|
yampi (OP)
|
 |
March 06, 2015, 05:43:22 PM
Last edit: March 07, 2015, 02:34:55 PM by yampi |
|
Recently there is an ad to a fake Electrum wallet which installs DarkComet TROJAN onto your computer. The official electrum wallet site has https, the fake one does not. Oh and the domain is OBVIOUSLY different than the official's.Please validate file signatures. Here's a virustotal anlysis report of the fake wallet file: here |
|
|
|
|
DarkHyudrA
Legendary
 Offline
Activity: 1386
Merit: 1000
English <-> Portuguese translations
|
|
March 06, 2015, 06:06:00 PM |
|
And where you got the fake electrum?
You mean an ad here on the forum?
|
English <-> Brazilian Portuguese translations
|
|
|
|
abyrnes81
|
|
March 06, 2015, 06:07:31 PM |
|
And where you got the fake electrum?
You mean an ad here on the forum?
I am interested to know the same thing, where do you downloaded the "fake" one? Can you give use the link between the (code) (/code) tag for security. |
|
|
|
|
|
jbrnt
|
|
March 06, 2015, 06:21:52 PM |
|
Thank you for the warning. Where is the fake Electrum? Is it from a thread here on the forum?
|
|
|
|
|
dezoel
Legendary
Offline
Activity: 2198
Merit: 1081
Leading Crypto Sports Betting & Casino Platform
|
|
March 07, 2015, 04:50:19 AM |
|
ehm, where is you find it?
can us see the link?
|
| ..Stake.com.. | | | ▄████████████████████████████████████▄
██ ▄▄▄▄▄▄▄▄▄▄ ▄▄▄▄▄▄▄▄▄▄ ██ ▄████▄
██ ▀▀▀▀▀▀▀▀▀▀ ██████████ ▀▀▀▀▀▀▀▀▀▀ ██ ██████
██ ██████████ ██ ██ ██████████ ██ ▀██▀
██ ██ ██ ██████ ██ ██ ██ ██ ██
██ ██████ ██ █████ ███ ██████ ██ ████▄ ██
██ █████ ███ ████ ████ █████ ███ ████████
██ ████ ████ ██████████ ████ ████ ████▀
██ ██████████ ▄▄▄▄▄▄▄▄▄▄ ██████████ ██
██ ▀▀▀▀▀▀▀▀▀▀ ██
▀█████████▀ ▄████████████▄ ▀█████████▀
▄▄▄▄▄▄▄▄▄▄▄▄███ ██ ██ ███▄▄▄▄▄▄▄▄▄▄▄▄
██████████████████████████████████████████ | | | | | | ▄▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄
█ ▄▀▄ █▀▀█▀▄▄
█ █▀█ █ ▐ ▐▌
█ ▄██▄ █ ▌ █
█ ▄██████▄ █ ▌ ▐▌
█ ██████████ █ ▐ █
█ ▐██████████▌ █ ▐ ▐▌
█ ▀▀██████▀▀ █ ▌ █
█ ▄▄▄██▄▄▄ █ ▌▐▌
█ █▐ █
█ █▐▐▌
█ █▐█
▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀█ | | | | | | ▄▄█████████▄▄
▄██▀▀▀▀█████▀▀▀▀██▄
▄█▀ ▐█▌ ▀█▄
██ ▐█▌ ██
████▄ ▄█████▄ ▄████
████████▄███████████▄████████
███▀ █████████████ ▀███
██ ███████████ ██
▀█▄ █████████ ▄█▀
▀█▄ ▄██▀▀▀▀▀▀▀██▄ ▄▄▄█▀
▀███████ ███████▀
▀█████▄ ▄█████▀
▀▀▀███▄▄▄███▀▀▀ | | | ..PLAY NOW.. |
|
|
|
niktitan132
Legendary
Offline
Activity: 1036
Merit: 1000
|
|
March 07, 2015, 09:00:30 AM |
|
Recently there is an ad to a fake Electrum wallet which installs DarkComet TROJAN onto your computer. The official electrum wallet site has https, the fake one does not. Please validate file signatures. Here's a virustotal anlysis report of the fake wallet file: hereReport the domain and they will hopefully take it down. Also, he must share the domain name here so we can report it too (the website will be faster taken down by host). |
|
|
|
|
lacomepollos
Full Member
Offline
Activity: 168
Merit: 100
..... ..... ..... .....
|
|
March 07, 2015, 09:02:28 AM |
|
Thanks for this
|
------------------------------------------------------------------------------------------------------------------------------------------------------
|
|
|
|
|
|
|
|
abyrnes81
|
|
March 07, 2015, 10:47:32 AM |
|
Thanks for the warning, I always download the official software from the real site and not from an unknown thread or site. Beware !
|
|
|
|
|
innocent93
Legendary
Offline
Activity: 896
Merit: 1000
|
|
March 07, 2015, 11:07:57 AM |
|
Never download any kind of wallet beyond their official website if you don't want to lose your money.
|
|
|
|
|
koelen3
Legendary
Offline
Activity: 1022
Merit: 1007
Sooner or later, a man who wears two faces forgets
|
|
March 07, 2015, 11:23:35 AM |
|
This should rather be share on the Beginners Section too , just to make them aware of it!
THank you for sharing it
|
|
|
|
|
|
9000
|
|
March 07, 2015, 11:48:28 AM |
|
Thanks for the warning, one is never too careful online...
|
|
|
|
|
|
luv2drnkbr
|
|
March 07, 2015, 12:09:17 PM |
|
Verify PGP sigs!!!
|
|
|
|
A10010
Newbie
Offline
Activity: 31
Merit: 0
|
|
March 07, 2015, 01:28:08 PM |
|
Just another reminder why we need to be extra careful online, scams everywhere!
|
|
|
|
|
|
Bralex
|
|
March 07, 2015, 01:31:48 PM |
|
Was only yesterday i downloaded electrum for the first time believe it or not, i checked the signature though so all was good. If everyone done this then the fake wallet would be useless but of course not everyone pays attention to what they download, which is crap because then the hackers will keep going while there are people to steal from.
|
|
|
|
|
twister
|
|
March 07, 2015, 02:34:09 PM |
|
The official electrum wallet site has https, the fake one does not.
Is that possible, can a hacker host files to someone else's domain with http? Verify PGP sigs!!!
Sorry for the stupid ques but how does one exactly do that with the downloads? |
|
|
|
DarkHyudrA
Legendary
Offline
Activity: 1386
Merit: 1000
English <-> Portuguese translations
|
|
March 09, 2015, 11:07:34 AM |
|
The official electrum wallet site has https, the fake one does not.
Is that possible, can a hacker host files to someone else's domain with http? Verify PGP sigs!!!
Sorry for the stupid ques but how does one exactly do that with the downloads? First question: nope, with or without SSL/TSL, you're connecting to the same website. He probably confused with a phishing someting like el3ctrum or electrun. Second question, he probably meant the md5 hash for checksum, it's always said on the official website so that you can guarantee that you're downloading the right version. |
English <-> Brazilian Portuguese translations
|
|
|
mistercoin
Legendary
Offline
Activity: 1051
Merit: 1000
https://r.honeygain.me/XEDDM2B07C
|
|
March 09, 2015, 12:13:04 PM |
|
Recently there is an ad to a fake Electrum wallet which installs DarkComet TROJAN onto your computer. The official electrum wallet site has https, the fake one does not. Oh and the domain is OBVIOUSLY different than the official's.Please validate file signatures. Here's a virustotal anlysis report of the fake wallet file: hereThanks for the heads up. I will send a newsletter out to my subscribers about it. |
|
|
|
|
Bizmark13
|
|
March 09, 2015, 12:16:12 PM |
|
The official electrum wallet site has https, the fake one does not.
Is that possible, can a hacker host files to someone else's domain with http? Verify PGP sigs!!!
Sorry for the stupid ques but how does one exactly do that with the downloads? First question: nope, with or without SSL/TSL, you're connecting to the same website. He probably confused with a phishing someting like el3ctrum or electrun. Second question, he probably meant the md5 hash for checksum, it's always said on the official website so that you can guarantee that you're downloading the right version. If you go to the official download page for Electrum, next to each download link you will see a PGP signed signature from one of the devs. As for the MD5 hash, you can get it by right clicking on the file and choosing "properties". A window should appear with some tabs on the top. Click on the "checksums" tab to see the MD5 hash:  Note however that the encryption behind MD5 hashes isn't completely resistant to forgeries, i.e. it is possible to construct collisions that result in two different files having the same MD5 hash. |
|
|
|
|
|
