Bitcoin Forum
January 26, 2020, 10:04:38 AM *
News: Latest Bitcoin Core release: 0.19.0.1 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: MALWARE SCAM - bittab.biz is impersonating bittab.io to spread malware  (Read 43 times)
logfiles
Copper Member
Sr. Member
****
Offline Offline

Activity: 490
Merit: 449


Citizen of The Bitcoin Republic


View Profile WWW
January 08, 2020, 04:42:26 AM
Merited by Coolcryptovator (3), Lafu (1), tvplus006 (1)
 #1

What happened: bittab.biz is impersonating bittab.io and hosting a malicious file which is infected with virus claiming that it's a bittab widget

Scammers Profile Link: Not in the forum

Scammer's Website: https://bittab.biz
Archived: http://archive.md/2bCmi
Genuine Website: https://bittab.io

Malicious File:

Code:
https://bitbucket.org/bittab/bittab/downloads/BitTabSetup2.1b.4.exe.exe

Malware Analysis:

42 engines detected that the file has malware
https://www.virustotal.com/gui/file/8f4c9bc0fc56bc67fb144245113617438a94e405c9aaadeb72600afac75a44c5/detection



bustadice         ▄▄████████████▄▄
     ▄▄████████▀▀▀▀████████▄▄
   ▄███████████    ███████████▄
  █████    ████▄▄▄▄████    █████
 ██████    ████████▀▀██    ██████
██████████████████   █████████████
█████████████████▌  ▐█████████████
███    ██████████   ███████    ███
███    ████████▀   ▐███████    ███
██████████████      ██████████████
██████████████      ██████████████
 ██████████████▄▄▄▄██████████████
  ▀████████████████████████████▀
                     ▄▄███████▄▄
                  ▄███████████████▄
   ███████████  ▄████▀▀       ▀▀████▄
               ████▀      ██     ▀████
 ███████████  ████        ██       ████
             ████         ██        ████
███████████  ████     ▄▄▄▄██        ████
             ████     ▀▀▀▀▀▀        ████
 ███████████  ████                 ████
               ████▄             ▄████
   ███████████  ▀████▄▄       ▄▄████▀
                  ▀███████████████▀
                     ▀▀███████▀▀
           ▄██▄
           ████
            ██
            ▀▀
 ▄██████████████████████▄
██████▀▀██████████▀▀██████
█████    ████████    █████
█████▄  ▄████████▄  ▄█████
██████████████████████████
██████████████████████████
    ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
    ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
       ████████████
[bustadice.
Play
bustadice]
1580033078
Hero Member
*
Offline Offline

Posts: 1580033078

View Profile Personal Message (Offline)

Ignore
1580033078
Reply with quote  #2

1580033078
Report to moderator
"This isn't the kind of software where we can leave so many unresolved bugs that we need a tracker for them." -- Satoshi
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1580033078
Hero Member
*
Offline Offline

Posts: 1580033078

View Profile Personal Message (Offline)

Ignore
1580033078
Reply with quote  #2

1580033078
Report to moderator
Lafu
Legendary
*
Offline Offline

Activity: 1400
Merit: 1311



View Profile
January 09, 2020, 11:15:58 AM
 #2

All links that i have seen and readed here on the Forum from Bitbucket always have and got Malware or Trojan software in it !

You can see that on the List i have done in my other thread https://bitcointalk.org/index.php?topic=5182222.0

