 |
April 10, 2020, 06:43:44 AM |
|
There's a new scam that I discovered recently.
Here are the details:
The victim gets tricked into installing a Tampermonkey script in his Chrome browser and using that script to purchase game keys or gift cards on G2A using Bitcoin.The victim is manipulated to believe that the script will change the timezone of the checkout page and make the payment session to expire,therefore Bitpay(the BTC payment processor of G2A) will refund automatically all transactions above 0.005 BTC,while G2A will complete the order and deliver the game keys/gift cards.
Hence,you get games and gift cards FOR FREE! Right? WRONG!
In reality,the Tampermonkey script changes the Bitpay wallet address on the G2A checkout page with the BTC address of the creator of that script(the scammer).The victim sends BTC to the scammers address and expect an automatic refund from G2A,but such refund never happens and the BTC are gone...
I don't want to post links here,but you can search Youtube for "G2A refund" and there are a bunch of videos about this "exploit". Usually the videos have more likes than dislikes and lots of fake sounding bot comments,about the script "working perfectly".
The Tampermonkey scam script has several names- "G2A refund glitch","timezone exploit","G2A exploit".
I don't use G2A and I don't care about this shady gaming marketplace.
If you ever want to buy something from G2A,just don't trust the "get everything on G2A for free" videos and methods that are shared across the internet.
|
