BITCOIN GOLD SCAM SITE mybtgwallet.com

[bananadines]

This website was on the official BTG page until a few hours ago.
Between 20-40 BTC were stolen by this website from the users trying to claim BTG for the BTC they had before the fork.
The users imput their mnemonics from BTC wallets in order to get the BTG wallet and private key.
This website used this menmonic to get access to the specified BTC account and empty it in a second.
After getting the BTC from those accounts the strange thing is that not for all the BTC account stolen, the scammer did not claim BTG although he had all info.

I built a community (https://join.slack.com/t/stolenbtc/shared_invite/enQtMjczNzMxOTM5MjIyLTNhZWRlNjNmMGUwOGJlYzFlMGZhNTIxMjA1ZWJhZmU1YTJjOTY3NTQ3Y2Q2YWE5NTc5NzAxZTRlYzAzYmEzMzA) with all the people that I could find that were ripped by this scammer and I helped a few of them to claim their btg. Feel free to join.

Some of the users claim that they lost up to 43 BTC.


Keep in touch.

well, scammers will never die. Crazy how many people are scamming daily in crypto... I hope we will see some better times in the future!

[1715302748]

1715302748

[1715302748]

1715302748

[1715302748]

1715302748

[1715302748]

1715302748

[1715302748]

1715302748

[sonsoflight]

What gets me the most, is this "Disclaimer" they put up on the BTGold official website, the very moment we all got our coins stolen, and they quietly removed the link from their site, all without an official announcement to save other users from the same pitfall, mysteriously. You'd think that they'd want to avoid other users getting scammed by putting out an urgent announcement, alongside the removal of the link. But nothing yet that I've seen. The lack of an official announcement plays nicely into the idea that they're very much okay with this sort of thing happening, or having happened, and have no intentions to get ahead of this like a normal group of developers would in light of this:

Disclaimer: the Bitcoin Gold Organization (bitcoingold.org) cannot take responsibility for third party providers, such as the listed exchanges, wallets, sites and pools. All links hosted on our domain are by community members and third parties and by clicking on any of the listed links you are accepting the risks of using the third party domain and taking responsibility for any losses, damage or other issues using said domain. Crypto-currencies are inherently risky and investors and users must remain vigilant.

Putting the blame back on us. Which is fair: we share some blame. But in this case, I'm pretty sure they're the robbers telling us we should've kept our stuff locked up because it's 'a dangerous world out there'.

Moreover, for those here saying "why would they do this when they've got a coin with a billion dollar market cap?", etc:

I couldn't tell you. Greed? Because so far, we could pose that question against things we know that they already did. Like:

"Why would they need a premine when they've already got a coin with a billion dollar market cap?"

"Why did they let tens of thousands of miners premine for them, without ever saying that this is what was happening for an entire day after the launch of the official mainnet?" Hell, if it wasn't for a tweet from Suprnova, I wouldn't have known. I was sitting there watching my coins mature, and then disappear, and not a word from them about this. Not a notice on mine.pool.gold. Nothing. Others were equally surprised. I mined like $50 for those guys without knowing it. So why would they need to do that, if they've already got ... ?

... you get the point. I hope that the coin soon outgrows these devs, but the more I look into and research this, the more I genuinely believe that there's very little chance the btgold team isn't at *least* in collusion with the guy / folks that took our coin.

And bear in mind, I am not someone who's against these forks. I think they're a healthy and exciting part of the ecosystem, to be honest with you. A potential chance for us later comers to experience the same growth some of you folks did who joined up in 2011 or 2013. But now, with Bgold, I'm split. The better it does, the better I know the scammer, or scammers, are doing, too. I'm still excited about the idea, but it's hard to support them (current devs) after what very much appears to be something they're kind of a part of. I didn't want to believe it, but every reputable crypto person out there was saying that these guys were probably in this for the money; and though they got a bit more sophisticated since that accusation, it may very well have been true after all.

[sonsoflight]

Note, they did come out with this yesterday:

https://bitcoingold.org/safety-is-critical/

However, I don't know that I can buy the "Man in the Middle" attack theory. How many people in crypto, having already gone to jail or going to jail for stealing people's money, have tried this explaination?

Also, the site in question has had two forms: one that was complete, and had footer credits that linked to the repositories the code came from, along with three options for creating a wallet, transferring BTC to BTG (which was disabled until the mainnet launched), and a tab for checking your BTG balance with your private keys (which is when we input our private keys); and the second one was the one that looked broken and "hacked" (which happened just the evening before most of our coins were stolen, and is its current state). The first version of the site had to be the version that stored and transmitted the keys, because for us, that's the only time we submitted them. Changing the site later to look like it's been "hacked" is super suspect to me. Why would the hacker change *anything* after stealing the money? You're done dude; no need to make the site look *more* jenky. And you mean to tell me that the site owner didn't notice this for five days? Or that his site was jenky looking for all days since? And hasn't bothered to lock it down, or fix it? I call shenanigans.

For us, the timeline wouldn't work out. We submitted the keys on the 11th, when the site looked normal, and just after it was listed on the BTG official site and just before the launch of the mainnet. We waited for several days before just transferring it instead to a Coinomi wallet, since the date of last update (which was then 11/10/2017) hadn't changed. Even as recently as the 13th, when you clicked on the second tab to "transfer your BTC to BTG", you'd get a popup that said that this was disabled until the mainnet launch. It was clear that something might be wrong, but there was still little cause for alarm, because the site was still listed on the official BTG site, as far as we were concerned. This is when we started talking about moving the money (which we were actually planning to do).

On 11/14, I checked one last time in the evening, and that's when the site suddenly looked "hacked". But again, our keys shouldn't have been stored anywhere, right? So being "hacked" later shouldn't have affected us. And, if they were "hacked" before, why would a hacker then go out of their way, the day before their big heist, to make the site look horrible to dissuade others from losing their money?

And on 11/15, our money, both our BTC and our BTG, were gone (by about 1:30pm our time, MDT).

The timeline just doesn't work out.

[BigManOso]

BTG is 100% at fault, I knew that was going to happen, I put a bit of BTC in an account and only used there onsite part where you put the info in, and sure enough its gone, I don't care what anyone says, if it says it safe and its on the main site where you enter the info, then its on them, I did that just to test, they could of made a keygen for offline, they know what they where doing, and crypto or not, there will be a day when all this will have an out come, you just cant think you can take that much money and in the long term get away with it, I am looking at it like long term full adoption for crypto, and that will never happen as long as others can get away with this. And I was really excited for a GPU only BTC chain.

[Prom_ZA]

Hi, I am also one of those scammed by this mybtgwallet site. The way I see it is also that the BTG team is at fault here, in multiple ways. Firstly they didn't have a disclaimer that those are community sites and only added it after this incident. They assured everyone on Twitter that the site was safe and they personally vetted the team. Secondly from all appearances it looked like an official site they were running so depended very much on the trust placed in them.

They also had numerous incidents of negligence along the way. They should have had proper replay protection BEFORE the fork. They could have done a private fork and tested this before announcing the official real fork. Instead they ran a competition for a member of the community to come up with a solution. They decided to implement a "unique address format" which itself is good but they should have had an official tool to convert addresses before even announcing the fork. I asked them for this on numerous occasions but they never bothered to even respond to it. Instead we had to use third party tools at literally the last moment or else I would have never provided my key as it was the only way I could get my address at that time. I'm not saying it's the case but it's almost as if it was planned to be like this. I never fall for phishing scams so that itself should tell you something but crypto is a new world where things function differently.

Further they still haven't said anything about this incident, only releasing a general safety bulletin afterwards. We don't know if they are tracking down the individuals involved or provided their information to the authorities. I don't buy the hacker/impersonator excuse they gave for a moment before shutting down the site. You don't run away if you are truly innocent. Firefox gave no warning about the insecure certificate when the site was functioning. It was only after the incident that it complained so that is just a convenient excuse they tried to implement after the fact to try and cover their tracks.

The BTG team should do the right thing here and compensate us from all those blocks they mined. If they don't do it I hope this continues to haunt them till the project eventually dies.

[Prom_ZA]

Response to some of the comments made

"BTG or the team isn't a scam"
That may or may be the case. Personally I reserve the word "scammer" for people that trick other people out of something. They did do a few things though that would be considered unethical in a regulated environment. They may not have hidden the fee code but they sure as hell weren't upfront about it and snuck it in. Most mining software and pools state their fees upfront for the sake of transparency. How can we trust them?

"Why would the developers steal funds when they did a premine?"
I don't know, why would they sneak in a mining fee in their software? Some people are just greedy like that. The premine is supposed to pay for ALL development yet in this case they didn't think it was enough and wanted more.

"The premine wasn't any different than any other premine or ICO reserve"
Well actually it was. First off it wasn't a premine as they themselves state. Secondly we already knew the base price from the Bitcoin Cash fork instead of it being valueless like with new coins. That means they already calculated what they were getting out of it. That part was a money grab whether the project survives or not. Personally I don't care about this as there are bigger issues. The team is hugely unprofessional with how they handled the fork and it's clear they aren't professional coders that created a lot of issues along the way.

"mybtgwallet got scammed/hacked"
Well that is a matter of debate. I can say for sure it's the same site from my browser history so there was no impersonation and I followed the link directly from the BTG site. It's also debatable whether it got hacked. The site was working fine with no security warnings until the theft occurred. Why was an invalid certificate then added? If this was an issue with a hack then it raises another serious question, why were the private keys stored when they were only needed at the time of a user checking their balance? Even real online wallets don't need to store any keys to function and calculating an address can even be done entirely on the client side. It's negligence at the very least and who uses a free host for something like this in any case? Why have the owners now run away without making a statement as well?

[Prom_ZA]

Note, they did come out with this yesterday:

https://bitcoingold.org/safety-is-critical/

However, I don't know that I can buy the "Man in the Middle" attack theory. How many people in crypto, having already gone to jail or going to jail for stealing people's money, have tried this explaination?

Also, the site in question has had two forms: one that was complete, and had footer credits that linked to the repositories the code came from, along with three options for creating a wallet, transferring BTC to BTG (which was disabled until the mainnet launched), and a tab for checking your BTG balance with your private keys (which is when we input our private keys); and the second one was the one that looked broken and "hacked" (which happened just the evening before most of our coins were stolen, and is its current state). The first version of the site had to be the version that stored and transmitted the keys, because for us, that's the only time we submitted them. Changing the site later to look like it's been "hacked" is super suspect to me. Why would the hacker change *anything* after stealing the money? You're done dude; no need to make the site look *more* jenky. And you mean to tell me that the site owner didn't notice this for five days? Or that his site was jenky looking for all days since? And hasn't bothered to lock it down, or fix it? I call shenanigans.

For us, the timeline wouldn't work out. We submitted the keys on the 11th, when the site looked normal, and just after it was listed on the BTG official site and just before the launch of the mainnet. We waited for several days before just transferring it instead to a Coinomi wallet, since the date of last update (which was then 11/10/2017) hadn't changed. Even as recently as the 13th, when you clicked on the second tab to "transfer your BTC to BTG", you'd get a popup that said that this was disabled until the mainnet launch. It was clear that something might be wrong, but there was still little cause for alarm, because the site was still listed on the official BTG site, as far as we were concerned. This is when we started talking about moving the money (which we were actually planning to do).

On 11/14, I checked one last time in the evening, and that's when the site suddenly looked "hacked". But again, our keys shouldn't have been stored anywhere, right? So being "hacked" later shouldn't have affected us. And, if they were "hacked" before, why would a hacker then go out of their way, the day before their big heist, to make the site look horrible to dissuade others from losing their money?

And on 11/15, our money, both our BTC and our BTG, were gone (by about 1:30pm our time, MDT).

The timeline just doesn't work out.

This is my point exactly. Nothing was wrong with the site when I used it on the 12th. The funds got stolen on the 15th. I didn't visit the site again as I managed to get Coinomi working in a VM. Initially I thought it was my fault for using dodgy software or having a virus but realise now I was probably never at risk for any of that. From the reports the site only looked broken or hacked after this. So why was it changed again and a broken certificate added after the keys were already stolen? All of this looks like a cover up after the fact.

Then there's also the issue of using a free host which usually doesn't ask a lot of questions like a paid one would do. Does anybody even really know the real identity of the owner?

[concorde899]

Join our community on slack, we need you.

https://join.slack.com/t/stolenbtc/shared_invite/enQtMjc2MDQ1OTc0NTAzLTcwZTVmZmM1OGUzN2VmOGQ0MWI4MmZhNjJjMzQ1YThlMzZiMjYwNjhiY2ZlYzg2MDY1MjRlMTBmNjRjNjc5NzI

We really need you to make our voices louder.

We also setup Donations addresses. We will use the donations to purchase media services for us to grow and mean something and also to help all the people who have been scammed for all their lifesavings and are in desperate need.

BTC:  13cTYuuKwvQ5WFKThvCk8b9fgcBGjq5AkL
BTG:  GaPRnKBuhkHpCmszpsJkaC9rzw4gWFRBB3
ETH:  0xee272005d7cd5003Db1A0FDc9F16e13b501aE00f
LTC:  LUmaxZHmtMY2Mr5zbs7UPfHVQKSFVB5AMu


We thank you!

[Prom_ZA]

Link no longer active

[Freewallet]

There is a new clone of Mybtgwallet.com online. It is https://mybitgoldwallet.com/...BEWARE: it is a scam too, has transmit script inside, do not use!

Also there is another fishy wallet on the official Bitcoin gold website : Freewallet and as according to this topic is fraud too :

https://bitcointalk.org/index.php?topic=1964190.0


Holders, BEWARE

Freewallet has never stole from their users. We were the first to release a dedicated Bitcoin Cash wallet during the first Bitcoin chain split we supported. The idea was the same behind our most recent Bitcoin Gold wallet: when there's a chain split, it's a chance to benefit, and we won't miss an opportunity to present it to our users.

[Pab]

I ve been reading that MyBtgwallet is stealing private keys,maybe thay have bug and thay have been hacked
Better be careful than cry later

[bbcolex]

this will throw some shade to btg, good luck to all believers of this coin. Greedy people will always find a way to scam or take advantage if they have the chance to. I feel sorry for those who lost their btc jst to claim btg 

[SapphireToken]

this will throw some shade to btg, good luck to all believers of this coin. Greedy people will always find a way to scam or take advantage if they have the chance to. I feel sorry for those who lost their btc jst to claim btg 

Just use a trezor and call it a day.

[concorde899]

As I stated into some other topics:
"Most of the scammed holders were new to the blockchain technology but the strange thing is that not all!
They used their Mnemonic to claim btg/create btg wallet/check balance on forked btg on the developers official statements on many social networks.
They trusted thos sources.
The community is still growing after 6 days from the initial scam."

Regarding all the hardware wallets : It is of no use if you keep your account into trezor wallets and input your mnemonic seed on a fake website. You have to understand that money is not actually into that wallet. Money is on the blockchain. You might as well use any good encryption software to keep your passwords safe, or a offline computer.
The best antivirus ever is the specific user in front of the computer.

[Gasotard]

just be carefull dont trus any site without some review from another
and make bookmark the trust site so you will make sfatey
and one again don give private key to another

Who would want to use that website for Bitcoin Gold? What's wrong with just going to Bitcoin Gold's official site?

[concorde899]

just be carefull dont trus any site without some review from another
and make bookmark the trust site so you will make sfatey
and one again don give private key to another

Who would want to use that website for Bitcoin Gold? What's wrong with just going to Bitcoin Gold's official site?

The website mybtgwallet.com WAS listed on the official website of bitcoin gold.
As soon as the scams started to be reported they put it down and uploaded a disclaimer.

[Jahus]

The official website listed services created by the community prior to their launch and prior to Bitcoin Gold official launch.

Bitcoin Gold developers proved many times how noobs and inexperienced they were. They have been totally overwhelmed by the events. Putting links on the website helped them show how serious the project was. And they may have not checked any of them. This is the same case for the pools, made by noobs, who failed to start in time (we can see how well Suprnova did since the beginning).

Bitcoin Gold may have started as a scam, or a joke, we might never know, but whatever it was, it's now live and the community can take it over. Spreading FUD by talking about the same subject again and again won't help the community. Remember that devs have 8000 block premine, so they already have more money than you. If you want it to succeed, community has to take ownership of the coin, and its development.

And again, if you have many bitcoins in your wallet, why would you put your private key in an online service?
Because you need your BTG so hard and fast? My first advice is to use your BTC to buy you some patience magic potion.
But let's say you need your BTG hardly and fast. Why don't you first empty your bitcoin BTC wallet by sending the coins to another address, let's say on Blockchain.info (if you have no other alternative), and then use that old btc-empty wallet private key on the scamsite? If you lose coins, you'd only lose BTG, not your precious BTC.

Never give private keys of a non-empty wallet. Never. May this BTG event be a lesson for everyone.

[cryptomngr]

Dont trust anyone about your private keys,no one would be scammed.I wont be suprise if the BTG is a scam most of the supply is being hold by the founders.

[faaty]

I do not understand why people say do not trust any website and do not import private key or seed. mybtgwallet was on the official bitcoingold website, that is why people trusted this.

I do trust myetherwallet.com and put my private key there, I do trust neowallet.cn and put my private key there, I do trust waveswallet.io and put my seed there, I do trust mymonero.com and put my private key there. These are official or supported wallets by the coins themselves. I thought mybtgwallet is also one of them.

This should be a really bad reputation for bitcoin gold, but as I see most people do not think so and blame users. This is not right.

[fxbit]

They just warned people that their windows wallet is compromised and anyone downloading their windows wallet release should remove it and redownload new, this should not be happen to such huge project that have BTC community behind it, there is no security consideration at all, who knows I future what they will offer that they eventually found out to be scam software from unknown bounty developer     https://bitcoingold.org/critical-warning-nov-26/