🛑🛑[SCAM ALERT] EOSGAS hacking MyEtherwallet by asking KYC & sign message 🛑🛑

[The Cryptovator]

EOSGAS hacking MyEtherwallet. Recently they are asking for KYC and sign message from MyEtherwallet. Cleverly they are inviting people by mail for verify KYC.

Website link : https://www.eosgas.co

Asking KYC from : https://www.eosgas.co/kyc/

They are not connected with EOS.  They just come for scam.

They will send you below email after joined airdrop.

There will be link for verify signature message. That link will be redirect you on,  https://myetherwallet.com.root4.icu/signmsg.html

That link will open this window,

Check the address bar

There will be requir your private key or  Keystore file. If you enter you private key of file. That means you account will be empty. See their airdrop condition.

You will receive bonus tokens based on the EOS, eosDAC and Ether Balance in this Wallet Address...

That means those balance you have they will stolen instantly. So be aware from them.

Don't jump for free always. You may loss Every thing.

Some one please archive all website. I can't open archive.is and archive.if , I don't know why not working.

They have already stolen more than $ 100,000 https://etherscan.io/address/0x51af777899f0e81fbb69836e9255cc5bab7a5842

Edit : 28-07-2018


Edit : 31-07-2018
It's great to see etherscan give warning once viewing this scammer address: https://etherscan.io/address/0x51af777899f0e81fbb69836e9255cc5bab7a5842
Probably many people report this address.

[treepixel]

Confirming that I've also seen this.
KYC shouldn't require you to prove you own a particular ETH address.
Stay away from this.

[hdhcurrencies]

I already send to them my signature, so what will happen to next?, please help me out or tell me what next?

[witcher_sense]

They have already stolen more than $ 100,000 https://etherscan.io/address/0x51af777899f0e81fbb69836e9255cc5bab7a5842

[LogitechMouse]

I already send to them my signature, so what will happen to next?, please help me out or tell me what next?

Maybe you can say goodbye to your coins. This is the problem when most people want to join in the airdrops that they are not aware of the information that they will give. They just give any information that the airdrop needs just to get FREE money. I'm not saying its bad to join to airdrops but read the requirements first before you join.

[crypt0j0e]

I already send to them my signature, so what will happen to next?, please help me out or tell me what next?

Maybe you can say goodbye to your coins. This is the problem when most people want to join in the airdrops that they are not aware of the information that they will give. They just give any information that the airdrop needs just to get FREE money. I'm not saying its bad to join to airdrops but read the requirements first before you join.

I signed up for the airdrop but when i took a good look at that fake MEW site i was already very suspicious because the url and certificate didn't match the real MEW site and there are a bunch of missing wallet access options on the sign message page. But I could see how an unsuspecting user not using a hardware wallet or paying attention to all the red flags could end up giving these scammers their private keys.

[treepixel]

I already send to them my signature, so what will happen to next?, please help me out or tell me what next?

Send your tokens to another wallet.

[The Cryptovator]

It's very sad they are still stolen money. I have seen there is recent transaction. Be aware...

[jhenfelipe]

Someone posted about this aidrop as scam too 2days ago like yours (not as detailed as this though). However, it was posted on Altcoin Discussion board and since there are tons of threads posted and getting bumped there, maybe only few saw that thread.
https://bitcointalk.org/index.php?topic=4752419

How did you know about that airdrop anyway? I wonder if there's a thread here in bitcointalk or you saw that somewhere else

No one have archived the site, it's already deleted. Here's the Google Cached versions:
https://webcache.googleusercontent.com/search?q=cache:rQTRBacTJCMJ:https://eosgas.co/+&cd=1&hl=en&ct=clnk&gl=ph
https://webcache.googleusercontent.com/search?q=cache:U_SOGJvdBE8J:https://www.eosgas.co/kyc/+&cd=1&hl=en&ct=clnk&gl=ph

[The Cryptovator]

How did you know about that airdrop anyway? I wonder if there's a thread here in bitcointalk or you saw that somewhere else

No , they didn't make any thread on bitcointalk. They viral it by social media. Search simply Facebook & Twitter. Actually I am not participate for reward. I hate airdrop. Sometimes if I feel any suspicious activity than a submit with fake details. It's really supiciaus that they will pay 500$ for airdrop !!!! If I am not wrong. That's why I feel to investigate deeply. Always I want so save my family. So we are family here of bitcointalk. That's why almost time I try to work with scam ICO investigation. I never find who is legit. I try to find who is scammer in order to save money.

[HCP]

Your maths is all messed up... How does $27,533 + $110,674 = $1,128,207?

Seriously tho, people need to stop blindly clicking on links and entering sensitive data like passwords and private keys

[The Cryptovator]

Your maths is all messed up... How does $27,533 + $110,674 = $1,128,207?

Seriously tho, people need to stop blindly clicking on links and entering sensitive data like passwords and private keys

May be typing mistake. Thanks for pointing. Picture edited now.

[crypt0j0e]

Your maths is all messed up... How does $27,533 + $110,674 = $1,128,207?

Seriously tho, people need to stop blindly clicking on links and entering sensitive data like passwords and private keys

Yeah, it's amazing how many people fall for these scams. I mean they could at least have a separate address for airdrops so if their private key becomes comprised they will only loose the airdrop tokens. But i think nowadays the majority of airdrops are not even worth the time and hassle let alone risking funds to complete some KYC.

[Cryptomonyet]

I've guessed this from the beginning, look fishy. usually most of these scammers come from twitter. 

[The Cryptovator]

Post is updated. Etherscan also giving warning once view the address. It's better for us may be it will help to save some people. I think many people report this address to etherscan. So they did it.

[Aegean Skipper]

You were correct!

all of eosgas websites are already down
Nice catch, i will start following you for further infos

thank you

[The Cryptovator]

Up for remind again