At the Internet Storm Center, we regularly get malware and fraudulent emails including Bitcoin addresses. Like the extortion emails including leaked passwords. And we often search online for these Bitcoin addresses, to see what else we can find. Recently, with the "bomb extortion" emails, I was looking up Bitcoin addresses and came accross a site called "Bitcoin Abuse Database". It's a repository of Bitcoin addresses that are used for scams and fraud. For example, here is the report for Bitcoin address 1LeReNiUgHNXvvR8TpgQG1b5nzqoKeUxDY. It looks like a great resource to lookup Bitcoin addresses, and report on addresses used for scams and fraud, although I don't know who is behind this initiative. Do you know similar resources? Please post a comment.
Didier Stevens |
DidierStevens 522 Posts ISC Handler Dec 26th 2018 |
Thread locked Subscribe |
Dec 26th 2018 2 years ago |
Closed source intel from places like Neutrino and Chainalysis are handy...but pricey.
|
Anonymous |
Quote |
Dec 26th 2018 2 years ago |
If you receive what appears to be a targeted threat, append the bitcoin address to the end as shown here: https://www.blockchain.com/btc/address/1LeReNiUgHNXvvR8TpgQG1b5nzqoKeUxDY
You'll see that there's already been one transaction, which means the same bitcoin address is being used for everyone receiving the email which means there's no way the criminal knows who has paid and who hasn't paid. If it hasn't been reported yet per the article you now have another method to see if it's targeted to you specifically. |
Anonymous |
Quote |
Dec 27th 2018 2 years ago |
Not sure if you saw this one or not >> https://www.sans.org/webcasts/109645?utm_medium=Social&utm_source=Twitter&utm_content=Kirby+Plessas+Webcast&utm_campaign=Open-Source+Intelligence+Summit+Training+2019
https://twitter.com/kirbstr/status/1074735409223983104 Enjoy :D |
Anonymous |
Quote |
Dec 27th 2018 2 years ago |
Today, I received the following extortion attempt, complete with bad punctuation, and a BITCOIN identifier.
------------- Hi... . I run a website in the deep web,I perform all sorts of services - in the main it is destruction to property and harm.In the main,all but the murder.Often main reasons are unrequited love or competition at bussiness.This month he contacted me and gave me the order of pour out acid in your visage.Standard task - quickly,painfully,for life.Without too much fuss.I get receive only after finishing the task.Thus, now I offer you pay me to be inactive,I propose this to nearly all the victims.If I do not see money from you, then my man will fulfill the task.If you transfer me money,in addition to my inaction,I will provide you the info that I have about the client.After finishing the order, I always lose the performer,so I have an option,to get $1500 from you for information about the customer and my inaction,or to receive $ 5000 from the customer,but with a high probability of spending the performer. I’m getting money in btc,its my Bitcoin address - 15UFZdE9vRjtyKbLteV4B3U9QSTpEuJoxc The sum I indicated above... 24 hours to transfer, and remember that time is beating... . __________________________________________________________ Checking: https://www.blockchain.com/btc/address/15UFZdE9vRjtyKbLteV4B3U9QSTpEuJoxc gives "zero transactions". So far. |
Anonymous |
Quote |
Dec 30th 2018 2 years ago |
Another good resource to look up Bitcoin addresses used in spam/extorsion is https://bitcoinwhoswho.com/
|
Thomas 1 Posts |
Quote |
Jan 2nd 2019 2 years ago |
This Tweet https://twitter.com/videah_/status/1080977519191486464 refers to oxt.me as an additional Bitcoin research source.
|
Anonymous |
Quote |
Jan 4th 2019 2 years ago |
Sign Up for Free or Log In to start participating in the conversation!