Warning: Cyber actors taking advantage of Ross Ulbricht news on X

Churchillvv

member

Activity: 66

Merit: 5

Eloncoin.org - Mars, here we come!

I don't expect people to flood into this scam so easily as it happened, even widows is responsible for a weak threat defense system we should on ourselves be more careful in joining groups or participating in anything that has to do with social media.

In the world today we know social media is very prune to cyber attacks and there is totally no where safe on the internet, protecting ourselves is the only to be safe.

Quote from: Davidvictorson on Today at 03:58:24 AM

Right now, the Xitter account has been suspended. And people are so gullible, that they can't differentiated between @Frec_Rosss(the scam account) and @Free_Ross which is the real account. The easiest place for scammers to execute their scams are on Telegram.

I don't really understand the reason we keep blaming others for our own mistakes. perhaps the names might look very similar but it's not. when you see a scam I think it's always clear to know because redirections is always the first approach so when you get redirected or notice a slight difference in spelling or alphabet then it should be regarded as a threat.

Quote from: hugeblack on Today at 03:38:13 AM

Those scammers are very quick to create links to scams but I don't think someone interested in Ross Ulbricht news and discussions would have the knowledge to avoid clicking on such random links especially from Telegram.

Even though we are too interested in R.U news I think most people let themselves get scammed because always in every scam there is always a red flag that indicates that it's a scam but we do pay deaf ears to those flags. one of the flags I know very much is redirection to different websites or requesting permission to take an action in your device.

Jating

hero member

Activity: 2842

Merit: 772

Quote from: hugeblack on Today at 03:38:13 AM

Those scammers are very quick to create links to scams but I don't think someone interested in Ross Ulbricht news and discussions would have the knowledge to avoid clicking on such random links especially from Telegram.

It's very hard to say though, and probably this is what this scam attempts have been magnified as there could be someone who reports to it and fall for the trick by the scammers. But in any case, for most of us here, or at least have seen this kind of attempts, specially if you see that you need to execute one of the most powerful tools in Windows with is PowerShell (hence, the word itself), you should really think twice before executing it.

And not the first case though, worst during the pandemic, and vaccine information, there are also criminal groups who created fake website to lure their victims to download with regards to the situation. So yeah, this criminals will jump on any news that will create money for them.

Davidvictorson

hero member

Activity: 1190

Merit: 901

Livecasino.io

Right now, the Xitter account has been suspended. And people are so gullible, that they can't differentiated between @Frec_Rosss(the scam account) and @Free_Ross which is the real account. The easiest place for scammers to execute their scams are on Telegram. The environment there is just a natural breeding ground for it to happen without almost any consequences from the actors. All of us cannot switch to a better operating system that is almost protected against these malware therefore, we to take precaution on clicking on suspicious links. I have said it that everyone must take a cybersecurity course.

betswift

copper member

Activity: 280

Merit: 5

Quote from: hugeblack on Today at 03:38:13 AM

Those scammers are very quick to create links to scams but I don't think someone interested in Ross Ulbricht news and discussions would have the knowledge to avoid clicking on such random links especially from Telegram.

Yeah, they would probably do it anyway, but once it (or any other app or message, in fact) asks you to do something in the console, it would need to be obvious what the OP from the Telegram intended to do with your funds / data / your device Grin

hugeblack

legendary

Activity: 2758

Merit: 4074

Those scammers are very quick to create links to scams but I don't think someone interested in Ross Ulbricht news and discussions would have the knowledge to avoid clicking on such random links especially from Telegram.

?

Activity: -

Merit: -

Quote from: nullama on Today at 03:34:51 AM

The only verification anyone needs is simply a signed message with a known BTC address.

Any other centralized verification is not valid in my mind.

People would still go and get rugged even by such things, unfortunately.
It's the reality we are in, and scammers are eager to exploit the new brand world of crypto with the same or new ways to get the same result.
I do hope all of these people would get their accounts just blocked / restricted for the time being.

nullama

hero member

Activity: 1008

Merit: 960

The only verification anyone needs is simply a signed message with a known BTC address.

Any other centralized verification is not valid in my mind.

The Sceptical Chymist

legendary

Activity: 3556

Merit: 7011

Top Crypto Casino

Quote from: NotATether on Today at 12:37:27 AM

So that means this is yet another Windows-only malware. Yet another reason to dump Windows for some other operating system that is more secure, such as Linux or even macOS, both of which do not have much malware.

If that is the case, it's one of a million reasons to ditch Microsoft products and never look back--I'm fairly techno ignorant and even I realize running a linux distro is so much better than any version of Windows.

In any case, I didn't realize R.U. was freed until I got a PM from a member telling me so, and I was shocked (I also didn't realize/forgot that Trump promised to pardon him during his campaign, so I'm doing a horrible job keeping up with what's happening in the world of crypto). Once I did learn that fact, I figured there would be stuff like this. The drama isn't all about Ulbricht but the fact that it was Trump who busted him out of prison.

