Bitcoin Forum
November 18, 2024, 11:26:59 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: BlenderWallet phishing attempt?  (Read 363 times)
LoyceV (OP)
Legendary
*
Offline Offline

Activity: 3500
Merit: 17698


Thick-Skinned Gang Leader and Golden Feather 2021


View Profile WWW
June 25, 2021, 06:49:10 PM
Merited by nutildah (2), ChipMixer (2), dkbit98 (1), JeromeTash (1)
 #1

Blender Wallet claims to be hacked:
June 22, 2021 – Non-custodial crypto wallet Blender Wallet has been hacked. The hackers withdrew the amount of 100 BTC in total.

As a non-custodial service, Blender Wallet doesn’t store data about users on servers. The Blender Wallet team has immediately disabled registration and access to the wallets to  protect users’ funds and make sure that newly generated seed phases won’t get in hacker’s hands.The executives promise to cover the losses from Blender Mixer’s reserves. Every user who has lost the money due to the hack will get the exact amount of money on their balance. Further information on compensation will be available at https://blenderwallet.io and @BlenderWalletio_English Telegram channel.

“Over the course of investigation, we promise to figure out how hackers managed to hack a non-custodial solution, as we don’t store any data granting access to users’ balances on our servers. We initiated an internal investigation. The details of how hackers got access to users’ funds are still unclear,” commented the officials. "The whole crypto community, be it a regulated exchange or a mixer, should deploy all the forces against cybercrime, as it's users who get affected in the first place. And as a service we must do whatever we can to protect funds that we've been entrusted with."
Sure. Now check https://blenderwallet.io/en/:
Quote
The procedure for receiving a refund:

    Send your seed phrase and password (if you used one) to the blenderwallet@tuta.io or to the jabber blenderwallet@jabb.im
This should ring all possible alarm bells! What if their non-custodial wallet wasn't hacked, but their accounts are? It sounds like a perfect phishing scenario to ask users for their seed phrase and steal there funds! Even if the hacking story is true, there are better ways to prove ownership than sending the seed phrase.

I've left BlenderWallet negative feedback as a warning for now. Better safe than sorry.
This is also a big red flag:
Quote
All applications will be processed on a first come, first served basis.
It's like: quick, don't think, send your seed phrase!

▄▄███████████████████▄▄
▄█████████▀█████████████▄
███████████▄▐▀▄██████████
███████▀▀███████▀▀███████
██████▀███▄▄████████████
█████████▐█████████▐█████
█████████▐█████████▐█████
██████████▀███▀███▄██████
████████████████▄▄███████
███████████▄▄▄███████████
█████████████████████████
▀█████▄▄████████████████▀
▀▀███████████████████▀▀
Peach
BTC bitcoin
Buy and Sell
Bitcoin P2P
.
.
▄▄███████▄▄
▄████████
██████▄
▄██
█████████████████▄
▄███████
██████████████▄
███████████████████████
█████████████████████████
████████████████████████
█████████████████████████
▀███████████████████████▀
▀█████████████████████▀
▀██████████████████▀
▀███████████████▀
▀▀███████▀▀

▀▀▀▀███▀▀▀▀
EUROPE | AFRICA
LATIN AMERICA
▄▀▀▀











▀▄▄▄


███████▄█
███████▀
██▄▄▄▄▄░▄▄▄▄▄
████████████▀
▐███████████▌
▐███████████▌
████████████▄
██████████████
███▀███▀▀███▀
.
Download on the
App Store
▀▀▀▄











▄▄▄▀
▄▀▀▀











▀▄▄▄


▄██▄
██████▄
█████████▄
████████████▄
███████████████
████████████▀
█████████▀
██████▀
▀██▀
.
GET IT ON
Google Play
▀▀▀▄











▄▄▄▀
JeromeTash
Legendary
*
Offline Offline

Activity: 2338
Merit: 1263


Heisenberg


View Profile
June 25, 2021, 09:16:45 PM
Merited by vv181 (1)
 #2

I read their message the other day and something is off about the hack claim.

Maybe they would help by shading some light on how the "attack" happened in the first place. I mean, it already happened, so I don't see why they should leave out such details on their website and instead jump onto the refunding procedure.

█████████████████████████
██
█████▀▀███████▀▀███████
█████▀░░▄███████▄░░▀█████
██▀░░██████▀░▀████░░▀██
██▀░░▀▀▀████████████░░▀██
██░░█▄████▀▀███▀█████░░██
██░░███▄▄███████▀▀███░░██
██░░█████████████████░░██
██▄░░████▄▄██████▄▄█░░▄██
██▄░░██████▄░░████░░▄██
█████▄░░▀███▌░░▐▀░░▄█████
███████▄▄███████▄▄███████
█████████████████████████
.
.ROOBET 2.0..██████.IIIIIFASTER & SLEEKER.██████.
|

█▄█
▀█▀
████▄▄██████▄▄████
█▄███▀█░░█████░░█▀███▄█
▀█▄▄░▐█████████▌▄▄█▀
██▄▄█████████▄▄████▌
██████▄▄████████
█▀▀████████████████
██████
█████████████
██
█▀▀██████████████
▀▀▀███████████▀▀▀▀
|.
    PLAY NOW    
vv181
Legendary
*
Offline Offline

Activity: 1932
Merit: 1273


View Profile
June 25, 2021, 10:29:29 PM
 #3

Some people on the Blenderio telegram claimed they have received the refund:
https://t.me/c/1441579769/1171
https://t.me/c/1441579769/1172

At first, the team reported that Blender Wallet is on maintenances https://t.me/c/1441579769/1129, but then they announce the service got hacked.

I suppose it might be bad crisis management. Not to mention they are being reliable for people's money, and how awful the situation might be for the team. So I think the questionable announcements are reasonable. Although they indeed should perform better, as JeromeTash said, I do think they better to clarify the incident first. But maybe the team just wants a quick way to assure user funds safe.

But yea, with such kind of announcement its kinda seems like a phishing scenario, mentioning the probability their account might be hacked as you said it.


Blenderio telegram link:
https://t.me/joinchat/VezC-VERtYs8sdB7
khaled0111
Legendary
*
Offline Offline

Activity: 2716
Merit: 3060


Top Crypto Casino


View Profile WWW
June 25, 2021, 11:58:58 PM
Merited by LoyceV (4)
 #4

Even if the hacking story is true, there are better ways to prove ownership than sending the seed phrase.
It would be better to ask the affected customers to sign a message with their hacked wallets to be eligible for a refund. This is the best way to prove ownership of a wallet without exposing its seed.
But there is a more serious problem, imo: they claim they don't save their customers personal information (no kyc) and since the hacker manged to move the victims funds then he certainly has their wallets seeds too. Now, if someone contacts them asking for a refund how are they going to know if he is the real owner and not the hacker!
Maybe this why they stated that the refunds will be made on a first come first served basis!

LoyceV (OP)
Legendary
*
Offline Offline

Activity: 3500
Merit: 17698


Thick-Skinned Gang Leader and Golden Feather 2021


View Profile WWW
June 26, 2021, 06:19:48 AM
Merited by vv181 (1)
 #5

Some people on the Blenderio telegram claimed they have received the refund:
Some Newbies on Bitcointalk claimed the same. The accounts were only created to post this, which is what many scammers do to promote their scam.

Quote
Not to mention they are being reliable for people's money
Not according to their Terms.

Quote
So I think the questionable announcements are reasonable.
Let's agree to disagree on this.

Quote
But maybe the team just wants a quick way to assure user funds safe.
Intead of rushing to refund people and promising to pay 100 BTC out of pocket, it would make much more sense to get to the bottom of this first. How do they even know 100 BTC was stolen?

But there is a more serious problem, imo: they claim they don't save their customers personal information (no kyc) and since the hacker manged to move the victims funds then he certainly has their wallets seeds too. Now, if someone contacts them asking for a refund how are they going to know if he is the real owner and not the hacker!
You make a very good point. None of this makes any sense!

▄▄███████████████████▄▄
▄█████████▀█████████████▄
███████████▄▐▀▄██████████
███████▀▀███████▀▀███████
██████▀███▄▄████████████
█████████▐█████████▐█████
█████████▐█████████▐█████
██████████▀███▀███▄██████
████████████████▄▄███████
███████████▄▄▄███████████
█████████████████████████
▀█████▄▄████████████████▀
▀▀███████████████████▀▀
Peach
BTC bitcoin
Buy and Sell
Bitcoin P2P
.
.
▄▄███████▄▄
▄████████
██████▄
▄██
█████████████████▄
▄███████
██████████████▄
███████████████████████
█████████████████████████
████████████████████████
█████████████████████████
▀███████████████████████▀
▀█████████████████████▀
▀██████████████████▀
▀███████████████▀
▀▀███████▀▀

▀▀▀▀███▀▀▀▀
EUROPE | AFRICA
LATIN AMERICA
▄▀▀▀











▀▄▄▄


███████▄█
███████▀
██▄▄▄▄▄░▄▄▄▄▄
████████████▀
▐███████████▌
▐███████████▌
████████████▄
██████████████
███▀███▀▀███▀
.
Download on the
App Store
▀▀▀▄











▄▄▄▀
▄▀▀▀











▀▄▄▄


▄██▄
██████▄
█████████▄
████████████▄
███████████████
████████████▀
█████████▀
██████▀
▀██▀
.
GET IT ON
Google Play
▀▀▀▄











▄▄▄▀
SFR10
Legendary
*
Offline Offline

Activity: 3192
Merit: 3529


Crypto Swap Exchange


View Profile WWW
June 26, 2021, 07:00:57 AM
Merited by LoyceV (2)
 #6

Some Newbies on Bitcointalk claimed the same. The accounts were only created to post this, which is what many scammers do to promote their scam.
Judging by its timing ["after what I said"], it does look like what you mentioned.

How do they even know 100 BTC was stolen?
They probably made that up and it's a perfect case wherein none of the affected users [if there are any] are going to disclose such information and they'd probably do the same as well [nature of their service].

None of their recent announcements makes much sense and I see the following things as possibilities:

  • A marketing strategy to create some buzz and increase their reputation.
  • It was never a "non-custodial service".
  • Somehow it really got hacked.

Personally, I'm leaning towards the first two being the case, but I could be wrong.

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
LoyceV (OP)
Legendary
*
Offline Offline

Activity: 3500
Merit: 17698


Thick-Skinned Gang Leader and Golden Feather 2021


View Profile WWW
June 26, 2021, 03:52:46 PM
 #7

User blenderio also responded yesterday. The user's previous post was from September last year, but the Trust summary doesn't show the "this user just woke up"-warning so they must still have been active once in a while.

▄▄███████████████████▄▄
▄█████████▀█████████████▄
███████████▄▐▀▄██████████
███████▀▀███████▀▀███████
██████▀███▄▄████████████
█████████▐█████████▐█████
█████████▐█████████▐█████
██████████▀███▀███▄██████
████████████████▄▄███████
███████████▄▄▄███████████
█████████████████████████
▀█████▄▄████████████████▀
▀▀███████████████████▀▀
Peach
BTC bitcoin
Buy and Sell
Bitcoin P2P
.
.
▄▄███████▄▄
▄████████
██████▄
▄██
█████████████████▄
▄███████
██████████████▄
███████████████████████
█████████████████████████
████████████████████████
█████████████████████████
▀███████████████████████▀
▀█████████████████████▀
▀██████████████████▀
▀███████████████▀
▀▀███████▀▀

▀▀▀▀███▀▀▀▀
EUROPE | AFRICA
LATIN AMERICA
▄▀▀▀











▀▄▄▄


███████▄█
███████▀
██▄▄▄▄▄░▄▄▄▄▄
████████████▀
▐███████████▌
▐███████████▌
████████████▄
██████████████
███▀███▀▀███▀
.
Download on the
App Store
▀▀▀▄











▄▄▄▀
▄▀▀▀











▀▄▄▄


▄██▄
██████▄
█████████▄
████████████▄
███████████████
████████████▀
█████████▀
██████▀
▀██▀
.
GET IT ON
Google Play
▀▀▀▄











▄▄▄▀
bL4nkcode
Copper Member
Legendary
*
Offline Offline

Activity: 2142
Merit: 1307


Limited in number. Limitless in potential.


View Profile
June 26, 2021, 10:28:05 PM
 #8

Some people on the Blenderio telegram claimed they have received the refund:
https://t.me/c/1441579769/1171
https://t.me/c/1441579769/1172

At first, the team reported that Blender Wallet is on maintenances https://t.me/c/1441579769/1129, but then they announce the service got hacked.

[...]


Blenderio telegram link:
https://t.me/joinchat/VezC-VERtYs8sdB7
It would be better if you upload some screenshots from that telegram group chat, since some users here didn't have telegram account to join the chat or didn't want to join in anyway.

Though its a fishy act of blenderwallet, but for the response of its users I guess, it's okay to assume that they're totally helping. Hampuz didn't comment regards on this as well knowing he still managing their campaign.
coupable
Hero Member
*****
Offline Offline

Activity: 2506
Merit: 760



View Profile
June 27, 2021, 02:21:30 AM
 #9

Though its a fishy act of blenderwallet, but for the response of its users I guess, it's okay to assume that they're totally helping. Hampuz didn't comment regards on this as well knowing he still managing their campaign.
After reading abve comments, i can't deny my doubts that i am using my signature to promote an ambigious service. I am still not sure about the statut of blenderwallet with this accusation.. And as i trust manager Hhampuz, i can tell that i am also waiting for his attitude about the actual situation of Blenderwallet.

█████████████████████████████████
████████▀▀█▀▀█▀▀█▀▀▀▀▀▀▀▀████████
████████▄▄█▄▄█▄▄██████████▀██████
█████░░█░░█░░█░░████████████▀████
██▀▀█▀▀█▀▀█▀▀█▀▀██████████████▀██
██▄▄█▄▄█▄▄█▄▄█▄▄█▄▄▄▄▄▄██████████
██░░█░░█░░███████████████████████
██▀▀█▀▀█▀▀███████████████████████
██▄▄█▄▄█▄▄███████████████████████
██░░█░░█░░███████████████████████
██▀▀█▀▀█▀▀██████████▄▄▄██████████
██▄▄█▄▄█▄▄███████████████████████
██░░█░░█░░███████████████████████
██████
██
██
██
██
██
██
██
██
██
██
██
██████
████████████████████████████████████████████████████████████████████████████████████████████████████████████████████
 Crypto Marketing Agency
By AB de Royse

████████████████████████████████████████████████████████████████████████████████████████████████████████████████████
██████
██
██
██
██
██
██
██
██
██
██
██
██████
██████
██
██
██
██
██
██
██
██
██
██
██
██████
██████████████████████████████████████████████████████████████████████████████████████████████████
WIN $50 FREE RAFFLE
Community Giveaway

██████████████████████████████████████████████████████████████████████████████████████████████████
██████
██
██
██
██
██
██
██
██
██
██
██
██████
████████████████████████
██
██████████████████████
██████████████████▀▀████
██████████████▀▀░░░░████
██████████▀▀░░░▄▀░░▐████
██████▀▀░░░░▄█▀░░░░█████
████▄▄░░░▄██▀░░░░░▐█████
████████░█▀░░░░░░░██████
████████▌▐░░▄░░░░▐██████
█████████░▄███▄░░███████
████████████████████████
████████████████████████
████████████████████████
BlenderWallet
Newbie
*
Offline Offline

Activity: 23
Merit: 0


View Profile WWW
July 06, 2021, 08:42:49 AM
 #10

As a non-custodial service, we don't store seed phrases but with the help of this information, we are able to check the history of transactions and see how many of them have been performed through Blender Wallet.

Fraudulent transactions have been identified according to several parameters, such as performing transactions bypassing Blender Wallet interface, turned off RBF, a single transaction sent from different wallets of our users as well as the time frame of the incident. Users witnessed the hack in real time and could cancel the transaction. But because of RBF being turned off, the button was inactive. Evidently, hackers didn't get access to Blender Wallet's functional. We can't say for sure whether they took it into consideration, but if the RBF feature was on, users could cancel a transaction with a single click.
ChipMixer
Sr. Member
****
Offline Offline

Activity: 456
Merit: 956


https://bitcointalk.org/index.php?topic=1935098


View Profile WWW
July 11, 2021, 12:04:41 AM
Merited by dkbit98 (5), SFR10 (2), nutildah (2)
 #11

None of their recent announcements makes much sense and I see the following things as possibilities:

  • A marketing strategy to create some buzz and increase their reputation.
"We were hacked and funds we promised to not to have access to have been stolen but we will return some" is horrible marketing.


None of their recent announcements makes much sense and I see the following things as possibilities:

  • It was never a "non-custodial service".
It was web wallet accessing private keys (or seeds) with javascript code hosted on website. You could audit it but it (probably) was minified and made harder to do that. Even if you would audit it and it would not had any code to send your private keys elsewhere - it is javascript code hosted on website. It can change anytime. Do not use web wallets.

But it is good sign they are refunding.

dkbit98
Legendary
*
Offline Offline

Activity: 2422
Merit: 7590



View Profile WWW
July 12, 2021, 02:32:06 PM
 #12

As a non-custodial service, we don't store seed phrases but with the help of this information, we are able to check the history of transactions and see how many of them have been performed through Blender Wallet.
Few days ago I asked a question in your topic if Blender service should now be considered unsafe, until funds are returned to customers and flaws fixed, but I still didn't receive any answer.
I will consider that not answering anything is a sign of confirmation.

