Bitcoin Forum
September 18, 2018, 10:32:47 PM *
News: ♦♦ Bitcoin Core users must update to 0.16.3 [Torrent]. More info.
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Someone is sending fake Bitmaintech emails with attached wallet stealer  (Read 7266 times)
xzempt
Hero Member
*****
Offline Offline

Activity: 504
Merit: 500


View Profile
July 17, 2014, 03:25:41 PM
 #1

Just got this in an email overnight.






-----------------------------------------


Dear User

Thank you For shopping form bitmaintech.com

we have received Miner order

we have send you link invoice to see shipping adress and  product
 
To show invoice , go to:

it had a url that went to vanguardsingle.com.au/xxxxxxxxxx/invoice.pdf..........jar



Regards,


Administration of  bitmaintech.com

be careful please.
1537309967
Hero Member
*
Offline Offline

Posts: 1537309967

View Profile Personal Message (Offline)

Ignore
1537309967
Reply with quote  #2

1537309967
Report to moderator
1537309967
Hero Member
*
Offline Offline

Posts: 1537309967

View Profile Personal Message (Offline)

Ignore
1537309967
Reply with quote  #2

1537309967
Report to moderator
1537309967
Hero Member
*
Offline Offline

Posts: 1537309967

View Profile Personal Message (Offline)

Ignore
1537309967
Reply with quote  #2

1537309967
Report to moderator
Einax Airdrops and Bounties made easy! List your ERC-20 token
FREE
ETH markets launching soon!
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1537309967
Hero Member
*
Offline Offline

Posts: 1537309967

View Profile Personal Message (Offline)

Ignore
1537309967
Reply with quote  #2

1537309967
Report to moderator
1537309967
Hero Member
*
Offline Offline

Posts: 1537309967

View Profile Personal Message (Offline)

Ignore
1537309967
Reply with quote  #2

1537309967
Report to moderator
byt411
Hero Member
*****
Offline Offline

Activity: 798
Merit: 1000


View Profile
July 17, 2014, 03:27:12 PM
 #2

Seems like scammers are trying everything they can to phish for bitcoins these days. Simply follow the golden rule:
Don't click on links from people you don't know.
achtung082
Sr. Member
****
Offline Offline

Activity: 328
Merit: 252


View Profile
July 17, 2014, 03:37:42 PM
 #3

I have been getting these for the past week or so all claiming to be from different vendors.


 

Please support sidehack with his miner projects Send to : 1BURGERAXHH6Yi6LRybRJK7ybEm5m5HwTr
My Sales Wallet
BTC:14A7W4hWAL8uLgVdGvrseHYkVvo5TGAgtX - LTC:LNLKyKkGNCJakZudGjc2qg26yYz7oeo92k - BCH:16ZSZvkuQXDqhBi4o2RPMVx8t7aVkqKGGC
dethdeks
Full Member
***
Offline Offline

Activity: 208
Merit: 100



View Profile
August 23, 2014, 05:41:02 AM
 #4

i just got something similar from sales@bitmaintech.com but all mine said was payment confirmation and then a invoice_424.jar file.

Donations Accepted
LTC: Lcv7XmxnHJ7BhRjXjzCUBJ4Cfrq43SA5qc
BTC: 16mHGGVgntqtTmrddud8BFgN3XAsBobvVe
Collider
Hero Member
*****
Offline Offline

Activity: 644
Merit: 500



View Profile
August 23, 2014, 07:39:40 AM
 #5

jar files are java executable, don´t download it (there is only a very small amount of software that is actually a jar, and you would rememer ordering such a software).

This has happened with several spoofed email adresses of hardware manufacturers, so it is more likely the actual email list was leaked on another platform
(or that all email adresses from these manufacturers are stored in an unsafe way)

....TRUEPLAY.io....♣ TRANSPARENT AND HONEST GAMBLING PLATFORM
PRE-SALE STARTS 15th APR, 2018
♠ 30% DISCOUNT
    SITE
ANN THREAD
WALLET
wh00per
Hero Member
*****
Offline Offline

Activity: 564
Merit: 500



View Profile
August 23, 2014, 05:41:41 PM
 #6

The mining business is transforming Smiley now the emergent tech is to mine wallets directly .. LOL

CSA/cUL Certified Power Distribution Panels - Basic, Switched, Metered. 1-3 phases. Up to 600V. NMC:N4F9qvHz11BHcc4nh1LCJFsrZhA1EWgVwj
bitgeek
Sr. Member
****
Offline Offline

Activity: 462
Merit: 250



View Profile
August 23, 2014, 07:16:30 PM
 #7

LOL fake emails never get old Cheesy


███████████████████████████████
███████████████████████████████
████████████████████████████████
████████████████████████████████
██████████████████████████████████
██████████████████████████████████████████
█████████████████████████████████████████
███████████████████████████████████████
█████████████████████████████████████
█████████████████████████████████████
█████████████████████████████████████
███████████████████████████████████
█████████████████████████████████████
█████████████████████████████████████

.

.

.

Online.BTC.Bingo

.

.

.*500%.CASH.BACK.+.INSTANT.BONUS
..PROGRESSIVE.JACKPOT
..NO-DOWNLOAD.CLIENT
.

.

.

EPIC.FUN.
Anddos
Sr. Member
****
Offline Offline

Activity: 378
Merit: 250


View Profile
August 23, 2014, 10:52:53 PM
 #8

cant even spell address properly,what scrubs

Gogreen
Sr. Member
****
Offline Offline

Activity: 378
Merit: 250



View Profile
August 24, 2014, 05:09:33 AM
 #9

What a pity ,that they can't find a decent job. Instead go around the web stealing people money that doesn't belong to them.

Bitcoin mining Antminer s7 4.7 TH Used in Good Condition Best Offer Prices @ ebay seller order directly here https://goo.gl/uaoh1r. Bitcoin payment optional.
ojm
Newbie
*
Offline Offline

Activity: 13
Merit: 0


View Profile
October 14, 2014, 08:08:22 AM
 #10

Received an email today from them. Unsure how they got my mail address.

Subject:
[Bitmaintech.com]  Invoice Payment (#4142)

Message:
Invoice Payment Confirmation

Kind regards ,
Bitmain Tech

14836 E Valley Blvd
La Puente, CA 91746
Email: support@bitmaintech.com
Phone: (888) 933-2313

Attachment:
invoice_4142.jar


Using Gmail, it didn't reach my spam, right in my main inbox.
Lassi
Member
**
Offline Offline

Activity: 70
Merit: 10


Burn the wings off those bastards.


View Profile WWW
October 14, 2014, 10:48:11 AM
 #11

Viper (Scrypt) Miner - Alpha Technology email came in with a JAR file as well.

Someone pushing it hard.

Now it's time for the FTC to put everything Butterfly Labs has done through the magnifying glass and then burn the wings off those bastards.
opieum2
Hero Member
*****
Offline Offline

Activity: 532
Merit: 500


View Profile
October 14, 2014, 01:07:38 PM
 #12

The question noone seems to be asking is....how did they get those emails in the first place? It seems there may be a common thread there. Was BCT hacked and we are not aware of it? Or were one of the vendors hacked and the emails gotten that way? There clearly was a security breach or else the scammers would not know to specifically target people who have bought mining hardware.

"amtminers scam joshua zipkin scammer"
-Joshua Zipkin leaked skype chats http://bit.ly/1s7U2Yb
-For bitcoin to succeed the community must police itself.
Gws24
Hero Member
*****
Offline Offline

Activity: 489
Merit: 502


View Profile
October 14, 2014, 02:05:03 PM
 #13

About a month a go I was getting these spam emails with a jar attached from knc, cointerra and cloudhashing. Never registered with two of them so I'm guessing my emailaddress was leaked from somewhere else.

recently i started getting phising emails from various well known businesses such as btc-e , minereu , and many other exchange sites.

Not sure if it is only me but is there something i am missing? I will get about 4-5 a week. Anyone else having this same problem?

There's been so many bitcoin site hacks over the years that if you've been in it long enough it's all but guaranteed you have an email on a list somewhere.  If you're lucky, you used a throw-away/spam only address.  MtGox and Bitstamp both had database compromises that at the very least dumped a complete list of all their users emails on multiple occasions.

Just be careful about opening attachments as usual (aka: don't do it).  I probably get about a dozen a week with .jar files attached pretending to be invoices/miner screenshots.
Also, btctalk was ofcourse hacked a while back so not surprising my emailaddress is out there.


Also, this spam/phishing with jar files is nothing new:

https://bitcointalk.org/index.php?topic=694747.0
https://bitcointalk.org/index.php?topic=774167.0
https://bitcointalk.org/index.php?topic=652085.0
dogie
Legendary
*
Offline Offline

Activity: 1526
Merit: 1050


dogiecoin.com


View Profile WWW
October 14, 2014, 02:13:05 PM
 #14

Received an email today from them. Unsure how they got my mail address.

Subject:
[Bitmaintech.com]  Invoice Payment (#4142)

Message:
Invoice Payment Confirmation

Kind regards ,
Bitmain Tech

14836 E Valley Blvd
La Puente, CA 91746
Email: support@bitmaintech.com
Phone: (888) 933-2313

Attachment:
invoice_4142.jar


Using Gmail, it didn't reach my spam, right in my main inbox.

I had one in this format

MrTeal
Legendary
*
Offline Offline

Activity: 1274
Merit: 1000


View Profile
October 14, 2014, 09:07:02 PM
 #15

I just got an email with a shipping notice from Bitcoinrigs.org, even though I've never ordered anything from them.
The reply to address appears to be from Stamps.com, through I didn't actually load any of the content to look at it.

I wonder if they're related?
opieum2
Hero Member
*****
Offline Offline

Activity: 532
Merit: 500


View Profile
October 14, 2014, 09:35:52 PM
 #16

Maybe it's BFL or AMT both desperate for cash seeing how they could not get away with scamming new customers and need other sources of revenue Tongue

"amtminers scam joshua zipkin scammer"
-Joshua Zipkin leaked skype chats http://bit.ly/1s7U2Yb
-For bitcoin to succeed the community must police itself.
okae
Legendary
*
Offline Offline

Activity: 1162
Merit: 1001


northern exposure


View Profile WWW
October 15, 2014, 10:49:35 AM
 #17

ty xzempt for advert us, maybe some ppl will think that this is stupid and only stupid ppl got scammed, but beleive me, there is lot of ppl that got scammed bacause of that scam emails.

LOL fake emails never get old Cheesy

and this is a real problem, there is always ppl trying to fu*k you, as i always recommend, common sense is the best wall you can have agains those things.
Sunderland
Sr. Member
****
Offline Offline

Activity: 466
Merit: 296

To Be or Not To Be


View Profile
October 15, 2014, 03:28:24 PM
 #18

.Jar , yes must careful when download this kind of file.
And now i see some scammer try to spread this via skype , they act nicely ,talk something good and at last he will send some file for us to download.
Maybe he will say that file is bot , free btc etc.

Corruption, embezzlement, fraud, these are all characteristics which exist everywhere.
It is regrettably the way human nature functions, whether we like it or not.
What successful economies do is keep it to a minimum. No one has ever eliminated any of that stuff.
DrG
Legendary
*
Offline Offline

Activity: 1624
Merit: 1016



View Profile
October 15, 2014, 07:26:21 PM
 #19

For new uses, simple ways to protect your coins:
1) Don't access the web/internet on the machine that hosts your wallet
2) If you have the time, move/convert your wallet (the file with your private keys) into a paper wallet.  Paper might be ancient but I have yet to see a trojan/malware that is able to read paper (except somebody hacking your webcam)
3) If using a digital wallet file, encrypt it with a password/passphrase that is unique (not used anywhere else) and is difficult enough to not be bruteforced
4) Learn to use cold wallets and put the majority of your coins in that wallet

Learn to use the tools that the community has created.  There are several alternatives to the base Bitcoin-QT that can offer increased security options.  If you have a significant value of coins it may be prudent to invest a little time learning how to use something like a cold walllet with Armory or one of the other alternative clients:
https://bitcointalk.org/index.php?board=37.0

Armory has a walkthough of how to make a offline/cold wallet here:
https://bitcoinarmory.com/about/using-our-wallet/














 

 

█ 
█ 
█ 
█ 
█ 
█ 
█ 
█ 
█ 
█ 
█ 
BitBlender 

 













 















 












 
█ 
█ 
█ 
█ 
█ 
█ 
█ 
█ 
█ 
█ 
█ 
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!