Despite the hack lasting under 24 hours, the orchestrators apparently managed to receive just over $17,000 courtesy of their short-lived ‘double your money’ scam.
On September 23, the Bitcoin.org homepage displayed the following fake popup to its visitors:
“The Bitcoin Foundation is giving back to the community! We want to support our users who have helped us along the years. Send Bitcoin to this address, and we will send double the amount in return!”
Creating a sense of urgency is Scammer 101. And that trend was not broken in this case either, with the following line reading: “Limited to the first 10,000 users!”
Prior to the inclusion of a Bitcoin wallet QR code for receiving funds, the ruse was reiterated, this time capitalized and in bold:
“ANY AMOUNT SENT TO THIS ADDRESS WILL BE DOUBLED AND RETURNED TO THE SENDER!”
To make matters worse still for the website, visitors were unable to click past/close the popup, making the rest of the site unreachable while the scam remained active.
Before the day was through, Bitcoin.org’s pseudonymous website operator/s, who post under the username ‘Cøbra’ (@CobraBitcoin), confirmed that a breach had occurred.
“Bitcoin.org has been compromised,” the tweet said. “Currently looking into how the hackers put up the scam modal on the site. May be down for a few days.”
As indicated by the scammer’s wallet balance and a transactional history that included multiple deposits from different Bitcoin addresses, it would appear that several cryptocurrency users may have been duped by the ruse.
The balance of the wallet used in the scam currently stands at 0.4057BTC, a figure worth approximately $17,000.
The Bitcoin.org operator/s have speculated that the hackers may have exploited a vulnerability in the website’s DNS in order to gain unauthorised access and launch their cryptocurrency scam.
With hackers known to commonly crawl websites in the hope of spotting underlying flaws, this DNS theory certainly seems plausible.
The Bitcoin.org site, which was temporarily taken offline to analyze and identify the root cause of the breach, has now been fully restored to its prior state.
03/05/2022 Billions of Chrome users are being warned after the successful attack has revealed 30 new security flaws, including seven that pose a ‘high threat’ to users. Attackers have managed to access Chrome's unused memory. This is typically used to help the browser run smoother, however by exploiting this finding it has given hackers access to the inner workings...
21/03/2022 But with the final recovery bill expected to cost hundreds of thousands of pounds, members of the council have understandably been expressing their concerns. In order to restore several of its affected online services, a £380,000 reserve was created; the Government and Local Government Association also provided the council with a collective £250,000. Despite...
21/03/2022 But what exactly are trackers? And how do you go about stopping them to create a more secure, worry-free internet experience? What are Internet Trackers? Tracking technologies – usually owned/developed by advertising and marketing firms and government agencies, among other authorities – are utilized to monitor visitor-based data for the purpose of establishing...
21/03/2022 From a secret Kiev-based underground bunker, Fedorov has been urging high-ranking social media executives to sever Russia from their multinational services. Digital minister Fedorov has also set up an “IT Army of Ukraine” campaign in the hopes of recruiting volunteers willing to fight the country’s “enemy” with cyber attacks. The 31-year-old Fedorov,...