Author

Topic: DELTA MONEY - PHISHING - BEWARE (Read 337 times)

hero member
Activity: 1666
Merit: 753
March 22, 2019, 06:53:01 PM
#5
Though, I'm not sure whether this is just a blatant scam, or an actual phishing site, because I'm not sure whose site they're trying to impersonate exactly.
AFAIK, Phishing generally means an attempt to trick someone to provide their private or sensitive information which could give the attacker access to the victim's electronic accounts.
Website impersonation just happens to be one of the techniques.

I guess. If we were going off your definition, then the site could certainly be classified as a phishing site given that it's obviously trying to maliciously obtain the private keys of the users.

But they might not actually trying to impersonate anyone's site in particular as you say, since the closest thing I saw to their project is probably Agrello, which was rebranded from delta, and this site currently looks absolutely nothing like what Agrello's site looks like or even the service that they provide.

At the end of the day though, this barely matters. They are a noob-targeting scam, no matter the classification.
legendary
Activity: 2338
Merit: 1261
Heisenberg
March 20, 2019, 04:24:51 PM
#4
Though, I'm not sure whether this is just a blatant scam, or an actual phishing site, because I'm not sure whose site they're trying to impersonate exactly.
AFAIK, Phishing generally means an attempt to trick someone to provide their private or sensitive information which could give the attacker access to the victim's electronic accounts.
Website impersonation just happens to be one of the techniques.
hero member
Activity: 1666
Merit: 753
March 20, 2019, 03:47:25 PM
#3
Seems like an obvious one. They didn't even put the tiniest effort in designing their site, or spelling words correctly.

If anyone asks you for your private key you should be alarmed, whether or not the entity asking you for it seems to be an established project or not. The reason why it's called a private key in the first place is that you're not supposed to share it with anyone, and if you do, then the trustless nature of most cryptos will just not apply anymore.

Also, don't just blindly trust someone just because they have a site. There is no evidence that there are any legitimate development activity happening at all, and they're asking for investments.

Though, I'm not sure whether this is just a blatant scam, or an actual phishing site, because I'm not sure whose site they're trying to impersonate exactly.
legendary
Activity: 2338
Merit: 1261
Heisenberg
March 20, 2019, 11:56:00 AM
#2
MetaMask and Ether Address Lookup couldn't agree more.

They are asking for people's private keys to open up an account and also telling people to send 1 Ether to some address to receive delta coins


According to https://urlscan.io/result/1af732a7-5848-4d8b-95f3-0c206f980dab

This website contacted 4 IPs in 3 countries across 4 domains to perform 18 HTTP transactions.
The main IP is 78.47.153.144, located in Germany and belongs to HETZNER-AS, DE. The main domain is delta.money.
The TLS certificate was issued by Let's Encrypt Authority X3 on February 20th 2019 with a validity of 3 months.

legendary
Activity: 2450
Merit: 4415
🔐BitcoinMessage.Tools🔑
March 20, 2019, 11:14:16 AM
#1
What happened: Malicious site

Scammers Profile ANN: https://bitcointalksearch.org/topic/ann-new-cryptocurrency-delta-get-20-delta-free-in-telegram-deltamoneybot-5122795
https://web.archive.org/web/20190320161035/https://bitcointalksearch.org/topic/ann-new-cryptocurrency-delta-get-20-delta-free-in-telegram-deltamoneybot-5122795


Scammers Website:[/color]
Code:
https://delta.money/


Code:
https://web.archive.org/web/20190320161118/https://delta.money/

Quote
Domain Name: delta.money
Registry Domain ID: 4f044a3148be4319ae54d36368effd4f-DONUTS
Registrar WHOIS Server: who.godaddy.com/
Registrar URL: http://www.godaddy.com/domains/search.aspx?ci=8990
Updated Date: 2019-03-02T05:20:33Z
Creation Date: 2018-02-27T04:08:21Z
Registry Expiry Date: 2020-02-27T04:08:21Z
Registrar: GoDaddy.com, LLC
Registrar IANA ID: 146


https://www.virustotal.com/ru/url/afd31d1a5ebb9d3bf96c52bd4131a3b2cdbf051d9d374390f8368ba0647facd2/analysis/1553098051/
Jump to: