Abuse to Bitcoin address
3JvBvRuBfYvB6MjzMornj9EQpxhq9W7vXP

« previous address
File Abuse Complaint Add Tag and Link Sign Message
next address »

clipboard virus

Abuser: MotasemBT, Activator.exe

I downloaded an alleged crack of software called Passper for PDF from The Pirate Bay, which was uploaded by user called MotasemBT. https://thepiratebay.party/torrent/57638901/Passper_for_PDF_3.6.2.3_Multilingual___crack Inside is crack.zip, which contains a malicious file called Activator.exe. I ran the program, clicked PATCH, which appeared to do nothing. I gave up and moved on to other tasks. The next day (today) I pasted a BTC address that I immediately recognized as NOT the one I copied. I opened my clipboard manager, and sure enough, a hidden Powershell process replaced the address I copied, hoping I wouldn't see the difference. This has happened before; I lost $500 in crypto from an attempted transfer because I didn't notice the address difference when I pasted. This time I caught it right away. You can find exactly what the malicious program does and how to undo the damage here: https://gist.github.com/infernoboy/cf114fda56ff3706478e0d1e6a1a1b27?permalink_comment_id=4140687#gistcomment-4140687 1. A task was created under Microsoft > Windows > NetService > Network that is spawning PowerShell. You can safely delete the entire NetService folder, as it was also created by the malware. 2. Delete a fake log file that it created where it hides the script: C:\Windows\logs\system-logs.txt 3. It also replaces the contents of C:\Windows\System32\SyncAppvPublishingServer.vbs with its own version. A copy from a clean install of Windows 11 (works for Windows 10 as well) can be found here: https://gist.github.com/infernoboy/7cc1fe26e647dd08e6e63a201cb38e27

United States flag United States, 2022-04-21 23:28:28

Bitcoin tumbler

Abuser: Fx_murphy

I just recovered all my stolen bitcoins a total of 2.7 BTC free of charge through the help of Mrs. Lucia Hills... Are you a bitcoin scam victim? Did you lost your money to bitcoin scammers online? .. To recover all your lost money kindly contact Mrs Lucia Hills through her Email on [email protected] or text her on her number +17722284411 and via WhatsApp ‪ ‪+1 (408) 676‑9108‬‬. She’s really wonderful and legit

Netherlands flag Netherlands, 2022-04-22 13:58:17

paste hack

Abuser: Unknown.

Same story as the guy below, I don't know what application I have that caused my computer to be infected (I don't have the one he mentioned). I double checked and same deal, I have a task scheduler process going on startup that points to a script that does this silently. Basically I copy my legit BTC address, and then when I paste it's this one. I unfortunately didn't notice. $500ish gone now, but I will know to check more closely in the future.

Canada flag Canada, 2022-04-22 15:18:45

Ransomware

Abuser: Ransomware

I lost over 2.3 BTC on telegram / investment bitcoin scam. Right about 2 weeks after my ordeal with them I tried using the recommendation from someone on one of the comment section . I was able to get all my money back in less than 48 hours. Contact ( https://t.ly/compensation ) to recover all your stolen bitcoins free of charge

United Kingdom flag United Kingdom, 2022-04-23 05:35:33