Bitcoin.org Hackers Steal $17,000 In ‘double your cash’ Scam

This week, threat actors hijacked Bitcoin.org, the authentic website of the Bitcoin project, and altered its parts to push a cryptocurrency giveaway scam that unfortunately some users fell for.

Although the hack lasted for less than a day, hackers seem to have walked away with a little over $17,000.

Bitcoin.org hacked to run ‘double your money’ scam

As shown below, on September 23rd, the home page of bitcoin.org stated:

“The Bitcoin Foundation is giving back to the community! We want to support our users who have helped us along the years,” encouraging users to send Bitcoins to the attacker’s displayed wallet address.

“Send Bitcoin to this address, and we will send double the amount in return!”

Further, to add appeal to the claim, scammers wrote that the offer was limited to the first 10,000 users.

Also Read: How To Prevent WhatsApp Hack: 7 Best Practices

The attacker’s wallet address users were encouraged to send funds to is:1NgoFwgsfZ19RrCUhTmmuLpmdek45nRd5N

Shortly after the hack, Bitcoin.org’s site operator(s) who use the name Cøbra, also issued a public warning with regards to the incident:

https://t.co/OsFgRFRRZb has been compromised. Currently looking into how the hackers put up the scam modal on the site. May be down for a few days.— Cøbra (@CobraBitcoin) September 23, 2021

Although Bitcoin is assumed to be created by a pseudonymous identity, “Satoshi Nakamoto,” the author of the research paper that gave birth to the cryptocurrency, a newer identity “Cøbra” is lately seen managing the Bitcoin.org website, social media, and community channels.

Attackers stole over $17,000 from scam

After Cøbra’s announcement, Bitcoin.org’s domain registrar Namecheap also promptly disabled the domain until the issue was remedied:

Hello, Thank you for reporting this matter. We have temporarily disabled the domain.— Namecheap.com (@Namecheap) September 23, 2021

Still, unfortunately, some cryptocurrency enthusiasts may have fallen for the scam as evident from the attacker’s wallet balance. The transaction history shows multiple deposits made from different Bitcoin addresses to the attacker’s wallet.

The last updated balance of the wallet was at 0.40571238 BTC or approximately US$17,000.

Bitcoin.org has now been restored. But, the root cause of the website hijack remains unconfirmed, although some have suspected this to be a DNS hijack [1, 2].

Giveaway scams have become a common theme in the cryptocurrency realm as attackers who set up these lures have found much success. Just a few days ago, BleepingComputer reported on the “Elon Musk Mutual Aid” circulating via email.

It’s tempting to dismiss these scams thinking no one falls for them, but, similar crypto scams have been hugely successful and generated hundreds of thousands of dollars in the past.

Also Read: 15 Best Tools For Your Windows 10 Privacy Settings Setup

For example, scammers made $180K in a single day in 2018, Twitter suffered a massive attack where crypto scammers earned $580K in a week in January 2021, and then another scam stole $145K in February.

And, not too long ago, someone sent three bitcoin, or $150,074 at the time, to a known crypto giveaway scam.

As such, users should remain vigilant for cryptocurrency scams and emails.