|
Bitcoins101
|
 |
September 14, 2014, 01:35:29 PM |
|
Phisher is probably thinking he caught a big one..   . What you got after logging in? Redirecting to BT? ~~MZ~~ Yep, redirects right back to the real site under the link that is in the OP. |
|
|
|
|
|
|
|
|
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
|
|
|
|
|
acs267 (OP)
|
|
September 14, 2014, 02:22:33 PM |
|
OP: remove the hyperlink in the top post.. I was about to click it..
It's a phishing link. You'll be fine as long as you don't enter your username or password. But you can basically enter in a random or fake one. I didn't remove all of the link, because, I'm pretty sure they all have the same topic start number. 654845. Anyway, you could basically click away, and even sit on the link and nothing will happen but a discouraged person, looking at the hundreds accounts with 'theymos' or 'satoshi' as their username. |
|
|
|
|
|
Nullu
|
|
September 14, 2014, 02:40:21 PM |
|
Bombard the site with fake username and passwords.
|
BTC - 14kYyhhWZwSJFHAjNTtyhRVSu157nE92gF
|
|
|
|
Bitcoins101
|
|
September 14, 2014, 03:21:41 PM |
|
Bombard the site with fake username and passwords.
Someone could set up a script to do it. |
|
|
|
|
NoirSuccubus
|
|
September 14, 2014, 03:52:07 PM |
|
I got one from p3tmacterThis guy is registering hordes of new accounts for the purpose of phishing peoples accounts. Look at the new members list and you'll find a bunch. I just went through the first 2 pages of the bitcointalk member list, these are only a few hours old. NEMmaster NEMxtester EspoNem nemeconomy utopian-nem nem-team nemutopian p3tnaster nemxt nem-xterster You can see the members list here listed from new to old. https://bitcointalk.org/index.php?action=mlist;sort=registered;start=0;descThere's probably much more. |
|
|
|
|
|
acs267 (OP)
|
|
September 14, 2014, 03:57:38 PM |
|
I got one from p3tmacterThis guy is registering hordes of new accounts for the purpose of phishing peoples accounts. Look at the new members list and you'll find a bunch. I just went through the first 2 pages of the bitcointalk member list, these are only a few hours old. NEMmaster NEMxtester EspoNem nemeconomy utopian-nem nem-team nemutopian p3tnaster nemxt nem-xterster You can see the members list here listed from new to old. https://bitcointalk.org/index.php?action=mlist;sort=registered;start=0;descThere's probably much more. I don't get it - why are they doing it? Is it to give NEM a bad name, or to show ill fitted strength? It's bizarre to me. Not to mention, they bragged about the thought of them going to hack acounts. |
|
|
|
|
theymos
Administrator
Legendary
 Offline
Activity: 5166
Merit: 12865
|
|
September 14, 2014, 06:19:48 PM |
|
I deleted the spam PMs and banned all of the users and IPs sending them.
|
1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
|
|
|
|
EvilDave
|
|
September 14, 2014, 09:31:27 PM |
|
Good work, mate. +1
|
|
|
|
|
ForgottenPassword
|
|
September 14, 2014, 09:56:40 PM |
|
I deleted the spam PMs and banned all of the users and IPs sending them.
The source on the phishing website contains the following: <title>Login</title><!--368ef74f52681c46ec130f3d13d9f239ea78ffb6c1718a5e8bda35ea3af8626a1c46ec130f3d13d9f239ea78ffb6c171138a3f3d4e7f8f4069051c46ec130f3d13d9f239ea78ffb6c171faa6--> Is that last piece a session ID? Maybe you could take a look at the logs and find out what IP was using that session ID. It also looks like the phishing site is including style sheets from bitcointalk.org. You could set up the server to send a modified stylesheet that has a warning message added when it is requested by the phishing domain in order to warn people it is a phishing website. |
|
|
|
jackjack
Legendary
Offline
Activity: 1176
Merit: 1233
May Bitcoin be touched by his Noodly Appendage
|
|
September 14, 2014, 10:16:18 PM |
|
I deleted the spam PMs and banned all of the users and IPs sending them.
The source on the phishing website contains the following: <title>Login</title><!--368ef74f52681c46ec130f3d13d9f239ea78ffb6c1718a5e8bda35ea3af8626a1c46ec130f3d13d9f239ea78ffb6c171138a3f3d4e7f8f4069051c46ec130f3d13d9f239ea78ffb6c171faa6--> Is that last piece a session ID? Maybe you could take a look at the logs and find out what IP was using that session ID. It also looks like the phishing site is including style sheets from bitcointalk.org. You could set up the server to send a modified stylesheet that has a warning message added when it is requested by the phishing domain in order to warn people it is a phishing website. Good ideas |
Own address: 19QkqAza7BHFTuoz9N8UQkryP4E9jHo4N3 - Pywallet support: 1AQDfx22pKGgXnUZFL1e4UKos3QqvRzNh5 - Bitcointalk++ script support: 1Pxeccscj1ygseTdSV1qUqQCanp2B2NMM2 Pywallet: instructions. Encrypted wallet support, export/import keys/addresses, backup wallets, export/import CSV data from/into wallet, merge wallets, delete/import addresses and transactions, recover altcoins sent to bitcoin addresses, sign/verify messages and files with Bitcoin addresses, recover deleted wallets, etc. |
|
|
|
mik3
|
|
September 15, 2014, 04:05:41 AM |
|
GUYS report them to their registrar so they remove the site ASAP. Send an email to abuse@internet.bs with a link to this thread and an explanation. |
|
|
|
|
|
