I'm pretty sure that the Twitter hack is still fresh in our memory, this is high profile because it involves a lot of crypto exchanges like, @coinbase, @Gemini, and @binance and then celebrities, @JeffBezos, @BarackObama, @elon_musk, @JoeBiden, @BillGates, and @WarrenBuffett.

And Graham Ivan Clark was charge last year and now agreed on Tuesday to be sentenced as a youthful offender to three years in prison, + three years of probation.

Here are the official docs: https://www.documentcloud.org/documents/20515610-plea-agreement-acknowledgment-of-waiver-of-rights-bc-6f018852-673e-4df1-85da-4c5629856265

https://www.sao13th.com/2021/03/prosecutors-reach-plea-agreement-in-case-of-twitter-hacker-graham-clark/ (please note that access might be block for some region due to security reasons).

What are your thoughts of the sentencing? he has served seven months already of the three years sentenced on him.

I was quite surprised to see this error, actually if was my first time to see this kind of message from this forum. Been here for some time now so I'm wondering if others have seen this kind of error message before. I know that you can just refresh to restore the tab. But I'm just curious though.



Note: this coincides with bitcoin hits $40k again so probably there are a lot of online users right now causing this kind of error

[https://mixer.money/en/]

I saw this post of @Xal0lex here, and it didn't took so long to identify another fake site.

Code:

xn--mxer-qpa.money

Original: https://mixer.money/en/

Archive: https://archive.is/qrVRM

Registrant    REDACTED FOR PRIVACY
Registrant Country    gb
Registrar    1API GmbH
IANA ID: 1387
URL: http://www.1api.net
Whois Server: whois.1api.net

(p)
Registrar Status    clientTransferProhibited
Dates    23 days old
Created on 2020-12-27
Expires on 2021-12-27
Updated on 2021-01-01 

IP Address    104.18.40.235 - 462 other sites hosted on this server

Image of the fake site below, you can't see any difference visually, isn't it?



So very careful, this is another warning to all of us, mixers are prime target as well. And even though this mixers is not that well-known (this is the first time I heard of it), but still we will never know.

[What happened:]

What happened: Fake OnX Swap website

Website:

Code:

https://onxswap.online/

Archived: https://archive.is/sdFcr

Original website: https://app.onx.finance/dashboard

Whois Record for OnXSwap.online
How does this work?
Domain Profile
Registrant Org    Not Applicable
Registrant Country    us
Registrar    Hostinger, UAB
IANA ID: 1636
URL: —
Whois Server: whois.hostinger.com

(p)
Registrar Status    clientTransferProhibited, serverTransferProhibited
Dates    14 days old
Created on 2020-12-29
Expires on 2021-12-30
Updated on 2021-01-03    
  
Name Servers    NS1.DNS-PARKING.COM (has 815,330 domains)
NS2.DNS-PARKING.COM (has 815,330 domains)
   
  
Tech Contact    —
IP Address    151.106.97.138 - 62 other sites hosted on this server
   
  
IP Location    Germany - Bayern - Nuremberg - Hostinger International Limited
ASN    Germany AS47583 AS-HOSTINGER, CY (registered Apr 04, 2011)
IP History    1 change on 1 unique IP addresses over 1 years    
  
Hosting History    1 change on 2 unique name servers over 1 year

Tornado cash - https://tornado.cash/, "a non-custodial Ethereum and ERC20 privacy solution based on zkSNARKs. It improves transaction privacy by breaking the on-chain link between the recipient and destination addresses", is now being clone as well by cyber actors.

The fake website:

Code:

https://tornadocash.org/

Archived: https://archive.is/zYvKT

Registrant Org    WhoisGuard, Inc.
Registrant Country    pa
Registrar    NameCheap, Inc.
IANA ID: 1068
URL: http://www.namecheap.com
Whois Server: whois.namecheap.com

(p)
Registrar Status    serverTransferProhibited
Dates    37 days old
Created on 2020-12-06
Expires on 2021-12-06
Updated on 2020-12-06   

IP Address    104.31.77.95 - -1 other site is hosted on this server

The real website is: https://app.tornado.cash/. And this is how it looks:



Almost the same and it's hard to distinguished initially.

This is the official github repo: https://github.com/tornadocash/tornado-core

[What happened:]

What happened: New Bustabit phishing site

Website

Code:

https://bustabit.cam/

Archive: https://archive.is/C0tx9

Whois Record for BustaBit.cam
How does this work?
Domain Profile
Registrant Org    WhoisGuard, Inc.
Registrant Country    pa
Registrar    Namecheap
IANA ID: 1068
URL: https://namecheap.com
Whois Server: whois.namecheap.com

(p)
Registrar Status    addPeriod, clientTransferProhibited, serverTransferProhibited
Dates    1 days old
Created on 2021-01-10
Expires on 2022-01-10
Updated on 2021-01-10     
 
Tech Contact    —
IP Address    63.250.38.6 - 534 other sites hosted on this server

It seems that the attack on bustabit continues, like this one, just 1 day old website, freshly created by this criminals to take advantage of those who uses Google to search for bustabit games.

[What happened:]

What happened: Fake Balancer website

Website:

Code:

https://bolancer.exchange/

Original Website: https://balancer.exchange/#/swap


Image of fake website:

Whois Record for BoLancer.exchange
How does this work?
Domain Profile
Registrant    REDACTED FOR PRIVACY
Registrant Org    See PrivacyGuardian.org
Registrant Country    us
Registrar    NameSilo, LLC
IANA ID: 1479
URL: http://www.namesilo.com
Whois Server: www.namesilo.com/whois.php

(p)
Registrar Status    clientTransferProhibited
Dates    14 days old
Created on 2020-12-27
Expires on 2021-12-27
Updated on 2021-01-01    

IP Address    172.67.190.61 - 21 other sites hosted on this server

There is another fake blockchain.com, which is just 4 day old, actually it was a redirection from:

Code:

login.bhlockchain.com

to

Code:

https://bıockchainı.com/

Archive: https://archive.is/J3Nyv

Registrant    WhoisGuard Protected
Registrant Org    WhoisGuard, Inc.
Registrant Country    pa
Registrar    NAMECHEAP INC NameCheap, Inc.
IANA ID: 1068
URL: http://www.namecheap.com
Whois Server: whois.namecheap.com

(p)
Registrar Status    addPeriod, clientTransferProhibited
Dates    4 days old
Created on 2020-11-21
Expires on 2021-11-21
Updated on 0000-12-31    
 
IP Address    209.97.129.163 is hosted on a dedicated server

So watch out for this kind of attacks, need to be very careful as the price of bitcoin is almost at a all time high again.

And I need everyone to help me report this website to:

https://safebrowsing.google.com/safebrowsing/report_phish/?hl=en or direct to the domain registrar:

https://support.namecheap.com/index.php?/Tickets/Submit->Abuse Reports->Fraud / Phishing

[https://www.foxmixer.com/]

There is a phishing site of Foxmixer.com. It might not be a popular mixing services, but they have their ANN thread here, ✰ [ANN] FoxMixer.com ✰✰✰ The High Quality Bitcoin Mixer ✰✰✰ 3+ Years Online ✰.

Website:

Code:

www.xn--foxmixr-y8a.com
https://www.foxmixėr.com/

The real website is: https://www.foxmixer.com/

Whois Record for Foxmixėr.com
How does this work?
Domain Profile
IP Address    198.54.116.178 - 730 other sites hosted on this server
   
 
IP Location    United States Of America - Georgia - Atlanta - Namecheap Inc.
ASN    United States Of America AS22612 NAMECHEAP-NET, US (registered Jun 21, 2011)
Domain Status    Never Registered Before
IP History    1 change on 1 unique IP addresses over 0 years    
 
Registrar History    1 registrar    
 
Hosting History    1 change on 2 unique name servers over 0 year

Since Paypal have joined the crypto currency band wagon, scammers was very quick to take advantage and created a website for a supposedly Paypal giveaway.

This is obvious fake and malicious and who's intention is to trap crypto enthusiast and play with their emotions and greed. So please do not fall for this scheme.

Website:

Code:

http://paypalbtc.org/

Archived: https://archive.is/uuqT1

Bitcoin address:

Code:

1PAYPRAKcnQyqnLMA7WyLTyzWakXVidx6W

The address has somewhat a balance of 0.00037650 BTC already.

Registrant Org    Maslov Anatoliy Zaharovich
Registrant Country    ru
Registrar    Regional Network Information Center, JSC dba RU-CENTER
IANA ID: 463
URL: https://www.nic.ru/whois
Whois Server: https://www.nic.ru/whois

(p)
Registrar Status    clientTransferProhibited, serverTransferProhibited
Dates    28 days old
Created on 2020-10-25
Expires on 2021-10-25
Updated on 2020-11-10    
  
Name Servers    NS3.NIC.RU (has 551,119 domains)
NS4.NIC.RU (has 551,119 domains)
NS8.NIC.RU (has 551,119 domains)
   
  
Tech Contact    —
IP Address    195.24.68.9 - 2,361 other sites hosted on this server
   
  
IP Location    Russian Federation - Moskva - Moscow - Jsc Ru-center
ASN    Russian Federation AS48287 RU-CENTER, RU (registered Nov 04, 2008)

Eaglebrook Advisors Announces that Mariner Wealth Advisors is Making the Eaglebrook Bitcoin SMA Available to Clients

WASHINGTON, Nov. 17, 2020 (GLOBE NEWSWIRE) -- Eaglebrook Advisors, Inc (“Eaglebrook”) announced today that Mariner Wealth Advisors will make the Eaglebrook Bitcoin SMA available for clients who want access to bitcoin as part of their investment plan. Mariner Wealth Advisors is a national wealth advisory firm, with more than $35 billion assets under advisement1, that has been ranked in the top five RIAs by Barron’s for the last five years2.

Based in Washington, D.C., Eaglebrook is a crypto-focused investment firm that serves registered investment advisors (RIAs) and financial advisors. Eaglebrook is proud to announce the launch of the Eaglebrook Bitcoin SMA which will allow financial advisors to allocate to bitcoin in a simple and secure way3. The advantages of the Eaglebrook Bitcoin SMA include tax optimization, direct ownership, and portfolio integration. Eaglebrook streamlines client onboarding, movement of funds, trade execution, reporting data aggregation, rebalancing, and tax documentation. This investment solution allows financial advisors to include bitcoin in their clients’ asset allocation strategy and overall financial plan.

“We are excited to offer this new solution to clients of Mariner Wealth Advisors where bitcoin fits into their overall wealth plan,” said Marty Bicknell, CEO and president of Mariner Wealth Advisors. “Our desire to find new solutions is always driven by client need and we are looking forward to working with Eaglebrook on this new endeavor.”

Demand for bitcoin from financial advisors and their clients has accelerated due to current trends, including the growth in investment demand from millennials and institutional investors, bitcoin’s potential as an inflation hedge in response to monetary stimulus and the asymmetric upside of the investment.

“We are thrilled to be working with Mariner Wealth Advisors,” said Christopher King, CEO of Eaglebrook Advisors. “Our investment solution, designed to meet the unique needs of firms such as Mariner Wealth Advisors, makes it easy for their advisors to allocate to bitcoin. We expect cryptocurrency adoption to continue and the market to mature, driving even greater demand.”

Eaglebrook has selected Gemini Trust Company, LLC (“Gemini”) as the qualified custodian for the Eaglebrook Bitcoin SMA. The client’s bitcoin is owned directly and is stored in an offline, institutional-grade custody account at Gemini.

"We are very pleased to have been selected as Eaglebrook's custodian to help them provide RIAs a secure way to store their digital assets. These types of solutions are critical to provide more financial advisors exposure to digital assets," said Noah Perlman, Chief Operating Officer at Gemini.

https://www.globenewswire.com/news-release/2020/11/17/2128376/0/en/Eaglebrook-Advisors-Announces-that-Mariner-Wealth-Advisors-is-Making-the-Eaglebrook-Bitcoin-SMA-Available-to-Clients.html

So as per their website:

Bitcoin Investment Solutions for Financial Advisors

Eaglebrook Advisors is a crypto-focused investment firm that provides financial advisors with simple, secure and compliant access to bitcoin through the Eaglebrook Bitcoin SMA

https://eaglebrookadvisors.com/

And they had partnered with Mariner Wealth Advisors, so their clients now have the ability to allocate their wealth into BTC. So demand is really accelerating for bitcoin, from financial advisors in behalf of their clients. And as we nearing $20k, I think this news could up add to that push, and even a new all time high.

[What happened:]

What happened: Fake Yearn Finance Airdrop

Website:

Code:

https://yfiairdrop.com/

 
Archived: https://archive.is/WxD1Q

Registrant    Pavel Zuev
Registrant Org    Private Person
Registrant Country    ru
Registrar    Registrar of domain names REG.RU LLC REGISTRAR OF DOMAIN NAMES REG.RU LLC
IANA ID: 1606
URL: https://www.reg.com,https://www.reg.ru,http://www.reg.ru
Whois Server: whois.reg.com

(p)
Registrar Status    clientTransferProhibited
Dates    4 days old
Created on 2020-11-16
Expires on 2021-11-16
Updated on 2020-11-17    
 
Name Servers    NS29.LINK-HOST.NET (has 6,983 domains)
NS30.LINK-HOST.NET (has 6,983 domains)
   
 
Tech Contact    Pavel Zuev
Private Person
3-liniya, 2 polovini, 23 korpus, 3,
Sankt-Peterburg, Sankt-Peterburg, 187021, ru

(p) (f)
IP Address    46.4.69.15 - 1,380 other sites hosted on this server

Just another warning guys, since bitcoin and the rest of the altcoins are having a good spike recently, scammers are also taking advantage by creating a lot of fake airdrops like YFinance because it is the hottest commodity right now.

https://twitter.com/AlexSaundersAU/status/1329561975471259649

Code:

https://play.google.com/store/apps/details?id=com.dexuni.simpletwo

Archived: https://archive.is/5WB1P

I guess we needed the community's help again to report this fake apps in Google so that it will be taken down ASAP so that it won't dupe any unsuspecting victims.

You can report it here: https://support.google.com/googleplay/android-developer/contact/takedown

Chainalysis Launches Asset Realization Program for Government Agencies and Insolvency Practitioners

Chainalysis, the blockchain analysis company, today announced the launch of an asset realization program to help government agencies and insolvency practitioners handle, store, realize, and monitor seized assets. This announcement comes on the heels of the largest ever seizure of digital assets – collectively worth over $1 billion USD – by the U.S. government last week. Chainalysis tools and investigative assistance helped law enforcement identify and investigate the cryptocurrency wallets used in that case, which involved funds used or intended to be used to facilitate narcotics sales on the darknet marketplace Silk Road.

https://www.zdnet.com/article/chainalysis-launches-program-to-manage-cryptocurrency-seized-by-law-enforcement/

What are your thoughts on this so called program by Chainalysis, is the government hot on our heels? Or will this be just another noise out there specially coming from Chainalysis and will only be used to target criminals and strengthen their case if ever they want to file a case against a hacker/hackers?

[What happened:]

What happened: Fake Matic Wallet website

Website:

Code:

https://maticwallet.network/

Archive: https://archive.is/9mMHM

Domain information:

Whois Record for MaticWallet.network
How does this work?
Domain Profile
Registrant    REDACTED FOR PRIVACY
Registrant Org    WhoisGuard, Inc.
Registrant Country    pa
Registrar    NameCheap, Inc.
IANA ID: 1068
URL: https://www.namecheap.com/
Whois Server: whois.namecheap.com

(p)
Registrar Status    clientTransferProhibited
Dates    134 days old
Created on 2020-07-01
Expires on 2021-07-01
Updated on 2020-07-17    
  
Name Servers    NS1.DNS-PARKING.COM (has 702,675 domains)
NS2.DNS-PARKING.COM (has 702,675 domains)
   
  
Tech Contact    REDACTED FOR PRIVACY
REDACTED FOR PRIVACY,
REDACTED FOR PRIVACY, REDACTED FOR PRIVACY, REDACTED FOR PRIVACY, REDACTED FOR PRIVACY
(p) (f)
IP Address    45.87.80.44 - 94 other sites hosted on this server
   
  
IP Location    Netherlands - Flevoland - Dronten - Mb Adresu Valda
ASN    Netherlands AS47583 AS-HOSTINGER, LT (registered Apr 04, 2011)
Hosting History    3 changes on 3 unique name servers over 0 year    
  
Website
Website Title      500 SSL negotiation failed:    
  
Response Code    500

What makes this phishing site dangerous is that it will automatically ask for your mnemonic phrase.

The real website is: https://wallet.matic.network/. So it you look at the fake site, it is very very close to the name of the real and legit one, no cryllic attack but still very malicious and dangerous.

This is how the real website looks like:

[What happened:]

What happened: Fake and clone Curve.Fi website

Website:

Code:

https://curve.si/

Archived: https://archive.is/nPqW0

Registrant    NOT DISCLOSED
Registrar    EPAG Domainservices GmbH
IANA ID: —
URL: https://www.epag.de
Whois Server: —
Registrar Status    ok
Dates    10 days old
Created on 2020-10-21
Expires on 2021-10-21
   
Whois History  
Name Servers    DNS1.STORM-PRO.NET (has 727 domains)
DNS2.STORM-PRO.NET (has 727 domains)
DNS3.STORM-PRO.NET (has 727 domains)
DNS4.STORM-PRO.NET (has 727 domains)
   
  
Tech Contact    NOT DISCLOSED
IP Address    193.233.15.180 - -1 other site is hosted on this server

Real website: https://www.curve.fi/

https://twitter.com/CryptoCharles__/status/1320029985189539842

I think this sums up what is the sentiments of investors past and present. Do you agree with this statement? I just it's up to you want crypto you want to dump your money though, but for majority of us, BTC is the one. Specially if you are millennial, this is the right time to invest and be financially responsible for your future.

Atari Token: Public Sale of the Atari Token to begin October 29, 2020 on Bitcoin.com Exchange

Paris, October 16, 2020 – The Atari Group, one of the world’s most iconic consumer brands and interactive entertainment producers, announces the details for the upcoming public sale of the Atari Token on the Bitcoin.com Exchange.

Atari is evolving with its time and setting itself on a new mission to conquer the crypto space by creating a token of reference for the videogame industry, enabling access to as many platforms and users as possible via atarichain.com, the Atari wallet and more generally the creation of a blockchain-based ecosystem anchored around the Atari brand.

Atari’s objective is to progressively develop the adoption and the use cases of the Atari Token throughout the ecosystem and it has already entered into many partnership agreements to further this objective. The first use cases are in the domains where the Group is already active: video games or blockchain games, with ambitions to expand into DeFi for game financing. The list of such partnerships is available at www.atarichain.com.

The public sale is implemented by Atari Chain, Ltd (“Atari Chain”), a subsidiary of Atari, SA, held in parity with the ICICB Group and based in Gibraltar. The Atari Group is entitled to 35% of the revenue derived from the sales of the Atari Token. For more information, please visit www.atarichain.com.

The public sale of the Atari Token on the Bitcoin.com Exchange will begin on October 29, 2020. The price per Atari Token has been set at $0.25 per token with a hard cap for the public sale of $1 million. The Atari Token will be listed on the Bitcoin.com Exchange following the completion of the public sale.

“Teaming up with Bitcoin.com was a natural choice for Atari” said Frédéric Chesnais, CEO of Atari. “Both teams are working hand in hand to reach mass adoption of the Atari Token, with a goal of delivering the ultimate experience in the video game and interactive entertainment industry”.

https://www.globenewswire.com/news-release/2020/10/16/2109670/0/en/Atari-Token-Public-Sale-of-the-Atari-Token-to-begin-October-29-2020-on-Bitcoin-com-Exchange.html
So it will be $0.25 a pop with a hard cap of just $1 million for public sale. I'm sure some of us here specially kids that play Atari in the 80's will love to hear this news. I'm just disappointed though that it will be on bitcoin.com, another way to promote this shady exchange specially the people behind.

Criminals attempting to set up a malicious node on ETH, so if you are running a node and see this error, don't update it and visit the official Github and update only on their https://geth.ethereum.org/.



https://github.com/ethereum/go-ethereum/issues/21687

It was seen that someone's twitter account was hack and then promoted a bitcoin doubler. This used to be the tactics of cyber criminals in Youtube as it was reported that the activities started Massive wave of account hijacks hits YouTube creators. Yes, we are all familiar with the recent Twitter breach, but the difference is that this is a wide spread attack now, so anyone can become a victim.

I'm not saying that these criminals have shift, but more likely twitter might be easy to hack now through their phishing email attempts. So if you used this platform, so just be careful and this is a warning.

I'm not a follower of this account, but this is one example and definitely won't be the last twitter hack. So when the hacker takes over your attack, the obvious thing, Elon Musk is screaming all over with his supposedly bitcoin giveaways. This account has 230k followers.



https://twitter.com/diamondwhite/status/1315653427096059904

Website:

Code:

https://s3.us-east-2.amazonaws.com/cryptogiveaway/elon.html?5ssa

And these criminals are now hiding behind amazons aws, a bit tricky but we can report it here:

https://support.aws.amazon.com/#/contacts/report-abuse

https://help.twitter.com/en/safety-and-security/account-security-tips