problem resolved

[a nice guy]

Hello guys,

usally I don't disclose any information about the security vulnerabilities that I find.
But in this case, I have to.

First, I won't give any information about the security vulnerability!

Facts:
The vulnerability itself could only be programmed by a total noob.
There isn't any information about the owner of the site.
There site doesn't provides no contact information.
The whois returned only a postbox.


Speculation:
Total scammer, tries to lure as many users as he can trough the so called "beta invitation".
Once the "beta" has started, most of the "lucky" ones will download an random_file_name.exe,
which installs a trojan and/or uploads the wallet.dat on the victims pc.


I strongly suggest to not register to that beta and don't download software from it,
until, it still could be, proved otherwise.


kind regards,
a nice guy


Sorry forgot to add the original post https://bitcointalk.org/index.php?topic=73714.0

[1715059327]

1715059327

[1715059327]

1715059327

[1715059327]

1715059327

[Tuxavant]

The guy that runs this is the same guy that runs the property management site in las vegas that accepts Bitcoin as payment for rent.

If you have a security vulnerability to report, I would appreciate it if you would forward the information to him directly. Email being sent privately.

[a nice guy]

Hello Tuxavant,

I already did send him a detailed report, no resonse yet.
The email-address was that one in the whois entry.

kind regards,
a nice guy

[Tuxavant]

I just got off the phone with him.. Thank you very much for bringing this to his attention. The issue has been resolved. If you were to post a bitcoin address, I'm pretty sure I could get him to cough up a more meaningful thank you.

[a nice guy]

Hello,

 I can confirm that vulnerability has been closed.
My donation-address is 1NKjePpC8oyHNW3ZJ8Efm7QNWcGS5pU337

Thanks, any donation is very appreciated

kind regards,
a nice guy

[Tuxavant]

I informed him of this post and recommended he give you a tip.

Please reply back if you get anything.

[a nice guy]

Hello,

I got a mail from the CEO, clarifying things.
As it seems the developer of the site made a really quick and dirty job.

As it seems this all was a false warning.

kind regards,
a nice guy

[Tuxavant]

Thanks for giving us an update and restating your opinion of the site. perhaps you could adjust the title?

[a nice guy]

Thanks for giving us an update and restating your opinion of the site. perhaps you could adjust the title?

Sorry, forgot about that.
It's now changed.


kind regards,
a nice guy