Bitcoin Forum>Economy>Trading Discussion>Scam Accusations
Author

Topic: FAKE - TRON AIRDROP - 18,000 TRX (Read 196 times)

robelneo
legendary
Activity: 3192
Merit: 1198
Bons.io Telegram Casino
FAKE - TRON AIRDROP - 18,000 TRX
July 09, 2020, 10:21:18 PM
#10
Quote from: 409H on July 09, 2020, 08:56:08 PM
Here's a run of the download in a sandbox: https://app.any.run/tasks/fa854a34-f9c9-4be6-9bfc-529ed16c94c3

Essentially, it installs a RAT on your system - most likely to steal keys/passwords/logins/cookies - and communicates via SOAP messages

Very interesting thank for posting this, now people will have an idea what happen when you visit the site and take the offer, the airdrop thing is now becoming very synonymous to scam, how many scams we have seen that cloak itself as airdrops, I already saw so many of it and some of them are being advertised on big channels like Adsense.
409H
newbie
Activity: 7
Merit: 4
Re: FAKE - TRON AIRDROP - 18,000 TRX
July 09, 2020, 08:56:08 PM
#9
Here's a run of the download in a sandbox: https://app.any.run/tasks/fa854a34-f9c9-4be6-9bfc-529ed16c94c3

Essentially, it installs a RAT on your system - most likely to steal keys/passwords/logins/cookies - and communicates via SOAP messages
$crypto$
legendary
Activity: 2352
Merit: 1041
Smart is not enough, there must be skills
Re: FAKE - TRON AIRDROP - 18,000 TRX
July 08, 2020, 06:19:26 AM
#8
Quote from: btc_angela on July 08, 2020, 03:01:48 AM
There is a high chance that they are scraping emails here, or those bounties that are asking for emails in the past are being used by this scammers. Luckily, I haven't received any so far because I never joined bounty. And I agree that this is the same scammers all along, registering domain names one after another and then continue with that email list blast.
I think it's like that they scrape the email from the previous bounty so they can easily send so many emails because it's already on their list, surely this will continue to be repeated and we will get the email really fed up with their trap.
btc_angela
hero member
Activity: 2604
Merit: 542
Re: FAKE - TRON AIRDROP - 18,000 TRX
July 08, 2020, 03:01:48 AM
#7
Quote from: sujonali1819 on July 07, 2020, 01:08:04 PM
Quote from: TalkStar on July 07, 2020, 12:55:36 PM
Yeap,,,most probably all these fake airdrop website owners are connected together and they have a strong source from where they get crypto users email.  
Yes, Obviously they have a strong source to collect emails. what I guess it could be this bitcointalk forum. Because what link I provided about stellar fake airdrop you can see a google form for submitting address and additional info where they put a slot for submitting bitcointalk username. So they know these people have a bitcointalk account too.

There is a high chance that they are scraping emails here, or those bounties that are asking for emails in the past are being used by this scammers. Luckily, I haven't received any so far because I never joined bounty. And I agree that this is the same scammers all along, registering domain names one after another and then continue with that email list blast.

sujonali1819
legendary
Activity: 2436
Merit: 1189
Need Campaign Manager?PM on telegram @sujonali1819
Re: FAKE - TRON AIRDROP - 18,000 TRX
July 07, 2020, 01:08:04 PM
#6
Quote from: TalkStar on July 07, 2020, 12:55:36 PM
Yeap,,,most probably all these fake airdrop website owners are connected together and they have a strong source from where they get crypto users email.  
Yes, Obviously they have a strong source to collect emails. what I guess it could be this bitcointalk forum. Because what link I provided about stellar fake airdrop you can see a google form for submitting address and additional info where they put a slot for submitting bitcointalk username. So they know these people have a bitcointalk account too.

maybe they brought emails from the scam project, or they launch a fake airdrop or bounty where they asked for submitting email address. etc.
TalkStar
copper member
Activity: 1204
Merit: 737
✅ Need Campaign Manager? TG > @TalkStar675
Re: FAKE - TRON AIRDROP - 18,000 TRX
July 07, 2020, 12:55:36 PM
#5
Quote from: sujonali1819 on July 07, 2020, 11:16:31 AM
I reported a fake stellar airdrop here All are looking very similar to each other. Same technic to scam. First, collect emails, sending email to crypto user by a popular exchange named email, a spreadsheet for submitting info, Lastly force to download a wallet/software which have malware.
Looks like they have a fixed roadmap by following that they are continuing their scam game. I am really curious to find out the source of emails by which they are targeting specific crypto users.  
 
Quote from: sujonali1819 on July 07, 2020, 11:16:31 AM
All seem the same scammer team is running these fake airdrops and malware to steal money.
Yeap,,,most probably all these fake airdrop website owners are connected together and they have a strong source from where they get crypto users email.  
sujonali1819
legendary
Activity: 2436
Merit: 1189
Need Campaign Manager?PM on telegram @sujonali1819
Re: FAKE - TRON AIRDROP - 18,000 TRX
July 07, 2020, 11:16:31 AM
#4
I reported a fake stellar airdrop here All are looking very similar to each other. Same technic to scam. First, collect emails, sending email to crypto user by a popular exchange named email, a spreadsheet for submitting info, Lastly force to download a wallet/software which have malware.

All seem the same scammer team is running these fake airdrops and malware to steal money.
TalkStar
copper member
Activity: 1204
Merit: 737
✅ Need Campaign Manager? TG > @TalkStar675
Re: FAKE - TRON AIRDROP - 18,000 TRX
July 07, 2020, 10:38:57 AM
#3
Quote from: $crypto$ on July 07, 2020, 08:18:18 AM
When you click on the wallet it will automatically download the malware wallet
Its too much risky for them who have limited amount of knowledge about wallet hackers. Its called force download by which they push their web vistors to download that malware wallet file. All their intention is to plant that malware file on visitors device which will play the key role for wallet hacking.

Note: I will suggest our community users to stay far from this malware coded website.
actmyname
copper member
Activity: 2562
Merit: 2504
Spear the bees
Re: FAKE - TRON AIRDROP - 18,000 TRX
July 07, 2020, 09:12:01 AM
#2
It's actually fortunate that the scammers were stupid enough to forget about the use of BCC. Reply to all in that email and make sure none of the potential victims go through with the link. After all, if they didn't realize that the "Bittrex Team" email came from yahoo of all places, they would probably be the exact audience that would be prone to this kind of scam.
$crypto$
legendary
Activity: 2352
Merit: 1041
Smart is not enough, there must be skills
Re: FAKE - TRON AIRDROP - 18,000 TRX
July 07, 2020, 08:18:18 AM
#1
What happened; FAKE - TRON AIRDROP - 18,000 TRX

Website: https://tron-project.com/
Archived; http://archive.is/xhe8s

Code:
https://docs.google.com/forms/d/e/1FAIpQLSfnu7UOyKlP3794udoK5Xu2WIlAedYzyAqDvhlRpnRcGF-NRQ/viewform

Code:
Registrar Hosting Concepts B.V. d/b/a Openprovider
IANA ID: 1647
URL: http://www.registrar.eu,http://www.openprovider.com
Whois Server: whois.registrar.eu

(p)
Dates Created on 2020-07-07
Expires on 2021-07-07
Updated on 2020-07-07
https://whois.domaintools.com/tron-project.com



I received this notification from an email



When you click on the wallet it will automatically download the malware wallet

Bitcoin Forum>Economy>Trading Discussion>Scam Accusations
Jump to: