Bitcoin Forum>Economy>Marketplace>Service Discussion>Exchanges
Pages:
Author

Topic: eXch - instant exchange BTC / LN / XMR / LTC / ETH / ERC20 - page 19. (Read 27792 times)

d5000
legendary
Activity: 3906
Merit: 6249
Decentralization Maximalist
Re: eXch - instant exchange BTC / LN / XMR / LTC / ETH / ERC20
July 28, 2024, 05:30:10 PM
#724
Just a small contribution to the discussion about the feature request to add stablecoins with lower fees:

Some options which weren't discussed here still are USDC on Stellar and USDT on TON (The Open Network, the "Telegram chain"). I'm no expert regarding these two chains, but Stellar is already around a lot of time (2014/15) and may be an interesting option perhaps, even if it's a bit less popular than Tron or Polygon. TON seems to have become quite popular, so also the main token may be an interesting addition, although of course I don't know how trustworthy the founders are and if the hype lasts for more than a year or so ...

If Stellar/TON have already been discussed disregard this post Smiley

It would be of course ideal to have a stablecoin on the Bitcoin chain (Tether on Omni unfortunately is being discontinued) or for example LTC so it could be supported easily on exch. I've seen a proposal for a stablecoin on BTC via the Runes protocol  Roll Eyes (called BAMK) but I'm very skeptical regarding the trustworthiness.
paid2
hero member
Activity: 504
Merit: 1065
Crypto Swap Exchange
Re: eXch - instant exchange BTC / LN / XMR / LTC / ETH / ERC20
July 28, 2024, 12:52:07 PM
#723
Quote from: GazetaBitcoin on July 28, 2024, 06:48:49 AM
I made here a list with all domains impersonating eXch which were observed until this moment, for having all of them stored in a single place...


paid2, do you think you can try your magic on them...?

Thanks for aggregating all these links GazetaBitcoin, I'm going to send out emails right now, hoping for quick feedback!

exch.ch is already down:
GazetaBitcoin
legendary
Activity: 1680
Merit: 6524
Fully-fledged Merit Cycler|Spambuster'23|Pie Baker
Re: eXch - instant exchange BTC / LN / XMR / LTC / ETH / ERC20
July 28, 2024, 06:48:49 AM
#722
I made here a list with all domains impersonating eXch which were observed until this moment, for having all of them stored in a single place...


paid2, do you think you can try your magic on them...?

Later edit: I edited the post to hide those links from being directly indexed...
Pmalek
legendary
Activity: 2730
Merit: 7065
Re: eXch - instant exchange BTC / LN / XMR / LTC / ETH / ERC20
July 28, 2024, 05:56:03 AM
#721
Quote from: nutildah on July 26, 2024, 11:27:45 PM
Any chance you might consider adding support for DOGE?
bitmover suggested adding support for dogecoin back in January, but we didn't get a direct response from the eXch team for that particular asset. Considering that all other suggestions for adding new coins/tokens and new blockchains haven't been successful, I doubt things will be different for dogecoin.
nutildah
legendary
Activity: 3010
Merit: 8114
Re: eXch - instant exchange BTC / LN / XMR / LTC / ETH / ERC20
July 26, 2024, 11:27:45 PM
#720
Any chance you might consider adding support for DOGE? Transactions so fast & cheap, plus I think its due for a nice pump -- could see increased demand for that as an option throughout the second half of the year.
BitMaxz
legendary
Activity: 3374
Merit: 3095
Playbet.io - Crypto Casino and Sportsbook
Re: eXch - instant exchange BTC / LN / XMR / LTC / ETH / ERC20
July 26, 2024, 06:06:02 PM
#719
It seems that there are many similar domain names that just recently registered I found a few of them

Code:
- exch.zone
- exch.site
- exch.trade

These domains are taken but it's not hosted yet so these might be potential phishing sites in the future or these might be hacker's reserve domains once the other phishing sites are taken down they can later hosted a new phishing site using these domains.

We should really be careful sometimes they can also hijack traffic I heard that there are ways to hijack traffic directly from official site and redirect them to phishing sites.
GazetaBitcoin
legendary
Activity: 1680
Merit: 6524
Fully-fledged Merit Cycler|Spambuster'23|Pie Baker
Re: eXch - instant exchange BTC / LN / XMR / LTC / ETH / ERC20
July 26, 2024, 12:22:35 PM
#718
Quote from: Baadcaptain111 on July 24, 2024, 04:59:43 AM
Just saw now … excx.FAKE.ch scam site
Quote from: JeromeTash on July 25, 2024, 04:52:22 PM
Here is another "unofficial" domain
Quote from: SFR10 on July 25, 2024, 08:01:23 AM
I found another one that was recently registered
Quote from: eXch on July 26, 2024, 08:17:53 AM
exch[.]ac currently hosts a website that is a phishing copy targeting our original service (eXch).

I see the list of websites impersonatig eXch and this worries me and also brings me some bad memories... In the era before mixers were banned there were plenty websites impersonating a particular mixer.
If I remember well, paid2 did many efforts in that period and managed to take down a bunch of those copycats.

Perhaps he could share his expertise here...? Or give a hand of help once more...?
eXch
member
Activity: 119
Merit: 948
Re: eXch - instant exchange BTC / LN / XMR / LTC / ETH / ERC20
July 26, 2024, 08:17:53 AM
#717
WARNING: exch[.]ac - PHISHING WEBSITE!!!

exch[.]ac currently hosts a website that is a phishing copy targeting our original service (eXch).

This phishing website was done with lots of mistakes that immediately expose lack of authenticity:

- Uses Cloudflare's reverse-proxy service with a misconfigured account requiring CAPTCHA verification for Tor users and also exposing its users at risk by using state-sponsored MITM servers (eXch doesn't use the Cloudflare reverse-proxy service)
- Order IDs are 20-char length (our service's are 18-char length)
- BTC amounts without a leading zero when start with a leading zero (for example .0007, while on our website it's always 0.0007)
- Public PGP key of unusual size compared to ours.
- And so on...

BE CAREFUL!

Domain abuse report contacts:

- Reseller (where the malicious actor bought the domain with crypto):

https://sarek.fi/abuse/ or https://njal.la/ (same company)

[email protected]

- Registrar:

https://www.identity.digital/policies/report-abuse ("Identity Digital")

[email protected]

Website hosting/IP abuse report contacts:

- Reverse-proxy provider:

https://abuse.cloudflare.com/
dkbit98
legendary
Activity: 2212
Merit: 7064
Re: eXch - instant exchange BTC / LN / XMR / LTC / ETH / ERC20
July 26, 2024, 05:28:09 AM
#716
Quote from: LoyceV on July 25, 2024, 01:21:32 AM
Even sites with a very traditional .com domain have loads of phishing duplicates. And changing URL now makes it only worse.
It would be good if someone could create a tool or service that could scan one website and find all the clones with different domains, maybe even creating alert notification when new clone appears.
I am giving small homework to out crypto developers in forum to create something like this, unless something similar already exist Wink
We can use this for eXch, bitcointalk forum, and for any other service or exchange.
JollyGood
legendary
Activity: 2534
Merit: 1713
Top Crypto Casino
Re: eXch - instant exchange BTC / LN / XMR / LTC / ETH / ERC20
July 26, 2024, 03:38:45 AM
#715
That explains a lot, thank you for the explanation and the link.

The fact Cloudflare are (or seem to be) engaging in suspending websites that are phishing is very welcomed. In my opinion it is the right course of action because they should take any form of preventative measures to protect consumers that visit websites using which are using Cloudflare nameservers otherwise it could appear that they are complicit by virtue of inaction after receiving reports.

Quote from: albon on July 25, 2024, 06:35:24 PM
Quote from: JollyGood on July 25, 2024, 05:56:30 PM
I have no reason to assume anything contrary but for one reason or another I had never seen any warning of that type from Cloudflare before. I am glad they have that protection in place as it acts as a warning to people that could have stumbled across those websites. As clone website get used more and more in scamming attempts maybe we will see these warning far more often than before.
These warnings will appear if you file a report through this [link] about the phishing site and after the Cloudflare team confirms the abuse of their service based on the evidence and details you provided in the form.
joker_josue
legendary
Activity: 1722
Merit: 4711
**In BTC since 2013**
Re: eXch - instant exchange BTC / LN / XMR / LTC / ETH / ERC20
July 26, 2024, 01:42:54 AM
#714
Quote from: BitcoinGirl.Club on July 25, 2024, 10:20:55 PM
I was looking for the reason for .cx ccTLD and found the followings

Quote
Customer Experience
A .cx domain can be used to create a website dedicated to communicating with customers, or to show a business's commitment to providing a great customer experience.
Cryptocurrency
The .cx domain can also refer to a "crypto exchange" and may be a good choice for cryptocurrency sites.
Christmas Island
The .cx domain can be used by businesses that target residents of Christmas Island, which is located in the Indian Ocean south of Indonesia.

So the crypto exchange represents the ccTLD .cx. It's now confusing me with .ce

This just shows that there was a good marketing team promoting the idea that .cx was good for crypto businesses.

.cx has always been a top Christmas Island domain. But the similarity is with .tv - Tuvalu's top-level domain, which has become an excellent source of revenue for the country. The same thing they want to do with .cx. Some tried to sell the idea that .tv was a good domain for television channels. But, even today, there are few televisions that have adopted this idea.

People must keep in mind that these types of top-level domains continue to be references in their respective countries. And search engines continue to classify these ccTLDs as being from a certain country or for the target audience of that country.

BitcoinGirl.Club
legendary
Activity: 2800
Merit: 2736
Farewell LEO: o_e_l_e_o
Re: eXch - instant exchange BTC / LN / XMR / LTC / ETH / ERC20
July 25, 2024, 10:20:55 PM
#713
Quote from: examplens on July 25, 2024, 03:51:49 PM
Quote from: BitcoinGirl.Club on July 25, 2024, 02:05:21 PM
This is much easier to remember. The cx TLD is too hard to remember as I already posted in my last post.
.cx it's not hard to remember, it's just unusual, so it may require an additional check of the correctness of the domain name. .pw (which was used at some point) is perhaps a worse choice because it is cheap and often used for one-off scams and malware distribution
.net is my personal favourite, and I will be glad when it is officially the default domain for exch exchange.

I was looking for the reason for .cx ccTLD and found the followings

Quote
Customer Experience
A .cx domain can be used to create a website dedicated to communicating with customers, or to show a business's commitment to providing a great customer experience.
Cryptocurrency
The .cx domain can also refer to a "crypto exchange" and may be a good choice for cryptocurrency sites.
Christmas Island
The .cx domain can be used by businesses that target residents of Christmas Island, which is located in the Indian Ocean south of Indonesia.

So the crypto exchange represents the ccTLD .cx. It's now confusing me with .ce
albon
legendary
Activity: 1890
Merit: 1537
Re: eXch - instant exchange BTC / LN / XMR / LTC / ETH / ERC20
July 25, 2024, 06:35:24 PM
#712
Quote from: ?? on ??
CloudFlare already answered and said they flagged the website, they also reported the website to the domain provider. I did too, and if you want to report it too here are the info:
The Netim registrar team has already responded to the report I submitted regarding this phishing site. The scammer behind it has 8 days to proceed with the verification procedures requested by the Netim team. Let’s see what this scammer will do.


-------------
Quote from: SFR10 on July 25, 2024, 08:01:23 AM
I found another one that was recently registered [Whois result]:
Code:
https://exch.ac/

Quote from: JeromeTash on July 25, 2024, 04:52:22 PM
Here is another "unofficial" domain

Code:
exch.ws
Good catch, guys. I can also file reports to the registrar of these phishing domains you mentioned.

I know that scammers will not stop creating more unofficial scam domains, but if we ignore everything they do, the internet will be filled with many of these domains that someone might come across in a search engine and mistakenly trust.

Quote from: JollyGood on July 25, 2024, 05:56:30 PM
I have no reason to assume anything contrary but for one reason or another I had never seen any warning of that type from Cloudflare before. I am glad they have that protection in place as it acts as a warning to people that could have stumbled across those websites. As clone website get used more and more in scamming attempts maybe we will see these warning far more often than before.
These warnings will appear if you file a report through this [link] about the phishing site and after the Cloudflare team confirms the abuse of their service based on the evidence and details you provided in the form.
JollyGood
legendary
Activity: 2534
Merit: 1713
Top Crypto Casino
Re: eXch - instant exchange BTC / LN / XMR / LTC / ETH / ERC20
July 25, 2024, 05:56:30 PM
#711
Quote from: NotATether on July 25, 2024, 04:25:26 AM
It's always been there actually, at least for some time.
I have no reason to assume anything contrary but for one reason or another I had never seen any warning of that type from Cloudflare before. I am glad they have that protection in place as it acts as a warning to people that could have stumbled across those websites. As clone website get used more and more in scamming attempts maybe we will see these warning far more often than before.

Quote from: NotATether on July 25, 2024, 04:25:26 AM
The business model for making scam clones is extremely lucrative, as they can often poach hundreds, or even thousands of dollars worth from a single trade, whereas registering new domains for a year only costs a fraction of that amount. So that even if a domain is suspended they can move on to the next one. Server and operating costs are usually static since there isn't actually any infra running.
I would be curious about how lucrative it actually is in USD$ on a yearly basis. If they were not making money, the scammers would have stopped but there seems to be more than enough incentive for them to simply carry on in that cycle of creating a cloned website on a lookalike domain but be ready to duplicate it on another lookalike domain as soon as they get shut down. While all that is happening, they will be hoping to generate as much income as possible by creating as many victims as possible.
JeromeTash
legendary
Activity: 2338
Merit: 1261
Heisenberg
Re: eXch - instant exchange BTC / LN / XMR / LTC / ETH / ERC20
July 25, 2024, 04:52:22 PM
#710
Here is another "unofficial" domain

