[WARNING][SCAM]Fake Stellar airdrop from fake HitBTC accounts

Furious 7

hero member

Activity: 2842

Merit: 641

https://duelbits.com/

Quote from: ScamViruS on August 26, 2020, 03:31:30 PM

I also received this fake giveway email. When I started checking their activities, I saw that they were trying to attack through Malware. Those who are tempted to download and install this app, their entire system may fall under the control of scammers. I checked their app and the VirusTotal showing that malware exists in this app.
....

VirusTotal: https://www.virustotal.com/gui/url/2cdc7e86a6934509561602491e375cd697eba72c492fe230dfd211ac3b45b87a/detection

The scamer sends a large number of emails simultaneously including me receiving the notification email. Will this scamer really continue to act by sending a link via email? oh no, if the application is really installed, the data will be easily stolen with a malware virus.

That's a good catch for exposing a scam like this to the public so it's an example to avoid.

CryptoYar

hero member

Activity: 1064

Merit: 635

I remember a few months back, I received a similar email, I was asked to visit a website to claim xlm coins. [^{Just like this website.}]
However, I downloaded it and scanned at Virustotal before installing it, it was a malware. I can say with certainty that this is the same group every time they send an email with different domains.

~~@witcher_sense Did you also receive this through email? Or you have found some other way.~~

*Edit*
Sorry, I had not seen it.

Quote

Recently I recieved two emails at once from "HitBTC Support" and "HitBTC Info", which was obviously a fake, but I wonder
why scammer chose that scam exchange to promote fake website and airdrops. Doesn't look very attractive.
Proof:

ScamViruS

hero member

Activity: 1694

Merit: 719

Top Crypto Casino

I also received this fake giveway email. When I started checking their activities, I saw that they were trying to attack through Malware. Those who are tempted to download and install this app, their entire system may fall under the control of scammers. I checked their app and the VirusTotal showing that malware exists in this app.

VirusTotal: https://www.virustotal.com/gui/url/2cdc7e86a6934509561602491e375cd697eba72c492fe230dfd211ac3b45b87a/detection

witcher_sense

legendary

Activity: 2310

Merit: 4313

🔐BitcoinMessage.Tools🔑

What happened: Fake/malicious website

ANN: not listed here yet

Scammers Website:

Code:

https://official-stellar.com/

http://web.archive.org/web/20200730150244/https://xn--sellar-ilb.com/
https://archive.is/wLVEu

Quote

Domain Name: OFFICIAL-STELLAR.COM
Registry Domain ID: 2555371346_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.registrar.eu
Registrar URL: http://www.openprovider.com
Updated Date: 2020-08-24T20:59:19Z
Creation Date: 2020-08-24T20:52:14Z
Registry Expiry Date: 2021-08-24T20:52:14Z

Recently I recieved two emails at once from "HitBTC Support" and "HitBTC Info", which was obviously a fake, but I wonder
why scammer chose that scam exchange to promote fake website and airdrops. Doesn't look very attractive.
Proof: https://bitcointalksearch.org/topic/m.52162889

According to whois, website is only two days-old and impersonating official stellar.org albeit it doesn't look similar to official one.

In order to "claim" your free 2500 XLM, you need to download some malicious software (Windows only Grin

).
VirusTotal didn't find anything red in that file, but I believe this software is somehow trying to steal private keys or something like that.

Either way, it is a scam and should be avoided at all costs. Be careful.

Topic: [WARNING][SCAM]Fake Stellar airdrop from fake HitBTC accounts (Read 149 times)