Need your Mt. Gox bitcoins back? Steer clear of this website

A suspicious website tries to get people to download what is likely a bogus version of Flash player

A spam campaign is targeting those who lost bitcoins with the shutdown of the Tokyo-based bitcoin exchange Mt. Gox.

A spam campaign is targeting those who lost bitcoins with the shutdown of the Tokyo-based bitcoin exchange Mt. Gox.

Empty-handed customers of bankrupt bitcoin exchange Mt. Gox are being targeted in a ploy likely intended to distributed malware.

A spam message with the awkward phrase "Mt. Gox return to customers the bitcoins" in the subject line has been seen circulating, according to a Reddit user.

The bait targets the hundreds of thousands Mt. Gox customers locked out of their accounts when the company said 750,000 customer bitcoins, plus 100,000 of its own, disappeared, likely due to fraud. The company filed for bankruptcy in Tokyo District Court on Friday, leaving customers in a limbo.

The message includes a link to a website that clones the format of The Wall Street Journal although the domain name doesn't try to spoof the publication. The Web page shows a video box with a prompt to install Adobe System's Flash Player.

Fake versions of Flash Player have long been used by hackers, who hope victims will install whatever substitute program they're offering.

"Sites offering a faint ray of hope in the form of 'Mt. Gox is going to fix it all and please install this file, thanks' could well add more misery to an already considerable pile," wrote Chris Boyd, a malware intelligence analyst with Malwarebytes, who took at look at the site. "As always, steer clear."

Although Malwarebytes hasn't done a full analysis of the file behind the Flash Player facade, Boyd wrote a ".rar" file is downloaded.

"The infection rate for this one may end up being quite low, as one would imagine that anybody versed in the art of bitcoins is not likely to bother unzipping a .rar file to extract some random files," Boyd wrote.

Send news tips and comments to jeremy_kirk@idg.com. Follow me on Twitter: @jeremy_kirk

Join the Computerworld newsletter!

Error: Please check your email address.

Tags securityDesktop securityMalwarebytesdata protectionmalware

More about Adobe SystemsMalwarebytesWall Street

Comments

Comments are now closed

Updated: AWS investigates CloudFront problems

READ THIS ARTICLE
DO NOT SHOW THIS BOX AGAIN [ x ]