Code:
exch.ws

The funny thing is that the homepage redirects to the official onion link via a referral link. Perhaps the person behind it is trying to earn from the affiliate program
Code:
http://hszyoqwrcp7cxlxnqmovp6vjvmnwj33g4wviuxqzq47emieaxjaperyd.onion/?ref=EA1C6A3a
It still can not be trusted since the person can easily just change the onion links.
examplens
legendary
Activity: 3472
Merit: 3507
Crypto Swap Exchange
Re: eXch - instant exchange BTC / LN / XMR / LTC / ETH / ERC20
July 25, 2024, 03:51:49 PM
#709
Quote from: BitcoinGirl.Club on July 25, 2024, 02:05:21 PM
This is much easier to remember. The cx TLD is too hard to remember as I already posted in my last post.
.cx it's not hard to remember, it's just unusual, so it may require an additional check of the correctness of the domain name. .pw (which was used at some point) is perhaps a worse choice because it is cheap and often used for one-off scams and malware distribution
.net is my personal favourite, and I will be glad when it is officially the default domain for exch exchange.
BitcoinGirl.Club
legendary
Activity: 2800
Merit: 2736
Farewell LEO: o_e_l_e_o
Re: eXch - instant exchange BTC / LN / XMR / LTC / ETH / ERC20
July 25, 2024, 02:05:21 PM
#708
Quote from: paid2 on July 24, 2024, 02:02:35 PM
Quote from: joker_josue on July 24, 2024, 01:32:28 PM
I keep asking myself why they don't start using a more traditional domain in order to avoid these types of errors on the user's side.

For example, this one is still free: exch.services

Apparently it will be "exch.net" (at least if their plans did not change since).
This is much easier to remember. The cx TLD is too hard to remember as I already posted in my last post.
SFR10
legendary
Activity: 2968
Merit: 3406
Crypto Swap Exchange
Re: eXch - instant exchange BTC / LN / XMR / LTC / ETH / ERC20
July 25, 2024, 08:01:23 AM
#707
Quote from: joker_josue on July 24, 2024, 01:32:28 PM
I keep asking myself why they don't start using a more traditional domain in order to avoid these types of errors on the user's side.

For example, this one is still free: exch.services
Quote from: joker_josue on July 25, 2024, 01:45:48 AM
Which reduces the possibility of making mistakes, or at least is more perceptible to the user.
You have a point and while that might somewhat improve the above situation, a change in the domain extension isn't going to provide any protection against Punycode attacks [unfortunately]:

e.g. Copy-paste the following link in the Punycode field of this "converter" and see the result:
Code:
xn--xh-mlc3c.services

Quote from: _act_ on July 24, 2024, 02:33:03 PM
I hope exch.cx should try to find similar sites that clone their website and report them also.
I found another one that was recently registered [Whois result]:
Code:
https://exch.ac/
NotATether
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
Re: eXch - instant exchange BTC / LN / XMR / LTC / ETH / ERC20
July 25, 2024, 04:25:26 AM
#706
Quote from: JollyGood on July 25, 2024, 03:57:20 AM
I have never seen any website using Cloudflare ever display anything like this before therefore either it is a new addition on their system or they have not received reports of phishing on websites that I might have visited. This is a welcomed move from Cloudflare.

It's always been there actually, at least for some time.

Quote
Even if these types of websites get reported they usually pop up again using another domain and wait for it to be shutdown before the cycle of them creating website starts again. Still, hopefully the scammers will eventually get tired and stop.

The business model for making scam clones is extremely lucrative, as they can often poach hundreds, or even thousands of dollars worth from a single trade, whereas registering new domains for a year only costs a fraction of that amount. So that even if a domain is suspended they can move on to the next one. Server and operating costs are usually static since there isn't actually any infra running.
JollyGood
legendary
Activity: 2534
Merit: 1713
Top Crypto Casino
Re: eXch - instant exchange BTC / LN / XMR / LTC / ETH / ERC20
July 25, 2024, 03:57:20 AM
#705
I have never seen any website using Cloudflare ever display anything like this before therefore either it is a new addition on their system or they have not received reports of phishing on websites that I might have visited. This is a welcomed move from Cloudflare.

Even if these types of websites get reported they usually pop up again using another domain and wait for it to be shutdown before the cycle of them creating website starts again. Still, hopefully the scammers will eventually get tired and stop.

Quote from: logfiles on July 24, 2024, 05:59:12 PM
The Good news is that Cloudfare now displays a warning about the site
Pages:
Bitcoin Forum>Economy>Marketplace>Service Discussion>Exchanges
Jump to: