Bitcoin Forum
November 18, 2024, 12:48:50 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Bitmessages.org phishing scam targeting Blockchain users  (Read 1319 times)
skysurfer31 (OP)
Newbie
*
Offline Offline

Activity: 1
Merit: 0


View Profile
July 03, 2014, 08:38:28 PM
 #1

I fell prey to a scam this morning. I received a fractional bitcoin transaction in my Blockchain account with a web link. That link took me to bitmessages dot org (this is a fraudulent site, proceed with caution). The site was branded with the same type of layout and look of Blockchain, and wanted to associate to my Blockchain wallet ID, but did not require any password information. After entering the wallet ID, the site said it was returning me to Blockchain.info.

From here it returns you to a site that looks exactly like Blockchain.info, however the domain name is actually blocdhain.info or something which looks similar unless you are paying attention, which I obviously was not. As you go along your merry way entering your wallet ID and password into this form, it harvests your information and then sends you to the real Blockchain.info site.

My wallet was drained within minutes. As soon as I got the email notification that a transaction had occurred, I knew I had F'd up.

Enabling the two factor authentication would have prevented this, and was something I had not gotten around to. I feel really stupid, this is the first time I've ever been scammed in 20 years of internet usage. However, it's my fault that I didn't pay closer attention to what was going on. I had googled information on bitmessage and became interested in the protocol and incorrectly assumed this would enable some form of encrypted messaging within the Blockchain.info web site when I opened the link. Expensive lesson.

All of this has been reported to the Blockchain help desk. They got back to me and said they are in the process of taking the fraudulent site down.

Please learn from my mistake if you have not enabled multiple layers of security on your bitcoin wallet at Blockchain.info.

fat%
Member
**
Offline Offline

Activity: 62
Merit: 10



View Profile
July 03, 2014, 08:48:28 PM
 #2

Visited that site aswell. Blockchain.info lists the transactions as "New Bitmessage" which is irresponsible for such a large website.
kolloh
Legendary
*
Offline Offline

Activity: 1736
Merit: 1023


View Profile
July 03, 2014, 09:18:41 PM
 #3

Thanks for the warning.
Justin00
Legendary
*
Offline Offline

Activity: 910
Merit: 1000


★YoBit.Net★ 350+ Coins Exchange & Dice


View Profile
July 03, 2014, 09:22:27 PM
 #4

I've been a sleep a while it must seem....but where does blockchain.info get tags from? The tx's themselves or ?

franky1
Legendary
*
Offline Offline

Activity: 4410
Merit: 4770



View Profile
July 03, 2014, 09:42:12 PM
 #5

phishing wont happen if you use a proper client program that sits on your computer.

use bitcoin-core and you never have to worry about website hacking, third party thefts, social engineering exploits, scam sites, or greedy people.

please learn to use proper bitcoin software

I DO NOT TRADE OR ACT AS ESCROW ON THIS FORUM EVER.
Please do your own research & respect what is written here as both opinion & information gleaned from experience. many people replying with insults but no on-topic content substance, automatically are 'facepalmed' and yawned at
InwardContour
Sr. Member
****
Offline Offline

Activity: 644
Merit: 260


View Profile
July 03, 2014, 10:01:38 PM
 #6

I've been a sleep a while it must seem....but where does blockchain.info get tags from? The tx's themselves or ?
The address tags are created by signing a message with the private key of the address that you want to tag. The public notes attached to TXs are from the TX themselves.
taylortyler
Member
**
Offline Offline

Activity: 84
Merit: 10


View Profile
July 03, 2014, 10:45:42 PM
 #7

Thanks for the heads up.
franky1
Legendary
*
Offline Offline

Activity: 4410
Merit: 4770



View Profile
July 03, 2014, 10:54:29 PM
 #8

i bet 1 satoshi that the OP uses bitmessages and blockchain.info. and this attack was not random, that the scammer knows that the OP uses both services and has probably had conversations with him beforehand.

this is why i hate forum polls asking:
"how much bitcoin do you have"
"what client do you use"

as these can easily lead to social engineering tricks to gather info to then exploit

I DO NOT TRADE OR ACT AS ESCROW ON THIS FORUM EVER.
Please do your own research & respect what is written here as both opinion & information gleaned from experience. many people replying with insults but no on-topic content substance, automatically are 'facepalmed' and yawned at
InwardContour
Sr. Member
****
Offline Offline

Activity: 644
Merit: 260


View Profile
July 05, 2014, 03:21:36 AM
 #9

i bet 1 satoshi that the OP uses bitmessages and blockchain.info. and this attack was not random, that the scammer knows that the OP uses both services and has probably had conversations with him beforehand.

this is why i hate forum polls asking:
"how much bitcoin do you have"
"what client do you use"

as these can easily lead to social engineering tricks to gather info to then exploit
You are probably correct. I don't think it was from the forum, but rather from the OP using the same email address for both services.
lihuajkl
Legendary
*
Offline Offline

Activity: 1596
Merit: 1000


View Profile
July 05, 2014, 03:38:39 AM
 #10

phishing wont happen if you use a proper client program that sits on your computer.

use bitcoin-core and you never have to worry about website hacking, third party thefts, social engineering exploits, scam sites, or greedy people.

please learn to use proper bitcoin software

It is hard to say! Even you are using the bitcoin core, the risk is still existing that your wallet file might be stolen. No matter what type of wallet you are using, it is your responsible to prevent such attack. You need to learn the knowledge to avoid them.
Ron~Popeil
Sr. Member
****
Offline Offline

Activity: 406
Merit: 250



View Profile
July 05, 2014, 06:31:15 AM
 #11

Thanks for the warning and sorry you got scammed. I keep small amounts in web wallets but 2fa is enabled on all of them. My main stash is locked up in my home computer. 

jc01480
Hero Member
*****
Offline Offline

Activity: 854
Merit: 500


Nope..