And from what I read, he was being kept in a maximum security prison? Jeeeeesus H. Christ.

?

Activity: -

Merit: -

When it comes to commands in Powershell to proceed to next steps, in already have to ring a bell in a person's head.
Still, thank you very much for your contribution.

headingnorth

member

Activity: 302

Merit: 46

Quote from: fuguebtc on Today at 02:10:22 AM

Quote from: headingnorth on Today at 01:31:45 AM

I don't go on X, because I don't trust Elon Musk to run a secure website. He may be running some of the scams and malware himself.
If you just want to read postings on X, that might be ok, but I would never post or click on anything.

For someone with a fortune of up to 400 billion dollars and owning many companies, he can earn millions, even billions of dollars every day and X brings him significant revenue. I don't think he is stupid enough to run some scams and malware on his platform and ruin his reputation just for a few million dollars from these stupid scams.

Also, please tell me is there any social media platform that is really clean, no criminals use it or no scams? Social media is like a miniature society and controlling it is not easy, we should protect ourselves with knowledge instead of just blaming others if we get scammed.
Cryptocurrency itself is a scam-ridden market and X is a social network favored by crypto investors, so it is no surprise that a series of crypto-related scams are circulating on X .

Musk lost billions of dollars when the value of X plummeted more than half after he bought it.
He also lost more than half of the company's advertisers so he is desperate to do anything to recover his losses.
Even after firing 80% of the staff he still lost huge amount of money. Someone who promotes a total scam like dogecoin is capable of anything.

fuguebtc

hero member

Activity: 1974

Merit: 539

Leading Crypto Sports Betting & Casino Platform

Quote from: headingnorth on Today at 01:31:45 AM

I don't go on X, because I don't trust Elon Musk to run a secure website. He may be running some of the scams and malware himself.
If you just want to read postings on X, that might be ok, but I would never post or click on anything.

For someone with a fortune of up to 400 billion dollars and owning many companies, he can earn millions, even billions of dollars every day and X brings him significant revenue. I don't think he is stupid enough to run some scams and malware on his platform and ruin his reputation just for a few million dollars from these stupid scams.

Also, please tell me is there any social media platform that is really clean, no criminals use it or no scams? Social media is like a miniature society and controlling it is not easy, we should protect ourselves with knowledge instead of just blaming others if we get scammed.
Cryptocurrency itself is a scam-ridden market and X is a social network favored by crypto investors, so it is no surprise that a series of crypto-related scams are circulating on X .

headingnorth

member

Activity: 302

Merit: 46

I don't go on X, because I don't trust Elon Musk to run a secure website. He may be running some of the scams and malware himself.
If you just want to read postings on X, that might be ok, but I would never post or click on anything.

NotATether

legendary

Activity: 1568

Merit: 6660

bitcoincleanup.com / bitmixlist.org

Why would Ross have a telegram channel lmao. I've always thought that Twitter was the primary medium for him to communicate with his followers.

Quote from: Dave1 on January 22, 2025, 11:50:36 PM

As far as I know, if you run thru PowerShell command, some Anti-virus might flagged it right away. The problem though is that PowerShell is enabled by default, maybe others could correct me, although you can disable it but it might have affected a lot of system adminstration task.

In any case the best weapon for this is not simply execute commands from unknown source. We should not blindly trust anyone to follow instructions just because of this news. Common sense and self-awareness might be the only tool that will save us from this cyber threats.

So that means this is yet another Windows-only malware. Yet another reason to dump Windows for some other operating system that is more secure, such as Linux or even macOS, both of which do not have much malware.

Dave1

hero member

Activity: 1526

Merit: 555

As far as I know, if you run thru PowerShell command, some Anti-virus might flagged it right away. The problem though is that PowerShell is enabled by default, maybe others could correct me, although you can disable it but it might have affected a lot of system adminstration task.

In any case the best weapon for this is not simply execute commands from unknown source. We should not blindly trust anyone to follow instructions just because of this news. Common sense and self-awareness might be the only tool that will save us from this cyber threats.

Yaunfitda

hero member

Activity: 2870

Merit: 594

https://x.com/vxunderground/status/1881946956806926351

Just want to give everyone a heads-up regarding the news about Ross Ulbricht being freed by the Trump administration. There are set of threat actors who are taking advantage of it in X.

They used a fake but verified Ross Ulbricht accounts on X, then instruct people to a malicious Telegram channels, presenting itself as a official Ulbricht portals.

And after you are re-directed to it, you will be walk thorough fake verification process name "Safeguard". And then mini app with automatically copies a PowerShell command and then it will instruct you to open the Windows run dialog and paste that command.

Which eventually will download a zip file at

Code:

http://openline[.]cyou

With a Cobalt Strike loader (https://malpedia.caad.fkie.fraunhofer.de/details/win.cobalt_strike).

So never ever download or even execute or even run it in a dialog. Even if you are so called advance users, you don't know what's inside the PowerShell or that zip file.

Topic: Warning: Cyber actors taking advantage of Ross Ulbricht news on X (Read 98 times)