I just found a Romanian form of the site, of course, having nothing in common with the real forum:
https://bitcointalk.ro/.
According to the site whois, it looks brand new:
Domain Name: bitcointalk.ro
Registered On: 2020-08-24
Expires On: 2021-08-24
Registrar: Awesome Projects SRL
Referral URL:
www.hostico.roAwesome Projects SRL is a Romanian company (
https://www.awesomeprojects.ro/) which seems to be in webhosting business. I called them at the number posted on their site and they said they didn't know about the existence of BitcoinTalk.org and that they just registered the domain for a client. The domain was bought by them from RoTLD - the Romanian authority which offers the domain names.
If we perform the whois search on RoTLD (
https://rotld.ro/whois/) we find out also the real owner:
Nume Domeniu: bitcointalk.ro
Data Înregistrării: 2020-08-24
Data Expirării: 2021-08-24
Nume Deţinător: NANOTEL SRL
Tip Persoana: Companie Comercială
Adresă#1: Str. Aleea Scolii
Adresă#2: Nr. 8
Oraș: Ploiesti
Județ/Sector/Stat: Prahova
Cod Poștal: 100498
Țara: ROMANIA
Telefon: +40.726266835
Email:
[email protected]I just called the real owner and he said that it didn't even cross his mind to try a phishing attempt with this site and that he lives from buying domains with interesting names and then reselling them. In case of BitcoinTalk.ro he said he observed that its previous registration is close to expire (this means that this domain existed before) and he registered as soon as it expired.
He said that all he can say in his defense (for not being accused of phishing) is that he has a public company, visible at whois and a phone number, also visible at whois. And, of course, that he is willing to talk on the matter. He said that he can not do anything more than this. If anyone desires, he / she can file a complaint at the Police and the Police will search the code of the site, in order to investigate if it has phishing code or not.
At the end of the discussion, he said that he may add a logo on the homepage, something like BitcoinTalk ROMANIA, in order to show somehow that his site is not related to the original one (we'll see if this happens).
On the other side, the registrar said it's not his business about the name chosen by the client and that they don't store the site's data: they just helped with the registration of the domain.
I advise all the members of the forum to not enter their user names / passwords on the .ro website. It may or may not be phishing, you can never know. Be aware.