Author

Topic: Possible BitcoinTalk Forum Spoof? (Read 1105 times)

hero member
Activity: 560
Merit: 509
I prefer Zakir over Muhammed when mentioning me!
November 16, 2014, 06:31:51 AM
#13
It's running from a dynamic IP address (no-ip.org is a dynamic DNS resolver) and it's mimicking bitcointalk.org, so it's probably a phishing site intended to trick people into providing their bitcointalk passwords and downloading some sort of malware. Removing the "css" parameter from the link resulted in a different website, so there are probably multiple phishing sites with different targets running on the same server.

I don't think it is a phishing site. The link in the OP was anonymous surfing through Dynaweb [1]. Just go to Dynaweb and enter a link and press 'Enter/Return'. You will surf that website. Roll Eyes Smiley

[1] http://down06.no-ip.org/?css=zG9uz3RhaXdhbmCuY29TL2xvYy9waG9TzV9lbi5waHA - You can also go there by clicking 'English' on top left, the language of the site will change to English.

    ~~MZ~~
legendary
Activity: 1582
Merit: 1064
November 16, 2014, 05:33:08 AM
#12
It's running from a dynamic IP address (no-ip.org is a dynamic DNS resolver) and it's mimicking bitcointalk.org, so it's probably a phishing site intended to trick people into providing their bitcointalk passwords and downloading some sort of malware. Removing the "css" parameter from the link resulted in a different website, so there are probably multiple phishing sites with different targets running on the same server.

Bitcointalk ids have become so valuable. There are now phishing sites for it.  Grin
full member
Activity: 168
Merit: 100
November 15, 2014, 06:22:32 PM
#11
It's running from a dynamic IP address (no-ip.org is a dynamic DNS resolver) and it's mimicking bitcointalk.org, so it's probably a phishing site intended to trick people into providing their bitcointalk passwords and downloading some sort of malware. Removing the "css" parameter from the link resulted in a different website, so there are probably multiple phishing sites with different targets running on the same server.

Yes I am familiar with noip I use them for my p2pool.  But I also considered it might be someone like someone else mentioned about a not bitcoin friendly locale.  If you disected it enough to determine it is malicious I will report it as should everyone else.  Or I could...have it removed  Roll Eyes
hero member
Activity: 508
Merit: 500
Techwolf on #bitcoin and Reddit
November 15, 2014, 06:15:12 PM
#10
It's running from a dynamic IP address (no-ip.org is a dynamic DNS resolver) and it's mimicking bitcointalk.org, so it's probably a phishing site intended to trick people into providing their bitcointalk passwords and downloading some sort of malware. Removing the "css" parameter from the link resulted in a different website, so there are probably multiple phishing sites with different targets running on the same server.
hero member
Activity: 560
Merit: 509
I prefer Zakir over Muhammed when mentioning me!
November 15, 2014, 12:02:04 PM
#9
what are the extra features?

Reload and look the pic again. Roll Eyes

   ~~MZ~~
All I see is some weird toolbar at the bottom.

Which is most likely what he is talking about when he says: "extra features"

Yes, that's what I meant. But I ain't going back there. It seems like some fetching site. Roll Eyes I used Incognito mode, so I can't make sure it is a fetching site. If you want to know, just click it and look whether it is asking for password.

Edit: One should go there, so I went there. It is a fetching site. It is asking me to login once more.

Edit 2: It isn't a fetching site, I think. It is something like an internal browser.

Edit 3: It is a dynamic network. I think the user who posted can't access BT without dynamic network(did China block BT? Shocked Huh) . It can be used by download Freegate software from the site or through the website. The site and software is mainly for Chinese. I think there is nothing suspicious. Smiley

   ~~MZ~~
legendary
Activity: 2072
Merit: 1049
┴puoʎǝq ʞool┴
November 15, 2014, 11:28:44 AM
#8
what are the extra features?

Reload and look the pic again. Roll Eyes

   ~~MZ~~
All I see is some weird toolbar at the bottom.

Which is most likely what he is talking about when he says: "extra features"
hero member
Activity: 882
Merit: 595
November 15, 2014, 11:28:31 AM
#7
what are the extra features?

Reload and look the pic again. Roll Eyes

   ~~MZ~~

what is the function of that feature ?
copper member
Activity: 2996
Merit: 2374
November 15, 2014, 11:24:09 AM
#6
what are the extra features?

Reload and look the pic again. Roll Eyes

   ~~MZ~~
All I see is some weird toolbar at the bottom.
hero member
Activity: 560
Merit: 509
I prefer Zakir over Muhammed when mentioning me!
November 15, 2014, 11:22:51 AM
#5
what are the extra features?

Reload and look the pic again. Roll Eyes

   ~~MZ~~
copper member
Activity: 2996
Merit: 2374
November 15, 2014, 11:21:45 AM
#4

Indeed, it is! Smiley Bitcointalk with some extra features. Cheesy



   ~~MZ~~
what are the extra features?
hero member
Activity: 560
Merit: 509
I prefer Zakir over Muhammed when mentioning me!
November 15, 2014, 11:20:37 AM
#3

Indeed, it is! Smiley Bitcointalk with some extra features. Cheesy



   ~~MZ~~
copper member
Activity: 2996
Merit: 2374
November 15, 2014, 11:14:24 AM
#2
I wouldn't click on the link as it appears to be a malicious site according to

https://www.virustotal.com/en/url/b1d0e2ab7dbdfb1d9bc166df3419578dd597182d450769f1ffab49e26495f389/analysis/1416066890/
full member
Activity: 168
Merit: 100
November 15, 2014, 10:38:49 AM
#1
I found this while looking for some cgminer compatibility info...

 Malicious site, use caution down06.no-ip.org/?css=aHR0CHM6Ly9iaXRjb2ludGFSay5vCmCvaW5kzXguCGhwP2JvYXJkPtQyLjA

Is this ya'll?
Jump to: