██████████▄▄
            ▄▄███████▀▀▀████████▄
         ▄███████▀▀        ▀███████▄▄
     ▄▄███████▀      ▄▄▄▄      ▀███████▄▄
     ███████▄      ▒███████▄▄     ▀▀█████
      ▀▀███████▄▄     ▀▀███████▄▄     ▀▀█
          ▀▀███████▄▄     ▀▀███████▄
     ██▄      ▀███████▄▄      ▀████████▄
    ▐█████▄▄      ▀███████▄▄      ▀██████
      ▀███████▄▄     ▀▀███████▄▄     ▀▀██
         ▀▀███████▄▄     ▀▀███████▄▄
    ▐█▄▄     ▀▀███████▄      ▀▀███████▄▄
    ▐█████▄      ▀████████▄      ▀███████
     ▀███████▄▄      ▀█▀▀      ▄████████▀
         ▀███████▄▄        ▄▄███████▀
            ▀▀███████▄▄▄▄███████▀▀
                ▀▀██████████▀▀
                    ▀▀██▀▀
.
    
        █░████████████████████   █░████████████████████            ██████░           ██████                  ████░░  ████████████████████  ███░████ ███████░ ███   ░███           
       ██████░░░░░░░░░░░░░░░░    ░██░██░░░░░░░░░░░░░░░           ░████░██░░          ███████░              ██████░░  █████░░░░░░░░░░░░░░   █████░   ██████░  ███   ░██░           
       █████                     ░██░█                          ████░█░█████         █████████            ███████░░  █████                 ███░     ███ ░███ ████ ░███            
       ░░████░░░░░░░░░░░░░███    ░██░█                         █████░   █████        ██████████░         ░██░████░░  █████░░░░░░░░░░░░░█░  ███░     ███  ░███ ░██████             
         ██░█████████████████░█  ░██░█             ███░█     ░█████      █████░      █████ ████░█      ██████ ███░░  ██████████████████░░                                         
                          █████  ░██░█             █████    █░██░█        ░░████     █████  █░████   ░█████   ███░░  █████                                                        
                          █░███  ░██░█             ░████   ██████          ░█████    █████   ░██████████░█    ███░░  █████                                                        
        ██████████████████░████  ███████████████████████ ░█████              ██████  █████     █░███████░     ███░░  ████████████████████                                         
       ░██████████████████████    █░████████████████░█░ ██████                ██████ █████      ░██████       ███░░  ████████████████████ 
.

▄▀▀▀▀▀▀▀▀▀▀▀▄
█   ▄▄▄▄▄▄   ██▄
█  ▓▓▓▓▓▓▓▌  ████▄
█  ▓▓▓▓▓▓▓▌  ███████▄
█  ▓▓▓▓▓▓▓▌  ▐▓███████▄
█              ▀▀▀▀▀▀▀▀█
█  ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀  █
█                      █
█  ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀  █
█  ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄  █
█                      █
█  ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀  █
█                      █
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
.

                              ▄████▄
                        ▄▄█████▀▀███
                    ▄▄████▀▀     ███
              ▄▄▄████▀▀    ▄▄   ▐██
          ▄▄█████▀       ▄█▀    ██▌
     ▄▄████▀▀▀       ▄███▀      ██▌
    ████▀        ▄▄████▀       ▐██
     ██████▄▄  ▄█████▀         ██▌
          ▀████████           ▐██
            ▀████▌            ███
             ▀███  ▄██▄▄     ▐██▀
              ███▄███▀███▄   ███
              ▀███▀▀   ▀▀███▄██▌
                          ▀▀█▀▀
Conasse
Jr. Member
*
Offline Offline

Activity: 231
Merit: 3


View Profile
May 14, 2018, 09:04:16 PM
 #9

If BitGo was hacked it would be all over the news already and with a lot of posts about it here.
Surely a false positive I would say
squatz1
Hero Member
*****
Offline Offline

Activity: 784
Merit: 565



View Profile
May 15, 2018, 03:25:22 AM
 #10

I assure that that if BitGo was hacked we'd be in full meltdown mode, as a good amount of large exchanges (and large other companies) in crypto that control mass amounts of bitcoin use bitgo for their backend or even reserves. So this is probably just a false positive or somthing off of your side, nothing to be worried about if you're using 2fa anyway. Which I would always recommend

Or buy a trezor or a ledger.


       █
      ██
     ██
   ██ ██
 █ ██ ██
██ ██ ██
██ ██ ██
██ ██ ██
██ ██ ██
██ ██ ██

       █
      ██
     ██
   ██ ██
 █ ██ ██
██ ██ ██
██ ██ ██
██ ██ ██
██ ██ ██
██ ██ ██
  B

          ▄▄▄▄▄▄
     ▄▄████████████▄▄
   ▄█████▀▀    ▀▀█████▄
  ████▀            ▀████
 ████                ████
▐███                  ███▌
███▌                  ▐███
▐███           ▄▄     ███▌
 ████         ▀███▄  ▐███
  ████▄         ▀███▄███
   ▀█████▄▄     ▄█████▀
     ▀▀████████████▀▀
          ▀▀▀▀▀▀
T 
.Better. Quick..

.Transparent....






             ▄████▄▄   ▄
█▄          ██████████▀▄
███        ███████████▀
▐████▄     ██████████▌
▄▄██████▄▄▄▄█████████▌
▀████████████████████
  ▀█████████████████
  ▄▄███████████████
   ▀█████████████▀
    ▄▄█████████▀
▀▀██████████▀
    ▀▀▀▀▀






▄█████████████████████████▄
███████████████████████████
███████████████▀       ████
██████████████      ▄▄▄████
██████████████    ▐████████
██████████████    ▐████████
██████████            ▐████
██████████            █████
██████████████    ▐████████
██████████████    ▐████████
██████████████    ▐████████
▀█████████████    ▐███████▀






                   ▄▄████
              ▄▄████████▌
         ▄▄█████████▀███
    ▄▄██████████▀▀ ▄███▌
▄████████████▀▀  ▄█████
▀▀▀███████▀   ▄███████▌
      ██    ▄█████████
       █  ▄██████████▌
       █  ███████████
       █ ██▀ ▀██████▌
       ██▀     ▀████
                 ▀█▌
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!