Honeypot websites are dangerous for our privacy - BEWARE

[PrivacyOui]

Privacy can be compromised in many ways and it's up to us to apply our knowledge and stay private properly. Risks of compromising our privacy are everywhere.
A big danger are honeypot websites!
To protect our privacy it's advisable to avoid any known honeypot website. To be aware of honeypot websites and consequently avoid visiting such sites is a passive but effective way to prevent our privacy from getting busted.  


What's a honeypot website?

A honeypot website is a website which is set up and operated to purposefully collect certain confidential information in a (mostly) hidden manner. When people are visiting a honeypot site, various confidential information will be scraped and stored, like your IP address or your entered information but not limited to.

Such data is very valuable for any investigation of crime or business purposes like identifying which wallet belongs to an individual, a company or which interactions an Bitcoin address reveals.
For some cases it might be helpful to catch scammers and hackers but for our personal privacy, a honeypot website should be avoided.



Examples for honeypot websites can be:

• A block explorer website, where IP information is collected from visitors entering Bitcoin address(es), tying IP address and Bitcoin address. Your IP and Bitcoin address(es) will be collected, stored and possibly forwarded, where such data is getting tied and analyzed.
• A Bitcoin mixer, where logs are kept to de-anonymize transactions later again. Once your mix is finished and you are believing your incoming and outgoing transactions are separated, the honeypot operator will still be able to know which coins are yours by connect ingoing and outgoing transaction.
• A software or hardware wallets (closed source), where personal information like IP addresses and Bitcoin address(es) for example are collected, stored and possibly forwarded, where such data is getting tied and analyzed.
  In any case, a honeypot software or hardware wallet is always closed source because if it's open source, any experienced coder could find out about it by reviewing code.

Why are honeypot websites dangerous for our privacy?

Honeypots are posing a serious danger to our privacy. We might believe it’s quite a normal website and our information is treated confidently, while in reality, any of our data will be stored.
In addition to our IP address etc., entered Bitcoin addresses will be scraped, stored and forwarded to any entity. Addresses will get reviewed and address connections will get revealed.

For privacy enhancing services, we might even pay a fee and not only get nothing in return but also have a privacy risk of believing our Bitcoins are mixed but in reality, logs are kept.

In case of a deliberate honeypot website, deem any privacy assurances as disposable.

Here's how sophisticated honeypot websites are getting operated


A few quotes of a media article, where a massive research was done and Walletexplorer got busted because it's a massive honeypot website.
Walletexplorer.com is a Bitcoin block explorer owned by Chainalysis, a Blockchain tracing company.
IP addresses of visitors are scraped, collected and forwarded:

"Chainalysis has found a "meaningful" edge: a block explorer website that scrapes visitor's internet protocol (IP) addresses.
…
It is also possible to conduct a reverse lookup on any known IP address to identify other BTC addresses.
…
In doing so, Chainalysis has effectively weaponized an unassuming website without disclosing its ties. It has never publicly associated itself with walletexplorer.com, although a note at the bottom of the site’s homepage says its “author” now works at Chainalysis. The website was created in 2014, according to site registration documents that make no mention of Chainalysis.

A spokesperson for Chainalysis declined to comment."

Research: https://www.coindesk.com/business/2021/09/21/leaked-slides-show-how-chainalysis-flags-crypto-suspects-for-cops/

When you visit Walletexplorer.com, you IP is scraped and stored, analyzed and possibly forwarded by Chainalysis
Visitors are facing a deliberate danger of privacy risks compared to competitors.

Lesson to remember:

Honeypot websites are dangerous for our privacy – BEWARE!

[1714800674]

1714800674

[1714800674]

1714800674

[Upgrade00]

The examples you highlighted are instances of when it is used in relation to cryptocurrency, but the possibilities extend far beyond this, making simple searches for gyms around you or a shipping order can pick up very relevant and accurate information about you.

Social media is a good tool for this, which has been used for a very long time now, and as long as the companies can lobby their way out of any legal issues they would not face any problem at all

With crypto using open sourced tools would go a long way to protect you from websites that track different levels of information.

[PrivacyOui]

The examples you highlighted are instances of when it is used in relation to cryptocurrency, but the possibilities extend far beyond this, making simple searches for gyms around you or a shipping order can pick up very relevant and accurate information about you.

Yes, my OP is only about crypto related honeypot websites.

Honeypot websites for crypto are exceptionally dangerous because it's always involving a financial aspect. Financial data is among very valuable data for data collections about individuals, for example to track down financial habits / financial gains or even financial total holdings of an individual.
In addition, we have a Blockchain, where data - once published - cannot be deleted.
Some social media data can be deleted but Blockchain data is not possible to change.

In any case, your advice is right and we should always know honeypot websites are not limited to crypto.

With crypto using open sourced tools would go a long way to protect you from websites that track different levels of information.

Sufficiently reviewed Open Source tools are always our better choice opposed to closed source, it's an important point to apply. 

[lovesmayfamilis]

I would like more information on how to determine that a particular site is a honeypot. I haven't seen your guidance other than saying you must be very careful.
In addition, the sites may be identical to real ones, and the site address must be carefully checked. Sometimes the difference can be just one letter or dot. If the site suddenly begins to behave unexpectedly, asking for your financial addresses, this should immediately alert you. As always, the need to create a different identity is far from reality, so the use of VPN and TOP will be a good disguise to maintain personal privacy.

[Catenaccio]

Honeypot websites are created not only to collect privacy information and they can be used for different purposes like attracting people's capital. Then they will do rug pull to steal money from people who believe honeypot websites are legit and good ones.

Howeycoins ICO is a website for education to teach about risk of scam from honeypot website.

SEC Creates Fake Cryptocurrency To Help Educate Consumers About Crypto-Investing Scams

[PrivacyOui]

I would like more information on how to determine that a particular site is a honeypot.

It's not possible to spot a well-coded honeypot website because how much sense does it make for a malicious honeypot website to say "hey, I'm a honeypot website". All malicious honeypot websites will try to hide it as good as possible. Always closed source, if legally required in countries, where data protection laws are in place, like EU, it will simply be only a small fine print - if at all, like walletexplorer.com has added a small fine print after many accusations piled up.
Or, no mixer will say: "hey, I'm a honeypot mixer". It's not possible to spot as a normal person, even experts might not know it because it's a sophisticated honeypot.

I haven't seen your guidance other than saying you must be very careful.

Because for most sites, it's not possible for normal people to spot if it's a known honeypot website or not.

In addition, the sites may be identical to real ones, and the site address must be carefully checked. Sometimes the difference can be just one letter or dot.

Do you have any example?
I only know it from scam and phishing sites.

Honeypot websites are created not only to collect privacy information and they can be used for different purposes like attracting people's capital. Then they will do rug pull to steal money from people who believe honeypot websites are legit and good ones.

Yes, Scam and Phishing websites are also a problem.

[Saint-loup]

That's a good information about Walletexplorer.com, I wasn't aware they were a honey pot of Chainalysis recording IP adresses but people and especially newcomers shouldn't think it's the only way they track people adresses and transactions. I've read a document one time saying they even track addresses onto forums and social medias, so users should always stay careful about their privacy and don't mess around with the funds that could have been publicly exposed. Changing addresses regularly, especially for exchange withdrawals is important for privacy, using a VPN on sites/platforms accepting it could also prevent this kind of issue .

[Doan9269]

I can also detest any cold storage that is not open source, the question we can firstly ask is why are they not being open with their source code, we have to know more about what we want and how we could achieve the best and desirable things of interest to us, this is all about our security and how we could avoid being under attack by any means aimed at us, this information is going to be very useful as many will have an idea on the possible means they could get attacked by some files, wallets or websites they are used to and not too good for their safety.

[Becassine]

Except being closed-sources, do you have some examples of "red flags" I can spot easily? Do you have some clues to be sure that a service is probably not good?

[tabas]

Most of the websites and apps nowadays are keeping our data unless they're telling truthfully that they don't record logs. If there are still websites that don't take your details and erasing it as soon as you're done with them, they're likely a few of them.

Except being closed-sources, do you have some examples of "red flags" I can spot easily? Do you have some clues to be sure that a service is probably not good?

Think of each of them that you should be careful of, even if there are no red flags as long as you're into their premises and platforms, the possibility is high of recording every move you do on them and every detail you input.

[Bounty Bro]

It's really good advice because if we are not carefuly, honeypot sites will steal our data.
For centralized mixer it is a good point because centralized mixer can be a honeypot to collect data and connect input output transactions and nullifying privacy. Centralized mixer is always critical, better is open source coin join.

[Darker45]

That's indeed a big problem. And you're indeed raising a good warning. But what's the way forward then? I guess that should be the more interesting part. Otherwise, we end up just talking about a problem we don't have a solution to. How can everybody then beware of such sites?

It's not possible to spot as a normal person, even experts might not know it because it's a sophisticated honeypot.

Because for most sites, it's not possible for normal people to spot if it's a known honeypot website or not.

Isn't it troubling? So, should we just avoid the internet as much as possible? Or should we use VPN all the time? Or should we all shift to the use of TOR browsers?

What would your advice be to minimize or perhaps to completely avoid exposure to these dangerous websites?

[PrivacyOui]

Except being closed-sources, do you have some examples of "red flags" I can spot easily? Do you have some clues to be sure that a service is probably not good?

I'm not a coder and I can't review code, even if it's open source. In general, honeypot websites are hard to detect because honeypot websites will try to stay undiscovered to get as much data as possible. No honeypot website will push, how it is a honeypot website.
Best red flags are community fedback or proof, where someone has review website code, it got leaked how a site is a honeypot website, like a media report, coder review or a forum post. 

That's indeed a big problem. And you're indeed raising a good warning. But what's the way forward then? I guess that should be the more interesting part. Otherwise, we end up just talking about a problem we don't have a solution to. How can everybody then beware of such sites?

It's a very difficult queston because honeypot websites are extremely difficult to spot.
Of course, a honeypot website will stay undiscovered to be a honeypot website.
For normal people, only publicly proven websites might be entirely possible to avoid.

It's not possible to spot as a normal person, even experts might not know it because it's a sophisticated honeypot.

Because for most sites, it's not possible for normal people to spot if it's a known honeypot website or not.

Isn't it troubling? So, should we just avoid the internet as much as possible? Or should we use VPN all the time? Or should we all shift to the use of TOR browsers?

What would your advice be to minimize or perhaps to completely avoid exposure to these dangerous websites?

It is troubling because honeypot websites are cleary set up to be a honeypot for a long time and stay undetected.
VPN and general privacy advice is a very good point and in addition, we should always do a good research about proven honeypot websites. Because like Walletexplorer, it's containing a fine print, possibly because of EU or US data protection law, where it is mandatory to make any such practice public. So, it is available for us to know it's a honeypot website and we just need knowledge about it.
We can also help to spread knowledge when we know about it.
And we need good coders to review open source code and to report if it's a honeypot website.
In addition, open source code should be our selection over closed source code.

To share knowledge about proven honeypot websites, I've set up a new topic where we can collect proven honeypot websites:

Collection of proven honeypot sites – BEWARE to protect your privacy