Pages:
Author

Topic: Newbies, please be aware that Bitcoin.org is compromised! (Read 282 times)

legendary
Activity: 3024
Merit: 2148
The scammers were smart enough to hack the site and dumb enough to only put some lame doubling scam. Imagine if they instead made a warning that a "critical bug" was found and that all users must download their wallet immediately or lose their funds. Likely a lot more people would have gotten their entire wallets swept.
hero member
Activity: 3024
Merit: 680
★Bitvest.io★ Play Plinko or Invest!
Update: The site has now been shut down. Unfortunately, the scammer's wallet address now received 0.40571238 BTC. Some might be self-transactions, but yea.
Too bad.

These scammers are going far and hacked a reputable website for bitcoin just to post that scam banner.

The site is now up and back.
sr. member
Activity: 1932
Merit: 442
Eloncoin.org - Mars, here we come!
Damn, this is worrying thing. Thanks for warning. I'm not cyber security expert, so maybe can explaing for dummies in simple words, how they did this thing?
And it's sad to see that scammers got over 0.4 BTC in such short time. It's not small money after all. And this hack shows that people should careful even with official websites. Yeah, I know that Bitcoin.org can't be called official website, but you got my mind. For example, I wouldn't be surprised if hacker would replace download links of Bitcoin wallets there to phishing ones.
Well there are a lot of people still fool by them, --are they all newbies in the crypto world?
They must learn on this, from the world [double you bitcoin] you perhaps begun suspected to them because no one will give free on the internet and if there is, be suspicious because that is 80% scam. Possibly, this will lose the credibility of bitcoin again, many people think that bitcoin is scam, bitcoin is fraudulent, but the fact is-- they made them self fool.
legendary
Activity: 3234
Merit: 1375
Slava Ukraini!
Damn, this is worrying thing. Thanks for warning. I'm not cyber security expert, so maybe can explaing for dummies in simple words, how they did this thing?
And it's sad to see that scammers got over 0.4 BTC in such short time. It's not small money after all. And this hack shows that people should careful even with official websites. Yeah, I know that Bitcoin.org can't be called official website, but you got my mind. For example, I wouldn't be surprised if hacker would replace download links of Bitcoin wallets there to phishing ones.

Was bitcoin.org a forum similar to this one? I never found it while browsing the internet, I guess it didn't have as much traffic and didn't appear as high on google. I've been reading the links tranthidung posted and it seems like a soap opera that I'm having a hard time finding out about because I have no prior knowledge on the subject.
Initially Bitcointalk was hosted under Bitcoin.org and was called just Bitcoin Forum. Only later it was moved to dedicated domain Bitcointalk.org. And if you look at archived page, back in 2010 it looked exactly same as it looks now:
https://web.archive.org/web/20100322194311/http://bitcointalk.org/index.php
legendary
Activity: 2394
Merit: 2223
Signature space for rent
I don’t know what's wrong but I can't yet access the domain; checked right now again and it’s still same for me. Anyway, thank you for the links.
It's working for me, I just check right now. Most probably it's due to DNS propagation. Because when DNS change or replace then it takes time to update over the internet and all the countries and areas don't react at the same time. You might check after a few times. You may check it from the below website where it's live by check A record.

https://dnschecker.org

Anyway, thanks for sharing it here. It's quite disappointing how hackers took the control of the site even without accessing any of cobra's accounts. It's quite dangerous for newbies. Because we trust this site, but newbies couldn't determine there is a scammy offer. By the good to see the site has been recovered.
hero member
Activity: 1358
Merit: 851

Actually the website was not hacked. An DNS flaw was exploited and the traffic goes to a malicious website with odd SSL certificate.
And, strangely, for me it seems to be working now. But CloudFlare did look into the problem though.
Great that it sorted out this way. Otherwise, a big scam would be a matter of time only. We could probably see the biggest scam as the domain is the major one.
I don’t know what's wrong but I can't yet access the domain; checked right now again and it’s still same for me. Anyway, thank you for the links.
legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
Any update on this? I can't still access the domain. It's quite unusual; sad to see the main bitcoin domain has been hacked though the amount hacker stole luckily wasn’t that big. Probably because it was figured faster.
If any update is posted anywhere, please share me the link if anyone have.

Actually the website was not hacked. An DNS flaw was exploited and the traffic goes to a malicious website with odd SSL certificate.
And, strangely, for me it seems to be working now. But CloudFlare did look into the problem though.
hero member
Activity: 1358
Merit: 851
Any update on this? I can't still access the domain. It's quite unusual; sad to see the main bitcoin domain has been hacked though the amount hacker stole luckily wasn’t that big. Probably because it was figured faster.
If any update is posted anywhere, please share me the link if anyone have.
legendary
Activity: 2436
Merit: 1189
Need Campaign Manager?PM on telegram @sujonali1819
Ah Just I come to post about this though it has happened few hours back. And See you already posted. Smiley

Btw this is very important for the newbies even for the Intermediate individual in crypto. Scammer will not stop they always try to find a way of doing scam to steal people money. This bitcoin.org hacked is a important example. Before we have seen they hack YouTube channels, social media account, etc now they attract the main bitcoin website which was build by Satoshi Nakamoto. And it's normal when People will say a notice in the bitcoin.org site about a giveaway first time people start to believe it true. The Scammer is successful enough because they already grave a big amount.

