vendor-locktime-tx.xlsx - Did somebody researched this file?

It's strange that almost nobody write about this matter. It was super suspicious when Hansa changed this file type from *.txt to *.xlsx Did somebody researched this file? I don't have such knowledge in reverse engineering, etc... I have opened(protected view) my file in secure burner environment and Wireshark running, didn't see any suspicious connections, but I was new vendor with low sales and I was not selling drugs, maybe I was not target.


Comments


[1 Points] AutoModerator:

Because you are using a brand new account, your submission has been automatically hidden from public view and is awaiting moderator approval.

If this message disappears, you will know your post has been approved.

If it doesn't disappear and you are not given a reason for your submission's removal within 24 hours, you can try reposting your thread. Accounts must be at least 7 days old to post unrestricted on /r/DarkNetMarkets.

Please see this modpost for more information and make sure to read the rules of our subreddit. If you are new to this community, please check out /r/DarkNetMarketsNoobs to get started on your journey.

I am a bot, and this action was performed automatically. Please contact the moderators of this subreddit if you have any questions or concerns.


[1 Points] snugglelufugus:

Really though, the krebs interview with one of the investigators mentioned they socially engineered vendors into running some sort of script, my guess is this is what he was referring to. The sort of sitewide js attack they used on the pedo sites only shows that you accessed the site, though it is possible that a TBB users on windows could have recieved a trojan and had their computers scanned revealing everything.

Though youd have to ask if they had a decent zero day attack, or even a js attack that they wouldnt have resorted to some lame vbs script inside an spreadsheet.

Grandwizard vendor says he has a xslx and didnt see any vbs scripts but doesnt mean it isnt in there, he runs mac.