News

Attackers seized Bitcoin [.] Org website and stole $ 17,000 from visitors

The cybercriminals temporarily seized the official website of the Bitcoin project (Bitcoin [.] Org) and inserted an advertisement for the fraudulent distribution of cryptocurrency on the resource pages. Although the hack lasted less than a day ago, some users managed to believe the hackers, and the scammers “earned” about $ 17,000.

Bleeping Computer writes that on September 23, the following message appeared on the site’s home page:

The Bitcoin Foundation will repay the community! We want to support our users who have helped us over the years. Send bitcoin to the specified address, and we will refund you twice the amount!

home page

In the message, users were asked to credit funds to the address 1NgoFwgsfZ19RrCUhTmmuLpmdek45nRd5N belonging to the attackers.

Shortly after the site was hacked, Bitcoin [.] Org, known as Cøbra, reported on Twitter that the site had been compromised.

Bitcoin.org has been compromised. Currently looking into how the hackers put up the scam modal on the site. May be down for a few days.Cøbra said.

Following this message, Cøbra also responded to the problem with the Namecheap domain registrar, quickly disabling the domain until the problem was resolved.

And although the hack was discovered quite quickly, and measures were taken, unfortunately, the balance of the cybercriminals’ wallet indicates that some users still managed to fall for the bait of scammers. The transaction history shows several transfers made from different bitcoin addresses. As a result, the balance of the hackers’ wallet amounted to 0.40571238 BTC, that is, approximately $ 17,000 at the current exchange rate.

transaction

Currently, Bitcoin [.] Org is already operating normally. How exactly the attackers managed to compromise the resource remains unclear, and some information security experts suspect that a DNS attack took place.

It appears the domain was taken over. The WHOIS info was updated at the time of the hack, the nameservers + DNS changed, and if you try to visit any of the actual pages other than the index you’ll get a 404. It’s a completely different website save for the domain name.posted an information security specialist with the nickname @nukedotasia.

Let me remind you that we wrote that the British authorities decided to give cybercriminal’s bitcoins as a compensation for its victims, as well as that recently the US authorities imposed sanctions on cryptocurrency exchange Suex.

Sending
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

Daniel Zimmermann

Daniel Zimmermann has been writing on security and malware subjects for many years and has been working in the security industry for over 10 years. Daniel was educated at the Saarland University in Saarbrücken, Germany and currently lives in New York.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Sending

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Back to top button