Author

Topic: [WARNING][SCAM]Fake Stellar airdrop from fake HitBTC accounts (Read 171 times)

hero member
Activity: 2856
Merit: 644
https://duelbits.com/
I also received this fake giveway email. When I started checking their activities, I saw that they were trying to attack through Malware. Those who are tempted to download and install this app, their entire system may fall under the control of scammers. I checked their app and the VirusTotal showing that malware exists in this app.
....

VirusTotal: https://www.virustotal.com/gui/url/2cdc7e86a6934509561602491e375cd697eba72c492fe230dfd211ac3b45b87a/detection
The scamer sends a large number of emails simultaneously including me receiving the notification email. Will this scamer really continue to act by sending a link via email? oh no, if the application is really installed, the data will be easily stolen with a malware virus.

That's a good catch for exposing a scam like this to the public so it's an example to avoid.
hero member
Activity: 1064
Merit: 639
I remember a few months back, I received a similar email, I was asked to visit a website to claim xlm coins. [ Just like this website.]
However, I downloaded it and scanned at Virustotal before installing it, it was a malware. I can say with certainty that this is the same group every time they send an email with different domains.

@witcher_sense Did you also receive this through email? Or you have found some other way.

*Edit* 
Sorry, I had not seen it.
 
Quote
Recently I recieved two emails at once from "HitBTC Support" and "HitBTC Info", which was obviously a fake, but I wonder
why scammer chose that scam exchange to promote fake website and airdrops. Doesn't look very attractive.
Proof:
hero member
Activity: 1876
Merit: 721
Top Crypto Casino
I also received this fake giveway email. When I started checking their activities, I saw that they were trying to attack through Malware. Those who are tempted to download and install this app, their entire system may fall under the control of scammers. I checked their app and the VirusTotal showing that malware exists in this app.




VirusTotal: https://www.virustotal.com/gui/url/2cdc7e86a6934509561602491e375cd697eba72c492fe230dfd211ac3b45b87a/detection
legendary
Activity: 2450
Merit: 4414
🔐BitcoinMessage.Tools🔑
What happened: Fake/malicious website
 
ANN: not listed here yet

Scammers Website:
Code:
https://official-stellar.com/


http://web.archive.org/web/20200730150244/https://xn--sellar-ilb.com/
https://archive.is/wLVEu

Quote
Domain Name: OFFICIAL-STELLAR.COM
Registry Domain ID: 2555371346_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.registrar.eu
Registrar URL: http://www.openprovider.com
Updated Date: 2020-08-24T20:59:19Z
Creation Date: 2020-08-24T20:52:14Z
Registry Expiry Date: 2021-08-24T20:52:14Z

Recently I recieved two emails at once from "HitBTC Support" and "HitBTC Info", which was obviously a fake, but I wonder
why scammer chose that scam exchange to promote fake website and airdrops. Doesn't look very attractive.
Proof: https://bitcointalksearch.org/topic/m.52162889




According to whois, website is only two days-old and impersonating official stellar.org albeit it doesn't look similar to official one.



In order to "claim" your free 2500 XLM, you need to download some malicious software (Windows only Grin).
VirusTotal didn't find anything red in that file, but I believe this software is somehow trying to steal private keys or something like that.

Either way, it is a scam and should be avoided at all costs. Be careful.

Jump to: