Bitcoin Forum
December 08, 2016, 10:24:58 PM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1] 2 »  All
  Print  
Author Topic: Warning: Fake Casascius Physical Bitcoins website  (Read 6831 times)
casascius
Mike Caldwell
VIP
Legendary
*
Offline Offline

Activity: 1344


The Casascius 1oz 10BTC Silver Round (w/ Gold B)


View Profile WWW
October 25, 2011, 04:04:16 PM
 #1

I have learned today that someone has created a fake Casascius Physical Bitcoins website at http://casascius.net.  The operator of this site is also emailing the MtGox leak list.  It takes orders you'll never receive.

The real Casascius Physical Bitcoins site is at https://www.casascius.com.

I don't suppose there's a whole lot I can do about it.  It's flattering and to be expected I suppose, but alarming nonetheless.

Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable.  I never believe them.  If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins.  I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion.  Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice.  Don't keep coins online. Use paper wallets instead.
1481235898
Hero Member
*
Offline Offline

Posts: 1481235898

View Profile Personal Message (Offline)

Ignore
1481235898
Reply with quote  #2

1481235898
Report to moderator
1481235898
Hero Member
*
Offline Offline

Posts: 1481235898

View Profile Personal Message (Offline)

Ignore
1481235898
Reply with quote  #2

1481235898
Report to moderator
1481235898
Hero Member
*
Offline Offline

Posts: 1481235898

View Profile Personal Message (Offline)

Ignore
1481235898
Reply with quote  #2

1481235898
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
MemoryDealers
VIP
Legendary
*
Offline Offline

Activity: 1006



View Profile WWW
October 25, 2011, 04:26:15 PM
 #2

I don't understand these people.

With the skill set and effort involved in making that fake site,  they could just as easily provide a real good or service that people want, and make an honest living.

A few years back I had a similar problem with www.memorydealerS.com vs www.memorydealer(no S).com

For a few thousand dollars ICANN was able to reassign the domain to myself.

It might also be worth it in your case.

There are lots of lawyers that do this kind of thing.

http://www.dnattorney.com/

Stephen Gornick
Legendary
*
Offline Offline

Activity: 2002



View Profile
October 25, 2011, 04:33:10 PM
 #3

The bitcoin address it provided after filling out the form with junk info was: 1GHRsryckBsSfKgv6zbun5egbxq8GCT8f1

I see no coins sent to it yet.   Hopefully that is a static address given out to all and thus nobody got defrauded so far.

I suspect this could be taken down with a DDoS fairly easily though that would be a violation of the law in my jurisdiction so I couldn't participate.

ThomasV
Legendary
*
Offline Offline

Activity: 1722



View Profile WWW
October 25, 2011, 04:38:41 PM
 #4

I suspect this could be taken down with a DDoS fairly easily though that would be a violation of the law in my jurisdiction so I couldn't participate.

Slashdot it; it's legal, and as efficient as DDoS.
(the problem if you do that is that .com too will be slashdotted)

Electrum: the convenience of a web wallet, without the risks
doobadoo
Sr. Member
****
Offline Offline

Activity: 364


View Profile
October 25, 2011, 05:14:50 PM
 #5

I don't understand these people.

With the skill set and effort involved in making that fake site,  they could just as easily provide a real good or service that people want, and make an honest living.

http://www.dnattorney.com/

So if we take your logic to its natural conclusion, there must be some other incentive to doing this.  Occam's Razor says its some kiddie scammer.  But my conspiracy theory side thinks this is part of ongoing attempts to undermine bitcoin itself.  Coming from whom/what organization/person?  No evidence.

"It is, quite honestly, the biggest challenge to central banking since Andrew Jackson." -evoorhees
epetroel
Sr. Member
****
Offline Offline

Activity: 428


View Profile
October 25, 2011, 05:25:49 PM
 #6

I would have suggested a DMCA takedown notice, but looks like the site is in Russia, so that wouldn't help.
the founder
Sr. Member
****
Offline Offline

Activity: 448


Bitcoin


View Profile WWW
October 25, 2011, 05:31:22 PM
 #7

I agree with Roger,  take down will work...  any .com, .net, or .org (as well as most other non-country) extensions the registrar must support the agreement.


Bitcoin RSS App / Bitcoin Android App / Bitcoin Webapp http://www.ounce.me  Say thank you here:  1HByHZQ44LUCxxpnqtXDuJVmrSdrGK6Q2f
sadpandatech
Hero Member
*****
Offline Offline

Activity: 504



View Profile
October 25, 2011, 05:32:02 PM
 #8

I would have suggested a DMCA takedown notice, but looks like the site is in Russia, so that wouldn't help.

 Same suggestion and agree it might be usless in other countries. Though, it kinda depends on the host in RU and how convincing(preofessionl sweet talk) you can be with the company.

  That aside, its pretty fugged up for someone to do....  Any of our usual Internet Detectives have any info on source?

   Cheers

If you're not excited by the idea of being an early adopter 'now', then you should come back in three or four years and either tell us "Told you it'd never work!" or join what should, by then, be a much more stable and easier-to-use system. - GA
It is being worked on by smart people. -DamienBlack
epetroel
Sr. Member
****
Offline Offline

Activity: 428


View Profile
October 25, 2011, 05:32:52 PM
 #9

Reported the site here:

http://www.google.com/safebrowsing/report_phish/

If others do as well, it should help to get the site blacklisted by google, chrome, and probably other browsers as well
sadpandatech
Hero Member
*****
Offline Offline

Activity: 504



View Profile
October 25, 2011, 05:35:41 PM
 #10

Reported the site here:

http://www.google.com/safebrowsing/report_phish/

If others do as well, it should help to get the site blacklisted by google, chrome, and probably other browsers as well

 +1 and submitted.

If you're not excited by the idea of being an early adopter 'now', then you should come back in three or four years and either tell us "Told you it'd never work!" or join what should, by then, be a much more stable and easier-to-use system. - GA
It is being worked on by smart people. -DamienBlack
epetroel
Sr. Member
****
Offline Offline

Activity: 428


View Profile
October 25, 2011, 05:36:02 PM
 #11

I would have suggested a DMCA takedown notice, but looks like the site is in Russia, so that wouldn't help.

 Same suggestion and agree it might be usless in other countries. Though, it kinda depends on the host in RU and how convincing(preofessionl sweet talk) you can be with the company.

  That aside, its pretty fugged up for someone to do....  Any of our usual Internet Detectives have any info on source?

   Cheers

Well, host is http://www.clodo.ru so that might be a good place to start.  Site is all in Russian though, so I can't make heads or tails of it.
sadpandatech
Hero Member
*****
Offline Offline

Activity: 504



View Profile
October 25, 2011, 05:58:35 PM
 #12

I would have suggested a DMCA takedown notice, but looks like the site is in Russia, so that wouldn't help.

 Same suggestion and agree it might be usless in other countries. Though, it kinda depends on the host in RU and how convincing(preofessionl sweet talk) you can be with the company.

  That aside, its pretty fugged up for someone to do....  Any of our usual Internet Detectives have any info on source?

   Cheers

Well, host is http://www.clodo.ru so that might be a good place to start.  Site is all in Russian though, so I can't make heads or tails of it.

http://translate.google.com/translate?hl=en&sl=ru&u=http://clodo.ru/&ei=avimTq2UDZGDtge6z4T4Dw&sa=X&oi=translate&ct=result&resnum=1&sqi=2&ved=0CB8Q7gEwAA&prev=/search%3Fq%3Dhttp://www.clodo.ru/%26hl%3Den%26biw%3D1920%26bih%3D907%26prmd%3Dimvns

 Bitcoinwatch has a link to this post in there latest news already, which is good atleast.

If you're not excited by the idea of being an early adopter 'now', then you should come back in three or four years and either tell us "Told you it'd never work!" or join what should, by then, be a much more stable and easier-to-use system. - GA
It is being worked on by smart people. -DamienBlack
graingert
Full Member
***
Offline Offline

Activity: 227


View Profile WWW
October 25, 2011, 06:20:01 PM
 #13

Down-rating the site on the Web Of Trust is also a good plan: http://www.mywot.com/en/scorecard/casascius.net

 *Image Removed*
shockD
Member
**
Offline Offline

Activity: 93


View Profile
October 25, 2011, 08:13:06 PM
 #14

The bitcoin address it provided after filling out the form with junk info was: 1GHRsryckBsSfKgv6zbun5egbxq8GCT8f1

I see no coins sent to it yet.   Hopefully that is a static address given out to all and thus nobody got defrauded so far.

I suspect this could be taken down with a DDoS fairly easily though that would be a violation of the law in my jurisdiction so I couldn't participate.

I got the same payment address when using junk info for the form as well, just FYI. Sadly I'm seeing 33.64 BTC in that address in block explorer currently.
RandyFolds
Sr. Member
****
Offline Offline

Activity: 434



View Profile
October 25, 2011, 08:45:33 PM
 #15

The bitcoin address it provided after filling out the form with junk info was: 1GHRsryckBsSfKgv6zbun5egbxq8GCT8f1

I see no coins sent to it yet.   Hopefully that is a static address given out to all and thus nobody got defrauded so far.

I suspect this could be taken down with a DDoS fairly easily though that would be a violation of the law in my jurisdiction so I couldn't participate.

I got the same payment address when using junk info for the form as well, just FYI. Sadly I'm seeing 33.64 BTC in that address in block explorer currently.

That's too bad.

I reported the site to google as well. Hopefully if a bunch of people report it, it'll get blacklisted sooner.


▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓
▓▓ ONEDICE.ME ▓▓▓▓▓ BEST DICE EXPERIENCE ▓▓▓▓ PLAY OR INVEST ▓▓▓▓▓▓
▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓
md2k7
Newbie
*
Offline Offline

Activity: 16


View Profile
October 26, 2011, 08:42:46 PM
 #16

I would have been surprised to see a reputable merchant using the Mt.Gox leak list...

Anyway, casascius.net seems to redirect to www.casascius.com for me, so you got to fix the problem?

Yours
David
casascius
Mike Caldwell
VIP
Legendary
*
Offline Offline

Activity: 1344


The Casascius 1oz 10BTC Silver Round (w/ Gold B)


View Profile WWW
October 26, 2011, 08:44:08 PM
 #17

I would have been surprised to see a reputable merchant using the Mt.Gox leak list...

Anyway, casascius.net seems to redirect to www.casascius.com for me, so you got to fix the problem?

Yours
David

No, the scammer still controls casascius.net, and did that redirect, and is asking me for a ransom.  Attacker could change it anytime.

Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable.  I never believe them.  If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins.  I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion.  Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice.  Don't keep coins online. Use paper wallets instead.
DeathAndTaxes
Donator
Legendary
*
Offline Offline

Activity: 1218


Gerald Davis


View Profile
October 26, 2011, 08:58:22 PM
 #18

One thing make sure you don't make the bad site an actual link (in forum postings which auto generate links).  It will drive up search engine results because the site is more "popular".
sadpandatech
Hero Member
*****
Offline Offline

Activity: 504



View Profile
October 26, 2011, 09:02:30 PM
 #19

I would have been surprised to see a reputable merchant using the Mt.Gox leak list...

Anyway, casascius.net seems to redirect to www.casascius.com for me, so you got to fix the problem?

Yours
David

No, the scammer still controls casascius.net, and did that redirect, and is asking me for a ransom.  Attacker could change it anytime.

  LOL, out of curiosity, what are the terms? 

  I'd contact his domain registar, a company in the Bahamas. And the dns provider. I am not sure that the .bs company could blacklist the dns for it or revoke the registration or that they would give a crap, but its worth a try.

If you're not excited by the idea of being an early adopter 'now', then you should come back in three or four years and either tell us "Told you it'd never work!" or join what should, by then, be a much more stable and easier-to-use system. - GA
It is being worked on by smart people. -DamienBlack
Raoul Duke
aka psy
Legendary
*
Offline Offline

Activity: 1442



View Profile
October 26, 2011, 09:43:39 PM
 #20

I would have been surprised to see a reputable merchant using the Mt.Gox leak list...

Anyway, casascius.net seems to redirect to www.casascius.com for me, so you got to fix the problem?

Yours
David

No, the scammer still controls casascius.net, and did that redirect, and is asking me for a ransom.  Attacker could change it anytime.

  LOL, out of curiosity, what are the terms? 

  I'd contact his domain registar, a company in the Bahamas. And the dns provider. I am not sure that the .bs company could blacklist the dns for it or revoke the registration or that they would give a crap, but its worth a try.

All internetbs.net will do is to forward all mails to him. They are a nice registrar Wink Altho they have offices in the UK if I'm not mistaken. Maybe the UK company will comply with lawful requests.

Pages: [1] 2 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!