2x Bitcoin scam – The magic application.

People still want to believe that the money are made easy with some application and without doing anything.
Click a button and you get money.
This weakness is exploited every day.
Here is a program that promises to double the profit by pressing that magic button.



To become credible, a demonstration video is a good way.
To become super credible, you make some false accounts and comment on your post.
This is a part of social engineering and works.

At one point, he changed his name, seeing he had potential victims in many countries.

Let’s see the application.

MD5: 19d6d6f312ec00998d379eec9fe21aa9

SHA-1: a5d27b1cf43cb5dcd7feeea279b70588c5910e12

*the -1 is mine! lol

It has a certain detection but insignificant.
The application does not steal, has no backdoor …
It is created by:
…looks like it’s his real name..
(his first name in the account is another … it seems to start with an M.)
As the application configuration looks like, it seems that the users who use it,are sending the bitcoin to an address added by the programmer.

After sending, they still expect someone to send them the double amount, but they will wait a lot and without success.
And let’s not forget … this is version 6.1!?!
We could continue because he still has some programs with such schemes, but time is limited!
In conclusion … I hope that Internet users will be more careful, do not believe in the wonders promised by the unknown!

Remember:
When something is free, you are not the customer but the product!

Have fun & Stay safe!!!

http://www.prodefence.org/bitcoin-scam-the-magic-application/

Fake bitcoin wallet stealer – Silent miner backdoor – Reverse

I found another backdoored software. This was made for thouse who want to become hackers… or to make some easy money.
Founded on Youtube.com with a search ”Bitcoin stealer”.
How to use it… the uploader helps you.

• Senha: Techup
• Desativar Antivirus (Claro, se trata de um hack)
• Chave
• Servidor de Ligação
• Adicionar a sua carteira
• Use Proxy
• Aceite os termos
• Verifique se o programa está atualizado

• Password: Techup
• Disable Antivirus (Of course, this is a hack)
• Key
• Connection Server
• Add to your wallet
• Use Proxy
• Accept the terms
• Make sure the program is up to date

All you have to do is to download it, run it and you become a rich guy…
We will not double click the .exe file…( it looks like a .exe).. or better say this SFX rar archive?!?
Let’s see something about the archive with richt click and propreties!
I dont like this SILENT=1. LOL If we dont run the ”.exe”, the backdoor will not run in the background, so let’s Extract it … and surprise.. there are more then one file, including the backdoor files.

winhlp32.exe

Isass.exe

After reversing the backdoor files i found this:

C:/Users/user/Documents/projects/minergate.app/sources/cudaminer/src/cuda_cryptonight_core.cu

… so what about this minergate?!?
With this lovely usage:

Usage:
minergate-cli [-version] -user <email> [-proxy <url>] -<currency> <threads> [<gpu intensity>] [-<currency> <threads> [<gpu intensity>] …] [-o <pool> -u <login> [-t <threads>] [-i <gpu intensity>]]

And so many options:

Options:
-user account email from minergate.com
proxy server URL. Supports only socks protocols (for example: socks://192.168.0.1:1080
possible values: bcn xmr qcn xdn fcn mcn aeon dsh inf8 <mm_cc>+bcn <mm_cc>+xmr <mm_cc>+qcn <mm_cc>+xdn <mm_cc>+aeon <mm_cc>+dsh. Where <mm_cc> is fcn or mcn
threads count for specified currency
GPU mining intensity (NVidia only) (values range: 1..4. Recommended: 2)
mining pool URL
mining pool login
CPU threads count
GPU mining intensity

Conecting to: h**ps://minergate.com
It seems that we have a nice backdoored software.
After you will run it.. in the backgound a silent miner will be instaled on your computer and in front of you will apare a nice error like this:

Blockchain Wallet Stealer 2017\message.vbs
x=msgbox(“Hardware is not compatible, try on another PC or restart and run with disabled antivirus.”, 0+16, “Error“)

If you dont understand, you will download this software, after the first run will appear a error message and it will not work, but in underground you will have already instaled a virus.
This time the virus is a Silent Miner, that will use your computer to work for some hacker and this will help hit to make some bitcoins.

The Youtube channel Teck up has more videos like this one .. and all of them are with this backdoor.

Have fun & Stay safe!!!

The Pirate Bay Caught Secretly Running Cryptocurrency Miner Again

In September 2017, we reported that The Pirate Bay (TPB) was running a cryptocurrency miner provided by CoinHive. The code used visitor’s CPU bandwidth to generate Monero digital coins without informing them or allowing them to Opt-In or Opt-Out.
In reply, TPB claimed, “the miner is being tested for a short period (~24 hours) as a new way to generate revenue.”

Another one

But now, another researcher has revealed that TPB is using yet another cryptocurrency miner to generate Monero digital coins without alerting users or providing them options to allow the site to use their CPU bandwidth or not.
According to Nic Carter, a financial and digital currency specialist, The Pirate Bay is mining Monero using crypto-loot, a new software that offers similar services as CoinHive. “The Pirate Bay is mining Monero in user’s browsers again, this time using crypto-loot (12% rake) rather than coinhive (30% rake),” tweeted Carter.

