cryptobriefing.com
Bitcoin.org, the official website of the Bitcoin cryptocurrency was compromised by hackers running a giveaway scam.
Bitcoin.org Exploited For Giveaway Scam
In an unfortunate security failure, Bitcoin.org was compromised for a giveaway scam, users reported Thursday morning. Visitors to the website were greeted with a popup, asking them to send crypto to a Bitcoin wallet via a QR code and receive double the amount in return.
The fake message told visitors that the Bitcoin Foundation was giving back to the community, and that the giveaway would be limited to the first 10,000 users in order to draw people into the scam. Users couldn’t click past the fake pop-up message, making the rest of the website inaccessible for the duration of the scam.
The Bitcoin address used in the scam received 0.40BTC worth $17,000. The hacker moved almost all of the funds out of the main wallet and into two other holding wallets.
Started in August 2008 by Bitcoin’s pseudonymous creator Satoshi Nakamoto, Bitcoin.org serves a knowledge hub for the top cryptocurrency. It hosts various resources such as the original whitepaper and developer documentation on Bitcoin.
According to the Bitcoin.org’s pseudonymous operator CobraBitcoin, the attackers may have exploited some flaw in the website’s domain name system (DNS), and gained unauthorized access. Hackers usually crawl websites to identify underlying vulnerabilities that can be used to orchestrate attacks.
After being taken down for a few hours to investigate the root cause of the security breach, the website has now been restored to its pre-hack status.
The Bitcoin.org exploit is not the first “double your money” scam to affect the crypto space. Cryptocurrency giveaway scams often leverage popular web platforms and fake or hacked celebrity social media accounts to trick users into thinking the scam is credible.
Last year, the Twitter accounts of Binance CEO ChangPeng Zhao, Bill Gates, Elon Musk, and other prominent figures on the crypto community were hacked in order to carry out a doubling scam, asking users to send Bitcoin to an undisclosed wallet, with the promise of receiving double the amount back. According to the US-based Federal Trade Commission, impersonators of Tesla CEO Elon Musk have stolen at least $2 million from investors using similar scams.