The pseudonymous operator of the web portal Bitcoin.org took to Twitter on Thursday and announced that the portal had been ‘compromised’. Cobra, the operator disclosed that the hackers had implemented a bitcoin doubler scam model and they were able to use it to carry out the attack. He also noted that the site would not be available for a ‘few days’. The mysterious operator of Bitcoin.org has once again found himself in the midst of controversy. The pseudonymous operator said that they were currently trying to figure out how the hackers had been able to implement the scam model, due to which the website would be down.
The scam model that was mentioned by Cobra is a doubler scam that works by attempting to entice people into depositing a fraction of Bitcoin and promises them to provide a double of the deposit made. Of course, anyone who ends up making a deposit into the double scam doesn’t really get a reward because the hacker simply walks away with all the funds they eventually manage to accumulate. As per one account, those who hacked Bitcoin.org were able to walk away with around $17,000 in BTC, while the fake page was online.
However, some stated that the scam wallet was not able to make as much money as the website showed. One individual disclosed that three people had sent in $100, one person had deposited $200 and there was around 0.4 BTC that was probably sent to make this ‘giveaway’ more legitimate, which means they probably belonged to the hacker themselves. According to the website’s operator i.e. nuke.asia, the hacker most probably used ‘social engineering’ for the takeover. Charles from nuke.asia stated that the domain was probably taken over. At the time the hack occurred, the WHOIS info was updated and the DNS plus nameservers were changed.
If you try and visit any of the other pages except for the index, a 404 error would pop up. This meant that it was a completely different website, except for the domain name. Meanwhile, Cobra also reached out to the company Cloudflare for some assistance. He tweeted that Bitcoin.org had not been hacked before and only two months after shifting to Cloudflare, they were compromised. He wanted to know where they were routing the traffic because, he said that the actual server hadn’t gotten any traffic during the hack. Someone also asked Cobra if his own accounts were compromised.
Cobra responded that his own accounts had not been infiltrated and the server appeared to be fine as well. He disclosed that the server hadn’t gotten any traffic while the hack occurred. It seems that the hackers ended up exploiting some flaw in the DNS to carry out their operation. Regardless, it is not the first attack that has occurred in the crypto space, as cybercriminals appear to be getting very active here recently. Different types of cyberattacks have occurred on one network or the other and it seems that Bitcoin.org is just the latest victim of one.