Hey all! There's (what looks like) an active Tor phishing operation located at http://torbundleproject (dot) org . I believe this is related to black market scammer.
They're offering up a slightly old version of the TBB, but I can't find a list of the old signatures on the Tor website to compare with. Can anybody diff the files 'torbrowser-install-3.6.1_en-US.exe' to see what's going on here? R PS - Just signed up for this list - can you PLEASE do something about mailman emailing me my own password in plaintext upon sign up? JFC.. For the lazy.. $whois torbundleproject.org Domain Name:TORBUNDLEPROJECT.ORG Domain ID: D172721659-LROR Creation Date: 2014-05-28T20:50:39Z Updated Date: 2014-06-23T20:09:22Z Registry Expiry Date: 2015-05-28T20:50:39Z Sponsoring Registrar:PDR Ltd. d/b/a PublicDomainRegistry.com (R27-LROR) Sponsoring Registrar IANA ID: 303 WHOIS Server: Referral URL: Domain Status: clientTransferProhibited Domain Status: serverTransferProhibited Registrant ID:DI_36617197 Registrant Name:Bobby Jones Registrant Organization:Tor Project Registrant Street: 432 Garden Street Registrant City:Beverly Hills Registrant State/Province:CA Registrant Postal Code:90210 Registrant Country:US Registrant Phone:+1.9843982938 Registrant Phone Ext: Registrant Fax: Registrant Fax Ext: Registrant Email:sr2ad...@safe-mail.net Admin ID:DI_36617197 Admin Name:Bobby Jones Admin Organization:Tor Project Admin Street: 432 Garden Street Admin City:Beverly Hills Admin State/Province:CA Admin Postal Code:90210 Admin Country:US Admin Phone:+1.9843982938 Admin Phone Ext: Admin Fax: Admin Fax Ext: Admin Email:sr2ad...@safe-mail.net Tech ID:DI_36617197 Tech Name:Bobby Jones Tech Organization:Tor Project Tech Street: 432 Garden Street Tech City:Beverly Hills Tech State/Province:CA Tech Postal Code:90210 Tech Country:US Tech Phone:+1.9843982938 Tech Phone Ext: Tech Fax: Tech Fax Ext: Tech Email:sr2ad...@safe-mail.net Name Server:NS4.ITITCH.COM Name Server:NS3.ITITCH.COM Name Server:NS2.ITITCH.COM Name Server:NS1.ITITCH.COM Name Server: Name Server: Name Server: Name Server: Name Server: Name Server: Name Server: Name Server: Name Server: DNSSEC:Unsigned -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