View Profile
July 05, 2014, 07:20:06 AM
 #12

phishing wont happen if you use a proper client program that sits on your computer.

use bitcoin-core and you never have to worry about website hacking, third party thefts, social engineering exploits, scam sites, or greedy people.

please learn to use proper bitcoin software


Franky, I used Bitcoin core up until last week when i upgraded to latest version.  It completely jacked up my wallet.  Backed my wallet up and removed the program.  Reinstalled clean and waited for it to sync with he blockchain.  Copied my wallet back in and it said my wallet was corrupt and crashed.  Two more times I did this with the same result.  Rolled back to an older version.  Same thing, except this time I reset all the options in the debug console.  Shut it down and restarted.  Presto!  My coins magically appeared.  Transferred them out right away and deleted that useless pain in the ass bitcoin core program off my system.  Litecoin too.  I've had hell with it.  Every time I do a computer restart I'd have to re download the entire blockchain.  Every fucking time!  Not anymore.  I'll use the easier programs from now on with less overhead than a full node.
jbreher
Legendary
*
Offline Offline

Activity: 3052
Merit: 1665


lose: unfind ... loose: untight


View Profile
July 05, 2014, 06:05:24 PM
 #13

Franky, I used Bitcoin core up until last week when i upgraded to latest version.  It completely jacked up my wallet. 

Those are an interesting litany of symptoms. Did you bother to enter a bug report at the bitcoin-qt tracker on GitHub?

Anyone with a campaign ad in their signature -- for an organization with which they are not otherwise affiliated -- is automatically deducted credibility points.

I've been convicted of heresy. Convicted by a mere known extortionist. Read my Trust for details.
InwardContour
Sr. Member
****
Offline Offline

Activity: 644
Merit: 260


View Profile
July 05, 2014, 07:17:48 PM
 #14

phishing wont happen if you use a proper client program that sits on your computer.

use bitcoin-core and you never have to worry about website hacking, third party thefts, social engineering exploits, scam sites, or greedy people.

please learn to use proper bitcoin software

It is hard to say! Even you are using the bitcoin core, the risk is still existing that your wallet file might be stolen. No matter what type of wallet you are using, it is your responsible to prevent such attack. You need to learn the knowledge to avoid them.
bitcoin-core has it's own potential vulnerabilities just like any other wallet program/service has.

IMO the blockchain.info web wallet is probably the best as long as you use the proper security procedures. There is an argument to even not have any email associated with your account but instead set it up to  backup your encrypted wallet to your dropbox
🏰 TradeFortress 🏰
Bitcoin Veteran
VIP
Legendary
*
Offline Offline

Activity: 1316
Merit: 1043

👻


View Profile
July 06, 2014, 09:42:25 AM
 #15

IMO the blockchain.info web wallet is probably the best as long as you use the proper security procedures. There is an argument to even not have any email associated with your account but instead set it up to  backup your encrypted wallet to your dropbox

'Proper security procedures' is impossible for a web wallet. If you're not running the code locally, it isn't secure, period.
🏰 TradeFortress 🏰
Bitcoin Veteran
VIP
Legendary
*
Offline Offline

Activity: 1316
Merit: 1043

👻


View Profile
July 06, 2014, 09:44:18 AM
 #16

and lol dropbox:

http://nakedsecurity.sophos.com/2011/06/21/dropbox-lets-anyone-log-in-as-anyone/
http://arstechnica.com/security/2012/07/dropbox-confirms-it-got-hacked-will-offer-two-factor-authentication/
http://www.zdnet.com/dropbox-gets-hacked-again-7000001928/
https://blog.dropbox.com/2014/05/web-vulnerability-affecting-shared-links/

http://www.theguardian.com/world/2013/jun/06/us-tech-giants-nsa-data
InwardContour
Sr. Member
****
Offline Offline

Activity: 644
Merit: 260


View Profile
July 07, 2014, 01:02:01 AM
 #17

IMO the blockchain.info web wallet is probably the best as long as you use the proper security procedures. There is an argument to even not have any email associated with your account but instead set it up to  backup your encrypted wallet to your dropbox

'Proper security procedures' is impossible for a web wallet. If you're not running the code locally, it isn't secure, period.
The encryption/decryption of wallets and private keys, as well as the generation of the private keys are all done on the client side. This essentially makes it impossible for blockchain.info to be able to access your private keys, as well as an attacker who is able to hack blockchain.info's servers
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!