MalwarePat

Testing CPU Usage on KissAnime with several Adblock/Anti-tracking extensions in Google Chrome            

Environment: Windows 7 Ultimate x64 4GB RAM 1 Processor/Core (Virtualized in VMware Workstation)

Web Browser: Google Chrome Tried Extensions: -uBlock Origin -Ghostery -Privacy Badger

Post on my blog about this (basically the same thing I added to this post): https://malwarepat.tumblr.com/post/168650929622/testing-cpu-usage-on-kissanime-with-several

This post will contain details on my investigation into the Tumblr “Bitcoin” message fiasco. 

Bitcoin Wallets Mentioned

—–

Posts on my blog tagged “tumblr btc scam”

Help the Investigation:

If you receive one of these messages, please submit a screenshot of the message to https://malwarepat-btc.tumblr.com/submit.  It’ll help me to see the scope of what people are getting.  

I don’t know if anyone has impersonated me yet, but considering @goattrain just told me he got a message from one of his long time followers I’m putting this here anyway:  I would never ask anyone to send me bitcoins, or randomly send anyone a message asking for donations either for that matter. So if you see one of these messages, please don’t send them any money and let me know.

Hello all, I’m just a friendly white hat looking to understand where the “bitcoin” messages are coming from and who is behind them.  If you receive one of these messages, please submit a screenshot of the message to https://malwarepat-btc.tumblr.com/submit.  It’ll help me to see the scope of what people are getting.  

Thanks!

There seems to be a virus or some sort of malware going around causing blogs to “send out” chat messages to blogs that they follow asking for help with the purchase of certain items through donations of seemingly small amounts using bitcoin and adds a link to the message.

The message goes as following (at least the first message I got went like this): “Hi there buddy. I need help, I’m trying to buy a laptop and I can’t afford it. I’m about 0.36$ short, and I’d really appreciate if you could help me and transfer some money to me via bitcoin using this *link*.”

The small details in the message seems to have a few variations with the greeting, amount and purchased item showing up in different variations from formal to friendly, from 0.016 to 2$ and from a phone case to a laptop among others.

The blogs that are affected send out the messages to blogs that they follow for a long time mostly, so you are most likely to receive the message from a long time, active follower whose name you might recognize or a mutual etc. The blogs that are affected are not spam bots but actual active followers who follow the recipient for months or years and most likely the blogger who “sent” the message is unaware of the message being sent.

DO NOT OPEN THE LINK.

Opening up the link will cause the virus to spread even more and infect your computer/mobile with any sort of malware.

Hello all, I’m just a friendly white hat looking to understand where the “bitcoin” messages are coming from and who is behind them.  If you receive one of these messages, please submit a screenshot of the message to https://malwarepat-btc.tumblr.com/submit.  It’ll help me to see the scope of what people are getting.  

Thanks!

There seems to be a virus or some sort of malware going around causing blogs to “send out” chat messages to blogs that they follow asking for help with the purchase of certain items through donations of seemingly small amounts using bitcoin and adds a link to the message.

The message goes as following (at least the first message I got went like this): “Hi there buddy. I need help, I’m trying to buy a laptop and I can’t afford it. I’m about 0.36$ short, and I’d really appreciate if you could help me and transfer some money to me via bitcoin using this *link*.”

The small details in the message seems to have a few variations with the greeting, amount and purchased item showing up in different variations from formal to friendly, from 0.016 to 2$ and from a phone case to a laptop among others.

The blogs that are affected send out the messages to blogs that they follow for a long time mostly, so you are most likely to receive the message from a long time, active follower whose name you might recognize or a mutual etc. The blogs that are affected are not spam bots but actual active followers who follow the recipient for months or years and most likely the blogger who “sent” the message is unaware of the message being sent.

DO NOT OPEN THE LINK.

Opening up the link will cause the virus to spread even more and infect your computer/mobile with any sort of malware.

If you have received a message of that sort from this blog please know that it was not sent by me or within my control and ignore/delete the message without clicking the link.

Edit:

To those worried because they received a message with a wallet code instead of a l8nk, there’s nothing to worry about. Tge wallet code is essentially tge equivalent of a bank account number. So unless you actually go and actively transfer from your wallet to theurs you’re safe. Opening the messages themselves is harmless.

The best way to know if you were affected is to simply go into messages and see if you sent a message like that to anyone, it will appear in the chat.

Hello all, I’m just a friendly white hat looking to understand where the “bitcoin” messages are coming from and who is behind them.  If you receive one of these messages, please submit a screenshot of the message to https://malwarepat-btc.tumblr.com/submit.  It’ll help me to see the scope of what people are getting.  

Thanks!