[tor-talk] Tor Phishing in the Wild // Old Sigs
Rich Jones
rich at openwatch.net
Tue Jun 24 17:54:28 UTC 2014
Hey all!
There's (what looks like) an active Tor phishing operation located at
http://torbundleproject (dot) org . I believe this is related to black
market scammer.
They're offering up a slightly old version of the TBB, but I can't find a
list of the old signatures on the Tor website to compare with. Can anybody
diff the files 'torbrowser-install-3.6.1_en-US.exe' to see what's going on
here?
R
PS - Just signed up for this list - can you PLEASE do something about
mailman emailing me my own password in plaintext upon sign up? JFC..
For the lazy..
$whois torbundleproject.org
Domain Name:TORBUNDLEPROJECT.ORG
Domain ID: D172721659-LROR
Creation Date: 2014-05-28T20:50:39Z
Updated Date: 2014-06-23T20:09:22Z
Registry Expiry Date: 2015-05-28T20:50:39Z
Sponsoring Registrar:PDR Ltd. d/b/a PublicDomainRegistry.com (R27-LROR)
Sponsoring Registrar IANA ID: 303
WHOIS Server:
Referral URL:
Domain Status: clientTransferProhibited
Domain Status: serverTransferProhibited
Registrant ID:DI_36617197
Registrant Name:Bobby Jones
Registrant Organization:Tor Project
Registrant Street: 432 Garden Street
Registrant City:Beverly Hills
Registrant State/Province:CA
Registrant Postal Code:90210
Registrant Country:US
Registrant Phone:+1.9843982938
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email:sr2admin at safe-mail.net
Admin ID:DI_36617197
Admin Name:Bobby Jones
Admin Organization:Tor Project
Admin Street: 432 Garden Street
Admin City:Beverly Hills
Admin State/Province:CA
Admin Postal Code:90210
Admin Country:US
Admin Phone:+1.9843982938
Admin Phone Ext:
Admin Fax:
Admin Fax Ext:
Admin Email:sr2admin at safe-mail.net
Tech ID:DI_36617197
Tech Name:Bobby Jones
Tech Organization:Tor Project
Tech Street: 432 Garden Street
Tech City:Beverly Hills
Tech State/Province:CA
Tech Postal Code:90210
Tech Country:US
Tech Phone:+1.9843982938
Tech Phone Ext:
Tech Fax:
Tech Fax Ext:
Tech Email:sr2admin at safe-mail.net
Name Server:NS4.ITITCH.COM
Name Server:NS3.ITITCH.COM
Name Server:NS2.ITITCH.COM
Name Server:NS1.ITITCH.COM
Name Server:
Name Server:
Name Server:
Name Server:
Name Server:
Name Server:
Name Server:
Name Server:
Name Server:
DNSSEC:Unsigned
More information about the tor-talk
mailing list