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
LoyceV (OP)
Legendary
*
Offline Offline

Activity: 3500
Merit: 17698


Thick-Skinned Gang Leader and Golden Feather 2021


View Profile WWW
July 12, 2021, 05:43:53 PM
 #13

As a non-custodial service, we don't store seed phrases but with the help of this information, we are able to check the history of transactions and see how many of them have been performed through Blender Wallet.
Couldn't you do all this without asking for the user's seed phrases? You could for instance have asked for a list of addresses with signed messages to prove ownership.

▄▄███████████████████▄▄
▄█████████▀█████████████▄
███████████▄▐▀▄██████████
███████▀▀███████▀▀███████
██████▀███▄▄████████████
█████████▐█████████▐█████
█████████▐█████████▐█████
██████████▀███▀███▄██████
████████████████▄▄███████
███████████▄▄▄███████████
█████████████████████████
▀█████▄▄████████████████▀
▀▀███████████████████▀▀
Peach
BTC bitcoin
Buy and Sell
Bitcoin P2P
.
.
▄▄███████▄▄
▄████████
██████▄
▄██
█████████████████▄
▄███████
██████████████▄
███████████████████████
█████████████████████████
████████████████████████
█████████████████████████
▀███████████████████████▀
▀█████████████████████▀
▀██████████████████▀
▀███████████████▀
▀▀███████▀▀

▀▀▀▀███▀▀▀▀
EUROPE | AFRICA
LATIN AMERICA
▄▀▀▀











▀▄▄▄


███████▄█
███████▀
██▄▄▄▄▄░▄▄▄▄▄
████████████▀
▐███████████▌
▐███████████▌
████████████▄
██████████████
███▀███▀▀███▀
.
Download on the
App Store
▀▀▀▄











▄▄▄▀
▄▀▀▀











▀▄▄▄


▄██▄
██████▄
█████████▄
████████████▄
███████████████
████████████▀
█████████▀
██████▀
▀██▀
.
GET IT ON
Google Play
▀▀▀▄











▄▄▄▀
BlenderWallet
Newbie
*
Offline Offline

Activity: 23
Merit: 0


View Profile WWW
July 21, 2021, 02:06:14 PM
 #14

As a non-custodial service, we don't store seed phrases but with the help of this information, we are able to check the history of transactions and see how many of them have been performed through Blender Wallet.
Few days ago I asked a question in your topic if Blender service should now be considered unsafe, until funds are returned to customers and flaws fixed, but I still didn't receive any answer.
I will consider that not answering anything is a sign of confirmation.

Yes, right now our service is unsafe, therefore we closed it till October 2021. Right now we ware totally rewriting all infrastructure.
BlenderWallet
Newbie
*
Offline Offline

Activity: 23
Merit: 0


View Profile WWW
July 21, 2021, 02:21:23 PM
 #15

As a non-custodial service, we don't store seed phrases but with the help of this information, we are able to check the history of transactions and see how many of them have been performed through Blender Wallet.
Couldn't you do all this without asking for the user's seed phrases? You could for instance have asked for a list of addresses with signed messages to prove ownership.

First of all we asked users to check their wallet balance through Electrum. If balance is positive, we asked them to send all funds to another wallet. If balance equals 0, then it is easier for customers and our support to use seed phrases for investigation and proofing, that funds were stollen (some users send funds to their own wallets and pretended, that their funds were stollen). Anyway, after attack we don't recommend to use seed phrases generated earlier on Blender Wallet.
dkbit98
Legendary
*
Offline Offline

Activity: 2422
Merit: 7590



View Profile WWW
July 21, 2021, 05:06:44 PM
 #16

Yes, right now our service is unsafe, therefore we closed it till October 2021. Right now we ware totally rewriting all infrastructure.

Why then on your blender wallet website we can see the statement that blender.io mixer works normally?
If both your mixer and wallet are unsafe you should clearly post warning about that on website, but I see no information about this on blender.io website.


archive: https://archive.ph/sOMYM

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
BlenderWallet
Newbie
*
Offline Offline

Activity: 23
Merit: 0


View Profile WWW
September 20, 2021, 10:55:25 AM
 #17

Yes, right now our service is unsafe, therefore we closed it till October 2021. Right now we ware totally rewriting all infrastructure.

Why then on your blender wallet website we can see the statement that blender.io mixer works normally?
If both your mixer and wallet are unsafe you should clearly post warning about that on website, but I see no information about this on blender.io website.

https://i.imgur.com/vN0Rp7c.jpg
archive: https://archive.ph/sOMYM


Just because MIXER and WALLET are two independent systems, that are connected only by API. Therefore blender.io mixer works properly and is absolutely safe.
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!