CloudFlare is booting off such sites

Remember, last week CloudFlare booted off a torrent website ProxyBunker for secretly using cryptocurrency miner. In their reply to ProxyBunker, CloudFlare stated that “Coinhive mining code without notifying users. … We consider this to be malware, and as such, the account was suspended, and all domains removed from CloudFlare.”
However, since The Pirate Bay also uses CloudFlare’s DDoS protection, it could be a matter of time before the firm decides to boot off the site for mining digital currency without informing users.
“They’re doing it without informing users, a violation of CloudFlare’s TOS. Could see this escalated into a serious wrangle with CloudFlare,” Carter further explained.

Who else was caught doing it?

Currently, the trend of using cryptocurrency miners is increasing; therefore, a number of websites are signing up for the code. However, two domains owned by CBS Corporation’s premium cable network Showtime were also caught mining cryptocoins without notifying users.
Although a rare practice, if adopted widely on a long-term basis it might replace ads for good as advertisements can be malicious and annoying at times. However, the fact that it hijacks computers for crypto mining is deeply concerning for users, therefore, website owners should allow users to choose whether they want the site to use their CPU for mining or not.
Here is an example screenshot HackRead was able to grab showing what it looks like when a site decides to inform users about mining cryptocurrency:

If you know a site secretly using cryptocurrency miner share with us in the comment section.



Πηγή : hackread

New bitcoin transaction scam!

Payments made by mistake on your account are already known as scams.
In this case I received an email saying that someone sent me bitcoins to my address and should check my account.
0.54798743 BTC = 1.830 EUR ... well... I do not think it bothers such a mistake..

Let's star: 

1.What does transmitel.com have to do with bitcoin transactions?

Transmite.com- Security systems - Barcelona Owned by TRANSMITEL S.L. 

2.Email was sent to 6 addresses, so 6 wrong transactions?

 

 

All the hyperlinks have a hidden secret.

See it? Blockchain.com has become Blockchlain.info!
So.. when you will try to go on blockchain page for login.... you will do it on a diffrent page.
Do not worry, the website is already closed!
 

The consequences are understandable.
If you log in, someone will be in possession of your data and possibly your account.

Have fun & Stay safe!

[2017] Best Bitcoin Doubler x2 100% (with Proofs) – Scam

Surce: Youtube
Search: bitcoin doubler
Source Link: watch?v=VDgrGJCZZPE




Here we have the proof of working bitcoin doubler, but… DO NOT try to double your bitcoins!
In the youtube video description will find the link for this super website: cryptuse.com



There we see crazy information about ”secure” transactions, deposits, investments… and more!
After the payment you just have to wait…. 100 Years!


Let me show you where is the problem!
Google search: bitcoin doubler script

So… everything is fake!!
The owner will take your bitcoin and nothing else will happen.
Ponzi Scheme Scam
Avoid getting scammed. Huge list of Bitcoin scams and scammers. Report a scam here and browse Bitcoin scammer listings.

Scam definition:

A fraudulent scheme performed by a dishonest individual, group, or company in an attempt obtain money or something else of value. Scams traditionally resided in confidence tricks, where an individual would misrepresent themselves as someone with skill or authority, i.e. a doctor, lawyer, investor. After the internet became widely used, new forms of scams emerged such as lottery scams, scam baiting, email spoofing, phishing, or request for helps. These are considered to be email fraud. Also see phishing, scheme.

Stay safe and DO NOT trust everything you see on the Internet!!!

Source : Cyber security news & tools

How to become a slave miner for bitcoins!

This is another video about a hacking tool.The story is simple. If you  want to become rich… just open this tool and everything will be just fine for you.

But the truth it is in backgound.
If you will open the program, something will be instaled in your pc and it will be used to work for someone else.
If you know how bitcoin minering it’s working… you will understand.
So we have a link for downloading the hacking program. There we found a .rar archive with one file after extract.

Until now everything seems ok!

Let’s see the application!
Wait! There it’s something else hidded.
The application it’s a SFX RAR Archive with 14 files on it? OK!!!
Let’s see the comment….

• Path=%homedrive%\Windows\SysWOW64\drivers\UMDF
• Setup=keys.exe
• Setup=svchost.exe
• Setup=snmptrap.exe
• Silent=1
• Overwrite=2

Interesting!
In this case i will not double click on it!
Then i will extract it like a .rar archive.

Do you remember the 14 files?
All of them are hidden!
You will find on Google how to unhidde all the files on your pc!

Playing with the applications, i found something interesting.
Something about minergate, login, pool, gpu intensity…. hmmm.
This it’s look like bitcoin minering!!!

Ooooo… I see now!!!

When the applications work it’s done… your pc will become a slave for some guy!!
A slave ready to work when the master sends his command.
*And the guy is spanish… see the .rar comment ”;O comentário abaixo contém comando de sequencia SFX” !  lol

 Stay safe!!!

Alex Anghelus

Source: Cyber security news & tools