Bitcoin "Blocklists"

Bitcoin "Blocklists"
At the Internet Storm Center, we regularly get malware and fraudulent emails including Bitcoin addresses. Like the extortion emails including leaked passwords. And we often search online for these Bitcoin addresses, to see what else we can find. Recently, with the "bomb extortion" emails, I was looking up Bitcoin addresses and came accross a site called "Bitcoin Abuse Database". It's a repository of Bitcoin addresses that are used for scams and fraud. For example, here is the report for Bitcoin address 1LeReNiUgHNXvvR8TpgQG1b5nzqoKeUxDY. It looks like a great resource to lookup Bitcoin addresses, and report on addresses used for scams and fraud, although I don't know who is behind this initiative. Do you know similar resources? Please post a comment. Didier Stevens Senior handler Microsoft MVP blog.DidierStevens.com DidierStevensLabs.com	DidierStevens 522 Posts ISC Handler Dec 26th 2018
Thread locked Subscribe	Dec 26th 2018 2 years ago
Closed source intel from places like Neutrino and Chainalysis are handy...but pricey.	Anonymous
Quote	Dec 26th 2018 2 years ago
If you receive what appears to be a targeted threat, append the bitcoin address to the end as shown here: https://www.blockchain.com/btc/address/1LeReNiUgHNXvvR8TpgQG1b5nzqoKeUxDY You'll see that there's already been one transaction, which means the same bitcoin address is being used for everyone receiving the email which means there's no way the criminal knows who has paid and who hasn't paid. If it hasn't been reported yet per the article you now have another method to see if it's targeted to you specifically.	Anonymous
Quote	Dec 27th 2018 2 years ago
Not sure if you saw this one or not >> https://www.sans.org/webcasts/109645?utm_medium=Social&utm_source=Twitter&utm_content=Kirby+Plessas+Webcast&utm_campaign=Open-Source+Intelligence+Summit+Training+2019 https://twitter.com/kirbstr/status/1074735409223983104 Enjoy :D	Anonymous
Quote	Dec 27th 2018 2 years ago
Today, I received the following extortion attempt, complete with bad punctuation, and a BITCOIN identifier. ------------- Hi... . I run a website in the deep web,I perform all sorts of services - in the main it is destruction to property and harm.In the main,all but the murder.Often main reasons are unrequited love or competition at bussiness.This month he contacted me and gave me the order of pour out acid in your visage.Standard task - quickly,painfully,for life.Without too much fuss.I get receive only after finishing the task.Thus, now I offer you pay me to be inactive,I propose this to nearly all the victims.If I do not see money from you, then my man will fulfill the task.If you transfer me money,in addition to my inaction,I will provide you the info that I have about the client.After finishing the order, I always lose the performer,so I have an option,to get $1500 from you for information about the customer and my inaction,or to receive $ 5000 from the customer,but with a high probability of spending the performer. I’m getting money in btc,its my Bitcoin address - 15UFZdE9vRjtyKbLteV4B3U9QSTpEuJoxc The sum I indicated above... 24 hours to transfer, and remember that time is beating... . __________________________________________________________ Checking: https://www.blockchain.com/btc/address/15UFZdE9vRjtyKbLteV4B3U9QSTpEuJoxc gives "zero transactions". So far.	Anonymous
Quote	Dec 30th 2018 2 years ago
Another good resource to look up Bitcoin addresses used in spam/extorsion is https://bitcoinwhoswho.com/	Thomas 1 Posts
Quote	Jan 2nd 2019 2 years ago
This Tweet https://twitter.com/videah_/status/1080977519191486464 refers to oxt.me as an additional Bitcoin research source.	Anonymous
Quote	Jan 4th 2019 2 years ago