Large-Scale Phishing Attack Targets Bitcoin and Web Wallet Users

2016/06/22 4:44 AM

The popularity of Bitcoin is attracting all kind of attention. Unfortunately, that also means hackers and internet criminals start targeting Bitcoin users. A phishing campaign spanning over 100 fake domain names is threatening users all over the world. The objective is simple: steal bitcoins and obtain blockchain wallet credentials.

Also read: NanoPay Announces the Deployment of MintChip Digital Currency

It is not the first time Bitcoin users notice copycat websites trying to steal their login credentials., one of the traditional web wallet services, has dealt with copycat sites before. Bitstamp, one of the largest European Bitcoin exchanges, has had hackers contact their customers and direct them to a cloned website to steal login details.

Coordinated and Scaling Phishing Attack


But it looks like internet criminals are stepping up their game. So far, over 100 unique domains have been identified, most of which present a clone of legitimate Bitcoin websites. Interestingly enough, the majority of these domains was registered on May 26. That being said, more and more of these websites continue to pop up on a daily basis, and the threat is far from over.

At the time of writing, it is very difficult to grasp the full scope of this phishing campaign. Moreover, it is next to impossible to determine who is behind these fake domain websites. It is not unlikely most of them are registered with stolen credit card information. Similar to what has happened in the past, the majority of these websites is being advertised through Google Adwords. Doing so gives these fake sites a prominent ranking in Google’s search engine results.

But the most worrying part is how OpenDNS researchers uncovered these assailants have a thorough understanding of the Bitcoin protocol. Albeit the domain names rely on typosquatting, as they call it, it is not unlikely to think these fake platforms have tricked many Bitcoin users in the past.

More interestingly, these fake domain names share a provider which has been labeled as hosting illegal content in the past. Child pornography, counterfeit merchandise, and phishing sites have been hosted by this provider in the past. For now, the company is known as Novogara, but it has held different names in the past.

What are your thoughts on these phishing attacks against Bitcoin users? Let us know in the comments below!

Source: OpenDNS

Images courtesy of Shutterstock

Post Views: 605

Jp Buntinx

Jp Buntinx

JP Buntinx is a freelance Bitcoin writer and Bitcoin journalist for various digital currency news outlets around the world. In other notes, Jean-Pierre is an active member of the Belgian Bitcoin Association, and occasionally attends various Bitcoin Meetups in Ghent and Brussels


Leave a Reply

Your email address will not be published. Required fields are marked *