Code:
Fake Source : https_://bitbucket.org/miningmentor/bluebeasts/downloads/BlueBeasts-Coin-qt_win32_V1.6.5.0.zip
Fake Source : https_://bitbucket.org/miningmentor/delorcoin/downloads/delor-ubuntu-16.04.tar.xz]delor-ubuntu-16.04.tar.xz
Fake Source : https_://bitbucket.org/miningmentor/blastx/downloads/blastx-v1.1.0-win64.zip
Fake Source : https_://bitbucket.org/miningmentor/coldwallet2020/downloads/Coldwallet2020-1.1-win64-setup.rar
Fake Source : https_://bitbucket.org/miningmentor/agouti/downloads/agu-win.zip
Fake Source : https_://bitbucket.org/HaLass/pvpcoin/downloads/playervsplayercoin-qt-linux.tar.gz
Fake Source : https_://bitbucket.org/tradebotcommunity/rainbowgoldcoin/downloads/rainbowgoldcoin_windows_wallet.rar
Fake Source : https_://bitbucket.org/Derbiz/dorobers/downloads/Pay2c-Windows-qt.zip
Fake Source : https_://bitbucket.org/tradebotcommunity/starnodes-qt/downloads/starnodes.rar
Fake Source : https_://bitbucket.org/develsoftware/gcc-coin/downloads/GCCcoin.rar
Fake Source : https_://bitbucket.org/Derbiz/dorobers/downloads/Bochacoin.Windows.zip
Fake Source : https_://bitbucket.org/astingl/resqchain/downloads/resq-3.1.2.1-Win.zip
Fake Source : https_://bitbucket.org/astingl/jmcminer/downloads/JMC.rar
Fake Source : https_://bitbucket.org/severokproject/severok/downloads/severok-1.0.0-win64.zip
Fake Source : https_://bitbucket.org/astingl/yllineum/downloads/Yllineum-qt.rar
Fake Source : https_://bitbucket.org/taonacoin/taonaproject/downloads/taona-2.2.2.0-win64.zip
Fake Source : https_://bitbucket.org/Deviljoes/deviljoe/downloads/GNET-qt.zip]www.gnet.work/GNET-qt
Fake Source : https_://bitbucket.org/astingl/new-jerusalem/downloads/New-Jerusalem_wallet.rar
Fake Source : https_://bitbucket.org/miningmentor/vzuh/downloads/VZUH-coin.rar
Fake Source : https_://bitbucket.org/diazcoin/diaz/downloads/diaz-window-64bit.zip
Fake Source : https_://bitbucket.org/miningmentor/kinkycoins-kink/downloads/kinkycoins-qt%20.rar
Fake Source : https_://bitbucket.org/miningmentor/dilithium_project/downloads/dilithium-1.0.1-win64.zip
Fake Github : https_://bitbucket.org/cryptoperfeckt/masters/downloads/playervsplayercoin-qt-windows.zip

There was not a single Link that was fine from there.

Sorry for off topic but just wanted to say that .

███████ ███████ ███████
███████ ███████ ███████
███████ ███████ ███████
███████ ███████ ███████
▄▄▄▄▄▄▄ ▄▄▄▄▄▄▄ ▄▄▄▄▄▄▄
███████ ███████ ███████
███████ ███████ ███████
███████ ███████ ███████
▀▀▀▀▀▀▀ ▀▀▀▀▀▀▀ ▀▀▀▀▀▀▀
███████ ███████ ███████
███████ ███████ ███████
███████ ███████ ███████
███████ ███████ ███████
..SudokuWallet..██
██
██
██
██
██
██
██
██
██
██
██
██
                     ▄▄████▄▄
                    ▄████████▄

         ▄▄█████▄▄  █████████████████
       ▄███████████████████████████████
      ▄████████████████████████████████
      ██████████████████████████████████
      ▀██████████████████████████████████████▄▄
       ▀█████████████████████████████████████████▄▄
     ▄█████████████████████████████████████████████████▄▄▄▄▄
 ▄▄▄█
████████████████████████████████████████▀▀██████████████████▄
▀▀▀█████████████▀▀▀███
██████▀▀▀███████████           ▀▀▀▀▀▀▀
      ▀████████▀      ▀▀▀▀▀       ▀███████▀
       ▀▀████▀▀
██
██
██
██
██
██
██
██
██
██
██
██
██
          ▄ ▄▀▄
         █▄▀▄▀
        ███▀
      █▄██

       █
██
    ▄▄▀
   ██▄▄
  ▄▀  ▄▀ █
████▄
 █  ▄▀ ▄  █
█████
█ ▄▀  ▄▀ █ █
██████
█ █ ▄▀ █  ██
██████
▀▄▀▄█ █  ███
█████▀
 ▀▄▀█▄ █ ██
█████▀
   ▀▀████
████▀▀
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!