Checking on a bitcoin scamsite...

Avast WEBforum »
Other »
Viruses and worms (Moderators: Maxx_original, misak) »
Checking on a bitcoin scamsite...

« previous next »

Print

Pages: [1] Go Down

Author Topic: Checking on a bitcoin scamsite... (Read 1159 times)

0 Members and 1 Guest are viewing this topic.

polonus

Avast Überevangelist
Probably Bot
Posts: 33897
malware fighter

Checking on a bitcoin scamsite...

« on: October 06, 2017, 08:35:36 PM »

Where we found it? In tghis respitory: http://www.badbitcoin.org/thebadlist/

Re: No detection: https://urlquery.net/report/b1dd45cd-798b-45b5-9b94-9422af656919

Redirection given: https://aw-snap.info/file-viewer/?protocol=not-secure&tgt=amazingfive.website&ref_sel=GSP2&ua_sel=ff&fs=1

In vain checked here: http://www.scamfoo.com/site/amazingfive.website/ (Is the scanner a scam by itself?).

On the redirect: http://ljive.com/domain/satoshibox.com

This looks a better scanner: https://www.scamadviser.com/check-website/amazingfive.website

polonus

Logged

Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

polonus

Avast Überevangelist
Probably Bot
Posts: 33897
malware fighter

Re: Checking on a bitcoin scamsite...

« Reply #1 on: January 05, 2018, 12:51:39 AM »

Has avast flagged this Jsecoin Browser Miner M2 website?
See: http://urlquery.net/report/aedfe20a-04b5-4d6d-b710-7fd780c58509
Not flagged here: https://www.virustotal.com/#/domain/bitcoin-earning.club
IP badness report: https://www.threatminer.org/host.php?q=85.119.157.87

Also consider: https://urlquery.net/report/950155ff-c4c4-4129-a227-e45e466cef98

This should be blocked

Quote

-googleads dot g dot doubleclick dot net/pagead/viewthroughconversion/994059797/?random=1507034345355&cv=8&fst=1507034345355&num=1&fmt=3&guid=ON&eid=376635470&h=885&w=1176&ah=855&aw=1176&cd=24&his=1&tz=120&java=true&nplug=10&nmime=92&frm=0&url=hXtps:/jsecoin dot com/&tiba=JSEcoin

blocked url by dots and hxtpsby me, pol

polonus

Logged

Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

polonus

Avast Überevangelist
Probably Bot
Posts: 33897
malware fighter

Re: Checking on a bitcoin scamsite...and a load of other insecurity!

« Reply #2 on: January 19, 2018, 02:33:28 PM »

Update crypto mining script detected here: http://urlquery.net/report/dda3126c-87cf-46b7-95f6-20f3956b87b2
Flagged as suspicious by Google Safebrowsing: Suspicious URLs found in: hxtp://coolcuppycake.com/identifiant/freemobile/login/

1: hxxp://siteverification·online/lib/info·js
2: hxxp://siteverification·online/

Also see the mal-script in line 68,69 and 70: https://aw-snap.info/file-viewer/?protocol=not-secure&tgt=coolcuppycake.com%2Fidentifiant%2Ffreemobile%2Flogin%2F&ref_sel=GSP2&ua_sel=ff&fs=1

Magento site hacked. Indeed given as a high risk site: https://www.magereport.com/scan/?s=http://coolcuppycake.com/

various security patches have not been installed - is this site being blocked by avast? Do not go there!

polonus (volunteer website security analyst and website error-hunter)

Logged

Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Print

Pages: [1] Go Up

« previous next »

Avast WEBforum »
Other »
Viruses and worms (Moderators: Maxx_original, misak) »
Checking on a bitcoin scamsite...

SMF 2.0.18 | SMF © 2015, Simple Machines
XHTML
RSS
WAP2

Page created in 0.047 seconds with 20 queries.