Crazy idea for a community project: empty compromised paper wallets

[LoyceV]

The once trusted website Bitcoin Paper Wallet Dot Com (no clickable link because I no longer trust the site) got sold and now has several scam accusations against it. Bitcointalk user bedla tested it and 24 out of his 100 generated addresses already had a balance. That means the scam is still going on.

My crazy idea:

• Get private keys from the site, on a regular basis if they change something
• Setup a system to sweep all keys the moment they get funded
• Send funds/dust to an addy that leaves a hint to find this topic
• Return the funds to the owner after signing a message from the original sending address

Step 2 is where I don't know how to do it (yet), but I do know there are brain wallet hunters out there who use a similar system to steal funds.
Step 4 is the tricky part: if for instance the funds come from an exchange, the owner won't be able to sign a message. But if I don't do this, the site owner will take the funds for sure so I consider this a white hat thing to do.

Should I pursue this?

[1714228231]

1714228231

[1714228231]

1714228231

[1714228231]

1714228231

[bitmover]

This is an interesting approach, but I think it is hard to implement as there will be many problems a long the way.

How will you know who is a real user who lost money and who isn't just a newbie scammer (we have so many here)... The owner of this website probably already have something like you are proposing, how can you get the money first? and so on...


I think that doing something to Bitcoin Paper Wallet Dot Com directly is more effective.

 Maybe a mass DDOS attack from all over the world?
Or maybe trying to report to google their website? Or even create a new domain legitbitcoinpaperwallet.com or something like that and try to beat them on google search?

[LoyceV]

How will you know who is a real user who lost money and who isn't just a newbie scammer

A signed message from the sending address would convince me.

The owner of this website probably already have something like you are proposing, how can you get the money first?

It's going to be a battle for the fastest server.

Maybe a mass DDOS attack from all over the world?

That would be illegal.

Or maybe trying to report to google their website? Or even create a new domain legitbitcoinpaperwallet.com or something like that and try to beat them on google search?

It's going to be tough, since they bought a site with a long reputation. I haven't even been able to confirm the scam myself.

[hatshepsut93]

Step 2 is where I don't know how to do it (yet), but I do know there are brain wallet hunters out there who use a similar system to steal funds.

I never wrote anything like that, so I'll be speaking only theoretically.

You need to run a node that listens to new transactions, it should match the output addresses of all new transactions against this database of compromised addresses, when it finds a match the program will make a CPFP transaction with high fee that spends the unconfirmed output. This transaction would ideally be pushed directly to miners, instead of relying on normal propagation. If this method fails, you can try to wait for the transaction to get 1 confirmation and then try to sweep it.

It actually would interesting to look at the addresses of the victims of this fraud, if the coins get stolen in the same block as the incoming transaction, then the thieves use the CPFP method and you should do the same to have a chance to beat them.

[o_e_l_e_o]

It's not a bad idea at all, and not entirely dissimilar to what user Johoe did when blockchain.com reused R values and a bunch of users' coins were stolen. If you do go ahead, I would suggest making the receiving address in question multi-sig with some other forum users so you yourself can't be accused of stealing anything.

I would have thought it wouldn't be too difficult for the scammer to overcome, however, without additional work on your part. I'm sure once the scammer sees their stolen money being "stolen" back, they will start changing things up to try and prevent it from happening. He could update the code frequently, every day or even more so, to change the set of pre-generated addresses it gives out to users, and you would need to update your monitoring system just as frequently. It could even be something as simple as changing the derivation path to some master seed every hour or so. You would need to be downloading the code after every change, extracting the addresses, and changing your monitoring system. I've not reviewed the malicious code, so I don't know how easy that would be to automate.

Worst case scenario, he could even change the code entirely to give out addresses which are not linked to the private keys displayed, but are instead linked to a set of private keys he is holding in secret. I would wager the majority of people who are falling for a paper wallet scam site don't actually bother to check the address they receive is actually derived from the private key they receive before they fund it.

[pooya87]

Should I pursue this?

only if you have extra time at your hand and don't mind it probably going to be wasted the moment you take the first coins out of their hands. because changing the way this scam works is trivial and it could be in a way that you had no way of knowing what the keys were beforehand. although it would force the scammer to store a much bigger database compare to what it already has.

[NeuroticFish]

Should I pursue this?

only if you have extra time at your hand

Time and possibly resources too.

Step 2 is where I don't know how to do it (yet), but I do know there are brain wallet hunters out there who use a similar system to steal funds.

I never wrote anything like that, so I'll be speaking only theoretically.

You need to run a node that listens to new transactions, it should match the output addresses of all new transactions against this database of compromised addresses, when it finds a match the program will make a CPFP transaction with high fee that spends the unconfirmed output. This transaction would ideally be pushed directly to miners, instead of relying on normal propagation. If this method fails, you can try to wait for the transaction to get 1 confirmation and then try to sweep it.

It actually would interesting to look at the addresses of the victims of this fraud, if the coins get stolen in the same block as the incoming transaction, then the thieves use the CPFP method and you should do the same to have a chance to beat them.

