Bitcoin Forum
March 28, 2024, 06:50:34 PM *
News: Latest Bitcoin Core release: 26.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Someone is sending fake Bitmaintech emails with attached wallet stealer  (Read 7364 times)
xzempt (OP)
Hero Member
*****
Offline Offline

Activity: 504
Merit: 500


View Profile
July 17, 2014, 03:25:41 PM
 #1

Just got this in an email overnight.






-----------------------------------------


Dear User

Thank you For shopping form bitmaintech.com

we have received Miner order

we have send you link invoice to see shipping adress and  product
 
To show invoice , go to:

it had a url that went to vanguardsingle.com.au/xxxxxxxxxx/invoice.pdf..........jar



Regards,


Administration of  bitmaintech.com

be careful please.
1711651834
Hero Member
*
Offline Offline

Posts: 1711651834

View Profile Personal Message (Offline)

Ignore
1711651834
Reply with quote  #2

1711651834
Report to moderator
1711651834
Hero Member
*
Offline Offline

Posts: 1711651834

View Profile Personal Message (Offline)

Ignore
1711651834
Reply with quote  #2

1711651834
Report to moderator
"If you don't want people to know you're a scumbag then don't be a scumbag." -- margaritahuyan
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
1711651834
Hero Member
*
Offline Offline

Posts: 1711651834

View Profile Personal Message (Offline)

Ignore
1711651834
Reply with quote  #2

1711651834
Report to moderator
1711651834
Hero Member
*
Offline Offline

Posts: 1711651834

View Profile Personal Message (Offline)

Ignore
1711651834
Reply with quote  #2

1711651834
Report to moderator
byt411
Hero Member
*****
Offline Offline

Activity: 798
Merit: 1000


View Profile
July 17, 2014, 03:27:12 PM
 #2

Seems like scammers are trying everything they can to phish for bitcoins these days. Simply follow the golden rule:
Don't click on links from people you don't know.
achtung082
Sr. Member
****
Offline Offline

Activity: 358
Merit: 255


View Profile
July 17, 2014, 03:37:42 PM
 #3

I have been getting these for the past week or so all claiming to be from different vendors.


 

Support sidehack projects: 1BURGERAXHH6Yi6LRybRJK7ybEm5m5HwTr
My Sales Wallet BTC:bc1qxtxsc86lessnrsm52gf7qgmqle75htdr03zdd7 - LTC:LNLKyKkGNCJakZudGjc2qg26yYz7oeo92k - ETH:0xDf1b17872D9Ff22F04270BbDA13556B3E1649E27
dethdeks
Full Member
***
Offline Offline

Activity: 206
Merit: 100



View Profile
August 23, 2014, 05:41:02 AM
 #4

i just got something similar from sales@bitmaintech.com but all mine said was payment confirmation and then a invoice_424.jar file.

Donations Accepted
LTC: Lcv7XmxnHJ7BhRjXjzCUBJ4Cfrq43SA5qc
BTC: 16mHGGVgntqtTmrddud8BFgN3XAsBobvVe
Collider
Hero Member
*****
Offline Offline

Activity: 714
Merit: 500



View Profile
August 23, 2014, 07:39:40 AM
 #5

jar files are java executable, don´t download it (there is only a very small amount of software that is actually a jar, and you would rememer ordering such a software).

This has happened with several spoofed email adresses of hardware manufacturers, so it is more likely the actual email list was leaked on another platform
(or that all email adresses from these manufacturers are stored in an unsafe way)
wh00per
Hero Member
*****
Offline Offline

Activity: 571
Merit: 500



View Profile
August 23, 2014, 05:41:41 PM
 #6

The mining business is transforming Smiley now the emergent tech is to mine wallets directly .. LOL

CSA/cUL Certified Power Distribution Panels - Basic, Switched, Metered. 1-3 phases. Up to 600V. NMC:N4F9qvHz11BHcc4nh1LCJFsrZhA1EWgVwj
bitgeek
Sr. Member
****
Offline Offline

Activity: 462
Merit: 251



View Profile
August 23, 2014, 07:16:30 PM
 #7

LOL fake emails never get old Cheesy


███████████████████████████████
███████████████████████████████
████████████████████████████████
████████████████████████████████
██████████████████████████████████
██████████████████████████████████████████
█████████████████████████████████████████
███████████████████████████████████████
█████████████████████████████████████
█████████████████████████████████████
█████████████████████████████████████
███████████████████████████████████
█████████████████████████████████████
█████████████████████████████████████

.

.

.

Online.BTC.Bingo

.

.

.*500%.CASH.BACK.+.INSTANT.BONUS
..PROGRESSIVE.JACKPOT
..NO-DOWNLOAD.CLIENT
.

.

.

EPIC.FUN.
Anddos
Sr. Member
****
Offline Offline

Activity: 378
Merit: 250


View Profile
August 23, 2014, 10:52:53 PM
 #8

cant even spell address properly,what scrubs

Gogreen
Sr. Member
****
Offline Offline

Activity: 392
Merit: 250



View Profile
August 24, 2014, 05:09:33 AM
 #9

What a pity ,that they can't find a decent job. Instead go around the web stealing people money that doesn't belong to them.

Bitcoin mining Antminer s7 4.7 TH Used in Good Condition Best Offer Prices @ ebay seller order directly here https://goo.gl/uaoh1r. Bitcoin payment optional.
ojm
Newbie
*
Offline Offline

Activity: 13
Merit: 0


View Profile
October 14, 2014, 08:08:22 AM
Last edit: October 14, 2014, 08:19:21 AM by ojm
 #10

Received an email today from them. Unsure how they got my mail address.

Subject:
[Bitmaintech.com]  Invoice Payment (#4142)

Message:
Invoice Payment Confirmation

Kind regards ,
Bitmain Tech

14836 E Valley Blvd
La Puente, CA 91746
Email: support@bitmaintech.com
Phone: (888) 933-2313

Attachment:
invoice_4142.jar


Using Gmail, it didn't reach my spam, right in my main inbox.
Lassi
Member
**
Offline Offline

Activity: 70
Merit: 10


Burn the wings off those bastards.


View Profile WWW
October 14, 2014, 10:48:11 AM
 #11

Viper (Scrypt) Miner - Alpha Technology email came in with a JAR file as well.

Someone pushing it hard.

Now it's time for the FTC to put everything Butterfly Labs has done through the magnifying glass and then burn the wings off those bastards.
opieum2
Hero Member
*****
Offline Offline

Activity: 532
Merit: 500


View Profile
October 14, 2014, 01:07:38 PM
 #12

The question noone seems to be asking is....how did they get those emails in the first place? It seems there may be a common thread there. Was BCT hacked and we are not aware of it? Or were one of the vendors hacked and the emails gotten that way? There clearly was a security breach or else the scammers would not know to specifically target people who have bought mining hardware.

"amtminers scam joshua zipkin scammer"
-Joshua Zipkin leaked skype chats http://bit.ly/1s7U2Yb
-For bitcoin to succeed the community must police itself.
Gws24
Hero Member
*****
Offline Offline

Activity: 537
Merit: 524


View Profile
October 14, 2014, 02:05:03 PM
 #13

About a month a go I was getting these spam emails with a jar attached from knc, cointerra and cloudhashing. Never registered with two of them so I'm guessing my emailaddress was leaked from somewhere else.

recently i started getting phising emails from various well known businesses such as btc-e , minereu , and many other exchange sites.

Not sure if it is only me but is there something i am missing? I will get about 4-5 a week. Anyone else having this same problem?

There's been so many bitcoin site hacks over the years that if you've been in it long enough it's all but guaranteed you have an email on a list somewhere.  If you're lucky, you used a throw-away/spam only address.  MtGox and Bitstamp both had database compromises that at the very least dumped a complete list of all their users emails on multiple occasions.

Just be careful about opening attachments as usual (aka: don't do it).  I probably get about a dozen a week with .jar files attached pretending to be invoices/miner screenshots.
Also, btctalk was ofcourse hacked a while back so not surprising my emailaddress is out there.


Also, this spam/phishing with jar files is nothing new:

https://bitcointalk.org/index.php?topic=694747.0
https://bitcointalk.org/index.php?topic=774167.0
https://bitcointalk.org/index.php?topic=652085.0
dogie
Legendary
*
Offline Offline

Activity: 1666
Merit: 1183


dogiecoin.com


View Profile WWW
October 14, 2014, 02:13:05 PM
 #14

Received an email today from them. Unsure how they got my mail address.

Subject:
[Bitmaintech.com]  Invoice Payment (#4142)

Message:
Invoice Payment Confirmation

Kind regards ,
Bitmain Tech

14836 E Valley Blvd
La Puente, CA 91746
Email: support@bitmaintech.com
Phone: (888) 933-2313

Attachment:
invoice_4142.jar


Using Gmail, it didn't reach my spam, right in my main inbox.

I had one in this format

MrTeal
Legendary
*
Offline Offline

Activity: 1274
Merit: 1004


View Profile
October 14, 2014, 09:07:02 PM
 #15

I just got an email with a shipping notice from Bitcoinrigs.org, even though I've never ordered anything from them.
The reply to address appears to be from Stamps.com, through I didn't actually load any of the content to look at it.

I wonder if they're related?
opieum2
Hero Member
*****
Offline Offline

Activity: 532
Merit: 500


View Profile
October 14, 2014, 09:35:52 PM
 #16

Maybe it's BFL or AMT both desperate for cash seeing how they could not get away with scamming new customers and need other sources of revenue Tongue

"amtminers scam joshua zipkin scammer"
-Joshua Zipkin leaked skype chats http://bit.ly/1s7U2Yb
-For bitcoin to succeed the community must police itself.
okae
Legendary
*
Offline Offline

Activity: 1399
Merit: 1004


northern exposure


View Profile WWW
October 15, 2014, 10:49:35 AM
 #17

ty xzempt for advert us, maybe some ppl will think that this is stupid and only stupid ppl got scammed, but beleive me, there is lot of ppl that got scammed bacause of that scam emails.

LOL fake emails never get old Cheesy

and this is a real problem, there is always ppl trying to fu*k you, as i always recommend, common sense is the best wall you can have agains those things.

IMHO #1.b of suspects, Hal Finney is/was S.N.
Sunderland
Sr. Member
****
Offline Offline

Activity: 1134
Merit: 366


Bitcoin Casino Est. 2013


View Profile
October 15, 2014, 03:28:24 PM
 #18

.Jar , yes must careful when download this kind of file.
And now i see some scammer try to spread this via skype , they act nicely ,talk something good and at last he will send some file for us to download.
Maybe he will say that file is bot , free btc etc.

███▄▀██▄▄
░░▄████▄▀████ ▄▄▄
░░████▄▄▄▄░░█▀▀
███ ██████▄▄▀█▌
░▄░░███▀████
░▐█░░███░██▄▄
░░▄▀░████▄▄▄▀█
░█░▄███▀████ ▐█
▀▄▄███▀▄██▄
░░▄██▌░░██▀
░▐█▀████ ▀██
░░█▌██████ ▀▀██▄
░░▀███
▄▄██▀▄███
▄▄▄████▀▄████▄░░
▀▀█░░▄▄▄▄████░░
▐█▀▄▄█████████
████▀███░░▄░
▄▄██░███░░█▌░
█▀▄▄▄████░▀▄░░
█▌████▀███▄░█░
▄██▄▀███▄▄▀
▀██░░▐██▄░░
██▀████▀█▌░
▄██▀▀██████▐█░░
███▀░░
DrG
Legendary
*
Offline Offline

Activity: 2086
Merit: 1035


View Profile
October 15, 2014, 07:26:21 PM
 #19

For new uses, simple ways to protect your coins:
1) Don't access the web/internet on the machine that hosts your wallet
2) If you have the time, move/convert your wallet (the file with your private keys) into a paper wallet.  Paper might be ancient but I have yet to see a trojan/malware that is able to read paper (except somebody hacking your webcam)
3) If using a digital wallet file, encrypt it with a password/passphrase that is unique (not used anywhere else) and is difficult enough to not be bruteforced
4) Learn to use cold wallets and put the majority of your coins in that wallet

Learn to use the tools that the community has created.  There are several alternatives to the base Bitcoin-QT that can offer increased security options.  If you have a significant value of coins it may be prudent to invest a little time learning how to use something like a cold walllet with Armory or one of the other alternative clients:
https://bitcointalk.org/index.php?board=37.0

Armory has a walkthough of how to make a offline/cold wallet here:
https://bitcoinarmory.com/about/using-our-wallet/
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!