They are still finding something more valuable source to hack. We have to aware.
full member
Activity: 616
Merit: 161
Honestly, the whole of crypto has been hacked if you look at it. Where ever you turn there are scams, lousy projects, false info for the sake of one's benefit... The cautionary tale here should not only be that Bitcoin.com is compromised but that crypto, in general, is compromised and that people are getting themselves into trouble if they don't take the time to research, educate themselves and be cautious of everyone and everything.
legendary
Activity: 1834
Merit: 1208
-snip-
No one is safe these days, not even the government websites around the world are exempted. Hackers are always one step ahead. As we upgraded our security features, so does the hackers’ abilities to counter it. It stings you know, but this is the reality guys!
That's why as always "don't trust, verify" even you visit the correct URL but you didn't verify to confirm whether it's legit or not, you still has a chance using a fake one. The old school scam/ to good to be true is really easy to avoid it, if the hacker change the legit Bitcoin core wallet with the fake one... many people with less knowledge and lazy enough to verify the signature will get tricked.

Update : After few hours bitcoin.org got taken down, now bitcoin.org back online and working fine. So case closed.
hero member
Activity: 2282
Merit: 659
Looking for gigs
A similar thread has already been created in the Bitcoin discussion board. However, it might be important for any beginner who goes straight to this board to know that the website which is considered the official site of Bitcoin is hacked.

Someone searching for Bitcoin online might be led to Wikipedia. Bitcoin.org is indicated there as the website of Bitcoin. They might trust whatever is written there. Please be informed that a scammer has already taken over that site.

There is a double-your-money offer presented on the site. That is a scam.

We don't know when it will be taken down. For now, avoid sending any amount of Bitcoin to the address indicated there.

No one is safe these days, not even the government websites around the world are exempted. Hackers are always one step ahead. As we upgraded our security features, so does the hackers’ abilities to counter it. It stings you know, but this is the reality guys!

These hackers like what they’ve done to Bitcoin.org are using their so-called “gifts” for something bad instead for the greater good. The real victims here would be the newbies and beginners who are just getting started to know more about Bitcoin.

To all of the newbies and beginners out there, stay vigilant and always never hesitate to consult to the experienced ones before doing such action.
legendary
Activity: 2338
Merit: 10802
There are lies, damned lies and statistics. MTwain
This is a different subject but I have to ask has bitcointalk.org been hacked before? Cobra has connection to bitcointalk?
https://bitcointalksearch.org/topic/bitcointalk-history-of-hacks-and-vandalism-4405796
full member
Activity: 378
Merit: 135
This is a different subject but I have to ask has bitcointalk.org been hacked before? Cobra has connection to bitcointalk?
legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
download bitcoin core use a link on main top https://bitcoincore.org/en/download/

Or torrent. I always feel more secure if it's shared by multiple people.


We don't know when it will be taken down. For now, avoid sending any amount of Bitcoin to the address indicated there.

It worth mentioning that a good place to follow the development of this Cøbra's twitter: https://twitter.com/CobraBitcoin (Maybe you add it into the first post for visibility)
legendary
Activity: 2338
Merit: 10802
There are lies, damned lies and statistics. MTwain
If anybody want’s to take a careful look at what the hackers did on the site, there is an archived snapshot of what was going on before the site was unplugged:

https[colon]//web[dot]archive[dot]org/web/20210923025255/https[colon]//bitcoin[dot]org/

Essentially, they created a modal screen stating the following classical bullshit:
Quote
The Bitcoin Foundation is giving back to the community!
We want to support our users who have helped us along the years.
Send Bitcoin to this address, and we will send double the amount in return!
Limited to the first 10000 users!
Use this QR code or address below

ANY AMOUNT SENT TO THIS ADDRESS WILL BE DOUBLED AND RETURNED TO THE SENDER!
Then they provided some selectable "contribution" amounts (10$, 100$, 1000$, 10000$ in BTC ,or custom value), and provided an address to sent the BTCs to. You apparently couldn't get past the modal screen, so that’s all you could get access to whilst the hack was running.
legendary
Activity: 1512
Merit: 4795
Leading Crypto Sports Betting & Casino Platform
We don't know when it will be taken down. For now, avoid sending any amount of Bitcoin to the address indicated there.
The site is presently inaccessible after the giveaway scam. It really make good sense for bringing this up here too.

Was bitcoin.org a forum similar to this one?
I do not visit the site too, but I know people visit the site to download Bitcoin Core.
legendary
Activity: 1372
Merit: 2017
Was bitcoin.org a forum similar to this one? I never found it while browsing the internet, I guess it didn't have as much traffic and didn't appear as high on google. I've been reading the links tranthidung posted and it seems like a soap opera that I'm having a hard time finding out about because I have no prior knowledge on the subject.
legendary
Activity: 2310
Merit: 4085
Farewell o_e_l_e_o
Quote
Bitcoin.org:
 - Cobra has ultimate control over the domain name. I have access to the domain name settings.
 - Cobra runs the server.
 - Will Binns holds the BTC.

Bitcointalk.org:
 - Cobra has ultimate control over the domain name. I have access to the domain name settings.
 - I run the server. Cobra has no access to the database or server.
 - The BTC is held by myself and the treasurers. Cobra has no access.

I am not Cobra. What would even be the point of that?
mk4
legendary
Activity: 2870
Merit: 3873
Paldo.io 🤖
Update: The site has now been shut down. Unfortunately, the scammer's wallet address now received 0.40571238 BTC. Some might be self-transactions, but yea.




https://www.blockchain.com/btc/address/1NgoFwgsfZ19RrCUhTmmuLpmdek45nRd5N
Pages:
Jump to: