Search Inside Bitcoins

Network of Dubious BTC QR Code Generators Stole More than $45,000

Don’t invest unless you’re prepared to lose all the money you invest. This is a high-risk investment and you should not expect to be protected if something goes wrong.

Hong Kong A Bitcoin Scammer Is Flaunting His Newfound Wealth from Typosquatting
Hong Kong A Bitcoin Scammer Is Flaunting His Newfound Wealth from Typosquatting

Join Our Telegram channel to stay up to date on breaking news coverage

Recent reports revealed that Bitcoin-to-QR code generators have stolen over $45,000 from users. The theft has been going on for the past 4 weeks before it was discovered by a security researcher.

The researcher revealed that the nine sites involved offered users the opportunity to enter their Bitcoin address and change the Bitcoin to a QR code image that the users can save on their smartphone or PC.

In today’s Bitcoin market, it’s very common for users to share their Bitcoin addresses in exchange for a QR code to request payments from others. The receiver does not have to type a long text on the Bitcoin address by hand, as is usually the case. This time, the receiver will scan the QR code using a Bitcoin wallet app and send the payment.

By utilizing QR codes, the users would not have to worry about typing a long text that could lead to typographic errors and wrongly sending their funds to another account.

Sites are hijacking Bitcoin transactions through soiled QR codes

Last week, head of security at MyCrypto portal, Harry Denley, discovered a phony website that changed Bitcoin addresses to QR codes.  Although there are a lot of genuine sites that convert Bitcoin addresses to QR codes exist, Denley said this particular one looks dubious.

He discovered that while other genuine sites convert BTC address to the QR code equivalent, the dubious site generates the same QR code, which is sent to a scammer’s wallet.

Korean Exchange Upbit Suffers Hack and Theft of 342,000 ETH ($50 Million) - Copy

In that case, when the user placed his QR code on the site for donations or shares the code with another individual, all the money exchanged would be deposited to the Scammer’s BTC address. After discovering the first site, Denley revealed he has now discovered an additional eight websites that share a similar interface, which means they could have been designed by the same scammer.

He reported that the nine sites produced QR codes for five different BTC addresses, and the addresses have received funds from the tricked users amounting to about 7BTC or $45,000. Denley pointed out that he is not yet sure how the sites sent their ads to get such amount of funds. “I am still unsure of where these sites were advertised to get so many funds,” he said.

More than 450 other suspicious sites are hosted by the same server

Denley revealed that during his investigation, he tracked down those sites to 3 servers using a threat intelligence platform known as PassiveTotal.

He discovered that over 450 other websites are being hosted by the same servers, and they all have malicious-looking interfaces with terms like coronavirus, Gmail, and models of other crypto-related entities.

However, many of the hosted sites were inactive, but are filled with ads from Bitcoin casinos. Those sites are scam sites because they usually do not pay out winnings whenever the betting outcomes favor any of the users.

Read more: 

Join Our Telegram channel to stay up to date on breaking news coverage

Read next