Despite the hack lasting under 24 hours, the orchestrators apparently managed to receive just over $17,000 courtesy of their short-lived ‘double your money’ scam.
On September 23, the Bitcoin.org homepage displayed the following fake popup to its visitors:
“The Bitcoin Foundation is giving back to the community! We want to support our users who have helped us along the years. Send Bitcoin to this address, and we will send double the amount in return!”
Creating a sense of urgency is Scammer 101. And that trend was not broken in this case either, with the following line reading: “Limited to the first 10,000 users!”
Prior to the inclusion of a Bitcoin wallet QR code for receiving funds, the ruse was reiterated, this time capitalized and in bold:
“ANY AMOUNT SENT TO THIS ADDRESS WILL BE DOUBLED AND RETURNED TO THE SENDER!”
To make matters worse still for the website, visitors were unable to click past/close the popup, making the rest of the site unreachable while the scam remained active.
Before the day was through, Bitcoin.org’s pseudonymous website operator/s, who post under the username ‘Cøbra’ (@CobraBitcoin), confirmed that a breach had occurred.
“Bitcoin.org has been compromised,” the tweet said. “Currently looking into how the hackers put up the scam modal on the site. May be down for a few days.”
As indicated by the scammer’s wallet balance and a transactional history that included multiple deposits from different Bitcoin addresses, it would appear that several cryptocurrency users may have been duped by the ruse.
The balance of the wallet used in the scam currently stands at 0.4057BTC, a figure worth approximately $17,000.
The Bitcoin.org operator/s have speculated that the hackers may have exploited a vulnerability in the website’s DNS in order to gain unauthorised access and launch their cryptocurrency scam.
With hackers known to commonly crawl websites in the hope of spotting underlying flaws, this DNS theory certainly seems plausible.
The Bitcoin.org site, which was temporarily taken offline to analyze and identify the root cause of the breach, has now been fully restored to its prior state.
18/01/2022 According to Tenable, which recently reported on the illicit activity, the scammers behind the sharing of the existing TikTok videos have been gaining millions of views, along with subscriber counts in the tens of thousands. These types of scams are generally carried out by orchestrators to promote illegitimate/sham retail goods, including supplements for...
18/01/2022 According to a Kaspersky research group, BlueNoroff’s campaign, known as SnatchCrypto, fixes its crosshairs on companies dealing with cryptocurrencies, smart contracts, blockchain, decentralized finance, and the financial technology industry. The research group stated that the companies were specifically targeted, and that startups are generally no stranger...
14/01/2022 The FBI’s operation targeted those associated with Black Axe, an organized crime syndicate which originated in Nigeria and has since spread throughout Africa and the world. 23 suspects were charged in Texas’ Eastern District, along with 11 in the Northern District. The group had been active since January 2017, according to US officials, and has engaged...
12/01/2022 Cyber security researchers are helping to combat a long-running phishing scam that continues to target US military members and their families. In order to commit advance fee fraud, scam orchestrators pose as official military personnel and support organizations; the endgame, as always, is to steal victims’ personally identifiable information, which can be...