News

Attackers seized Bitcoin [.] Org website and stole $ 17,000 from visitors

The cybercriminals temporarily seized the official website of the Bitcoin project (Bitcoin [.] Org) and inserted an advertisement for the fraudulent distribution of cryptocurrency on the resource pages. Although the hack lasted less than a day ago, some users managed to believe the hackers, and the scammers “earned” about $ 17,000.

Bleeping Computer writes that on September 23, the following message appeared on the site’s home page:

The Bitcoin Foundation will repay the community! We want to support our users who have helped us over the years. Send bitcoin to the specified address, and we will refund you twice the amount!

In the message, users were asked to credit funds to the address 1NgoFwgsfZ19RrCUhTmmuLpmdek45nRd5N belonging to the attackers.

Shortly after the site was hacked, Bitcoin [.] Org, known as Cøbra, reported on Twitter that the site had been compromised.

Bitcoin.org has been compromised. Currently looking into how the hackers put up the scam modal on the site. May be down for a few days.Cøbra said.

Following this message, Cøbra also responded to the problem with the Namecheap domain registrar, quickly disabling the domain until the problem was resolved.

And although the hack was discovered quite quickly, and measures were taken, unfortunately, the balance of the cybercriminals’ wallet indicates that some users still managed to fall for the bait of scammers. The transaction history shows several transfers made from different bitcoin addresses. As a result, the balance of the hackers’ wallet amounted to 0.40571238 BTC, that is, approximately $ 17,000 at the current exchange rate.

Currently, Bitcoin [.] Org is already operating normally. How exactly the attackers managed to compromise the resource remains unclear, and some information security experts suspect that a DNS attack took place.

It appears the domain was taken over. The WHOIS info was updated at the time of the hack, the nameservers + DNS changed, and if you try to visit any of the actual pages other than the index you’ll get a 404. It’s a completely different website save for the domain name.posted an information security specialist with the nickname @nukedotasia.

Let me remind you that we wrote that the British authorities decided to give cybercriminal’s bitcoins as a compensation for its victims, as well as that recently the US authorities imposed sanctions on cryptocurrency exchange Suex.

User Review
0 (0 votes)
Comments Rating 0 (0 reviews)
Daniel Zimmermann

Daniel Zimmermann has been writing on security and malware subjects for many years and has been working in the security industry for over 10 years. Daniel was educated at the Saarland University in Saarbrücken, Germany and currently lives in New York.

Recent Posts

Remove News-bpudepi.today pop-up ads (Virus Removal Guide)

News-bpudepi.today is a domain that tries to trick you into subscribing to its browser notifications…

18 hours ago

Remove Doguhtam.xyz pop-up ads (Virus Removal Guide)

Doguhtam.xyz is a site that tries to trick you into subscribing to its browser notifications…

18 hours ago

Remove News-xlixoti pop-up ads (Virus Removal Guide)

News-xlixoti.com is a site that tries to force you into subscribing to its browser notifications…

19 hours ago

Remove Ducesousightion pop-up ads (Virus Removal Guide)

Ducesousightion.com is a domain that tries to trick you into clik to its browser notifications…

19 hours ago

Remove News-xlabica.live pop-up ads (Virus Removal Guide)

News-xlabica.live is a domain that tries to trick you into clik to its browser notifications…

19 hours ago

Remove Mergechain.co.in pop-up ads (Virus Removal Guide)

Mergechain.co.in is a site that tries to trick you into subscribing to its browser notifications…

19 hours ago