I also didn't do this, but there could be a way without full node (so less resources on OP side) : use Electrum wallet (I found this, but I don't know whether it works) or maybe do what Electrum does and work directly with ElectrumX servers (blockchain.address.subscribe looks very promising)

However, if these notifications won't work you may need your own server  (hence resources)

[hatshepsut93]

I also didn't do this, but there could be a way without full node (so less resources on OP side) : use Electrum wallet (I found this, but I don't know whether it works) or maybe do what Electrum does and work directly with ElectrumX servers (blockchain.address.subscribe looks very promising)

I specifically didn't write "full node" since you don't need to store the whole blockchain to implement this project, you can probably even configure Bitcoin Core or other client for this, or even use third-party API's, though that would probably have too much latency.

[LoyceV]

It actually would interesting to look at the addresses of the victims of this fraud, if the coins get stolen in the same block as the incoming transaction, then the thieves use the CPFP method and you should do the same to have a chance to beat them.

Funds get stolen in the same block, see this example.

If you do go ahead, I would suggest making the receiving address in question multi-sig with some other forum users so you yourself can't be accused of stealing anything.

That's a good suggestion, I have to remain Switzerland after all.

I would have thought it wouldn't be too difficult for the scammer to overcome, however, without additional work on your part. I'm sure once the scammer sees their stolen money being "stolen" back, they will start changing things up to try and prevent it from happening. He could update the code frequently, every day or even more so, to change the set of pre-generated addresses it gives out to users, and you would need to update your monitoring system just as frequently. It could even be something as simple as changing the derivation path to some master seed every hour or so. You would need to be downloading the code after every change, extracting the addresses, and changing your monitoring system. I've not reviewed the malicious code, so I don't know how easy that would be to automate.

I can't check the code myself either, but indeed this is a possibility. If he gives every download a different set of compromised keys, this won't work anymore.

Worst case scenario, he could even change the code entirely to give out addresses which are not linked to the private keys displayed, but are instead linked to a set of private keys he is holding in secret. I would wager the majority of people who are falling for a paper wallet scam site don't actually bother to check the address they receive is actually derived from the private key they receive before they fund it.

You're right. Although this would make it easier to prove the site is a scam, it would make my idea completely useless.
I always usually check the backup of my private keys before funding them, using different software from what created them. But it's likely most people won't do that.

only if you have extra time at your hand and don't mind it probably going to be wasted the moment you take the first coins out of their hands.

After reading the comments, it's probably not worth the effort indeed.

[buwaytress]

Pretty neat white hat idea really, but yeah, the devil's in the implementation -- and a really big devil it is. I wonder if it's simply easier to try and just spread the message -- perhaps bang out a press release, for example, and get it submitted to all the news sites out there -- "if you have a balance there, sweep it now". Or would this just release the hunters onto the site?

[khaled0111]

After reading the comments, it's probably not worth the effort indeed.

You shouldn't be discouraged since you will be serving a good cause and may save some potentential victims from losing their money 
If someone writes a script to sweep those private keys then am sure many will volunteer and run it for free. A collective work would be more fruitful as the chances to hear about incoming transactions before the scammer are higher especially when each individual will be in charge of monitoring a definite set of addresses.

[DaveF]

I *think* as other people have said you will wind up playing a never ending game of cat & mouse as you change your code they change theirs.
And getting the funds back to people is going to be a nightmare.

On that note....
As of now metamask throws up a big red warning when you go to the page.

We should be reporting this to all the AV people / Google / etc. so it pops up in their "don't use this page warning".

Google: https://safebrowsing.google.com/safebrowsing/report_phish/?hl=en (not quife phishing but could not find a better place)
Malwarebytes: Pain in the ass, on my to do list: https://support.malwarebytes.com/hc/en-us/articles/360038522814-Submit-a-malicious-file-or-website-to-Malwarebytes
Symantec safeweb: https://symsubmit.symantec.com/
Mozilla / stopbadware: https://www.stopbadware.org/report-badware


Feel free to add the list.
We actually as a community should probably have a post somewhere that lists them all so we can save time.

-Dave

[pooya87]

I *think* as other people have said you will wind up playing a never ending game of cat & mouse as you change your code they change theirs.

it won't be never ending, it can potentially be a one time thing. it may have happened already if the scammers had seen this topic!
the OP's idea relies on the fact that keys are fixed and pre-generated. i don't want to post a walk-through here but the keys could each be unique no matter how many are created with very little effort, and the scammers can still own and watch each key for funds to steal.
it could even expand to offline generation.

ps. i liked your report idea. reported to ESET https://phishing.eset.com/report

[ksfromasia2]

The once trusted website Bitcoin Paper Wallet Dot Com (no clickable link because I no longer trust the site) got sold and now has several scam accusations against it. Bitcointalk user bedla tested it and 24 out of his 100 generated addresses already had a balance. That means the scam is still going on.

My crazy idea:

• Get private keys from the site, on a regular basis if they change something
• Setup a system to sweep all keys the moment they get funded
• Send funds/dust to an addy that leaves a hint to find this topic
• Return the funds to the owner after signing a message from the original sending address

Step 2 is where I don't know how to do it (yet), but I do know there are brain wallet hunters out there who use a similar system to steal funds.
Step 4 is the tricky part: if for instance the funds come from an exchange, the owner won't be able to sign a message. But if I don't do this, the site owner will take the funds for sure so I consider this a white hat thing to do.

Should I pursue this?

Everyone: I got scammed by this website as well. bitcoinpaperwallet steals the generted private keys. I was able to dox the person behind it. I have his IP address, name, hotmail, gmail account ID, mobile number, country of residence (Canada). Is there anything that we can do? Pls contact me if someone can help.