Pages:
Author

Topic: I just got this email, looks legit, right? - page 2. (Read 8310 times)

member
Activity: 80
Merit: 10
Prospecting on the net, in a rundown old shack..
January 08, 2014, 09:29:37 AM
#42
Was the fist to get hacked now everyone thinks im the attacker. The name Liquid and the other names are my contacts in my wallet.

That frosty wallet is my brothers and he has forgotten his password so good luck getting into it lol.

Ooh ooh how many letters were in it, numbers, what did it start with, what was he looking at, does it contain words or rand.... ahhh nurts..

Wink

must be slightly annoying having 28k sitting there tho...
legendary
Activity: 1106
Merit: 1026
January 08, 2014, 07:43:45 AM
#41
I analyzed this malware and put together a short blog post on what I found. If you're interested, take a look.
http://blog.logrhythm.com/uncategorized/emerging-bitcoin-theft-campaign-uncovered/

Really nice post! Liquid already came forward, but I still need to ask:

Quote
Reviewing the wallet.dat file with strings discloses the phisher’s BTC wallet addresses. A team of 4-people: Liquid, Kaz, Abz, and Frosty.

Why would a reasonable villain do such a thing in the first place? The exact role of the wallet is unknown to me, but I assume it's used as bait, to make users want to open the malicious password.txt.ink file. Using the attackers own wallet file for that seems very unlikely.. Wink

The malicious file is probably a wallet stealer and with some luck it might indeed be possible to extract some information about the attacker. Somehow this malware will phone home.
hero member
Activity: 826
Merit: 500
Crypto Somnium
January 08, 2014, 03:13:51 AM
#40
Was the fist to get hacked now everyone thinks im the attacker. The name Liquid and the other names are my contacts in my wallet.

That frosty wallet is my brothers and he has forgotten his password so good luck getting into it lol.
newbie
Activity: 1
Merit: 0
January 07, 2014, 06:22:37 PM
#39
I analyzed this malware and put together a short blog post on what I found. If you're interested, take a look.
http://blog.logrhythm.com/uncategorized/emerging-bitcoin-theft-campaign-uncovered/
newbie
Activity: 28
Merit: 0
January 07, 2014, 06:11:33 PM
#38
...this is unusual, as it both engages greed and a love of puzzles (plus a modicum of technical knowledge).  Lots of people out there with just enough knowledge to be dangerous.

All it needs now is a smattering of altruism and fluffy animals: 

(the kitten orphanage working funds are locked in this wallet  Grin)
newbie
Activity: 33
Merit: 0
January 07, 2014, 05:06:59 PM
#37
I just got this email too. I guess someone may fall for it someday. There are many other emails that people fall for.
newbie
Activity: 14
Merit: 0
January 07, 2014, 10:25:07 AM
#36
nice thanks. glad I don't run any wallets on a windows machine. Smiley
newbie
Activity: 6
Merit: 0
January 07, 2014, 09:41:54 AM
#35
hH totally
hero member
Activity: 588
Merit: 500
January 07, 2014, 09:40:39 AM
#34
People should treat any message they receive claiming they won a prize and you haven't even enrolled to it or offering free money (or someone giving his money to you randomly)and if it asks you to download something be double suspicious about it.
hero member
Activity: 896
Merit: 1000
January 07, 2014, 08:00:12 AM
#33
Your best protection is and will always be your COMMON SENSE.
True.
member
Activity: 68
Merit: 10
January 07, 2014, 06:36:22 AM
#32
Most emails like this is a spyware. I also receive this email today.
legendary
Activity: 1049
Merit: 1006
January 07, 2014, 06:32:41 AM
#31
People, do not trust any emails with strange attachments no matter how "legit" the sender's address looks. Also, do not trust anti-viruses and anti-malware programs - they won't detect 99.99% of the zero-day viruses, malwares and exploits that will really cause damage until that damage is already done. Your best protection is and will always be your COMMON SENSE.
legendary
Activity: 896
Merit: 1000
January 07, 2014, 06:19:30 AM
#30
Thanks for the alert.
newbie
Activity: 14
Merit: 0
January 07, 2014, 05:30:36 AM
#29
Thanks for sharing guys, that's worth watching for. Simple and effective, and just enough people would want to look at 30 BTC in a free wallet to make it worthwhile.
hero member
Activity: 490
Merit: 500
Captain
January 07, 2014, 04:25:20 AM
#28
!!!
Beware people.
This is most likely a scam.
Proceed with extreme caution.
!!!
member
Activity: 80
Merit: 10
Prospecting on the net, in a rundown old shack..
January 07, 2014, 04:20:15 AM
#27
so how do we get those 30.2 btc out of that wallet !!!11

Smiley

member
Activity: 115
Merit: 10
January 07, 2014, 02:06:52 AM
#26
I got the same email. Email list is probably from the mtgox hack awhile back.
I do not have a MtGox account. Only here.

I hate all scammer!   Angry

Antivirus checking
https://www.virustotal.com/ru/file/85083a3cc70d4c38c60c20995f3f82f37bec6de1744cd8d10dea645888c58669/analysis/1389076208/


Repeat topic
https://bitcointalksearch.org/topic/m.4354534
sr. member
Activity: 293
Merit: 261
Professional Ameteur
January 06, 2014, 10:51:45 PM
#25
The best way to be around crypto-currencies is not to assume anything. Even opening certain e-mails poses risks, not necassarily to your coins, but other risks, trojans, key-loggers, etc. It doesn't take much, all you have to do is open the wrong email and your address can be turned into a spamtastic hacked account.

Lol.


I got the same email.

bitcoinica.com
bitmit.net
blockchain.info
btcguild.com
btclot.com
btcmine.com
glbse.com
mtgox.com
ozco.in
pool-x.eu
member
Activity: 105
Merit: 10
January 06, 2014, 10:13:01 PM
#24
The best way to be around crypto-currencies is not to assume anything. Even opening certain e-mails poses risks, not necassarily to your coins, but other risks, trojans, key-loggers, etc. It doesn't take much, all you have to do is open the wrong email and your address can be turned into a spamtastic hacked account.
hero member
Activity: 812
Merit: 502
January 06, 2014, 10:09:06 PM
#23
I got it too, but while Thunderbird shows the small attachment icon, when I open the email there is no attachment.
I also opened it in my webmail and again - attachment icon present, but no attachment.

I assume the only way to get infected is by opening the attachment, right?
Just loading the email is harmless.
Pages:
Jump to: