InsideBitcoins.com

Scammers Clone Encrypted Messaging Platform and Siphon Users’ Bitcoins

Cryptocurrency thieves have continued to adopt increasingly sophisticated means to conduct their operations. A new technique, however, appears to have targeted a popular encryption site.  Yesterday, IT security and analysis site KrebsOnSecurity published a report showing that Privnote, a free encrypted messaging platform, was cloned and used to steal users’ digital assets. 

A Clever Scam Operation

Privnote is a platform that allows people to send encrypted messages that self-destruct after being read. In Sunday’s report, KrebsOnSecurity explained that hackers had devised a phishing scam in which they redirected unsuspecting victims to an identical version of the platform.

KrebsOnSecurity explained that the owners of Privnote had alerted them to a close that was stealing their customers. Instead of the ideal privnote.com, the hackers had bought the domain privnotes.com and were taking advantage of people who wander there. However, instead of encrypting messages, Privnotes reads and/or modifies messages that users send. 

However, the news source explained that the platform discovered a script that hunts messages containing Bitcoin addresses. After further investigations, they found that the script changes these original addresses to the hackers’ address in the sent message. So, any funds sent through the platform would get diverted to the hacker’s Bitcoin address, instead of the intended destination.

“Any messages containing bitcoin addresses will be automatically altered to include a different bitcoin address, as long as the Internet addresses of the sender and receiver of the message are not the same,” the security company pointed out in the post.

KrebsOnSecurity added that the hackers had deployed a clever technique to steal customers from Privnote. Apart from choosing a dummy website with a strikingly similar name, it’s worth noting that anyone who types “Privnotes” in Google’s search box will see a paid ad for “Privnote” as the top result. However, the ad itself leads to the dummy website.

In addition, the fact that these messages self-destruct once they’re sent means that users won’t be able to go back and check if they entered the right Bitcoin address. Allison Nixon, the Chief Research Officer at Unit 221B, who helped identify and test the phishing scam, said in the post, “The type of people using Privnote aren’t the type of people who are going to send that Bitcoin wallet any other way for verification purpose. It’s a pretty smart scam.”

The Clone Wars Continues

Privnote is just the latest in the long list of services to get crypto-stealing clones. Several apps and platforms have dealt with the problem in the past. However, it appears to have increased this year. Last month, cybersecurity news source Naked Security reported that one of its crypto-focused security researchers had found 22 malicious extensions on the Google Chrome store. Per the report, the extensions impersonated well-known crypto firms such as Ledger, KeepKey, MetaMask, and Jaxx. This way, hackers can effectively trick people into giving away their wallet details. In April, Google itself removed another 49 malicious clone extensions from the Chrome browser. Most of them also belonged to wallet applications, as customers appear to trust these services more.

Top brokers for buying and trading cryptocurrencies

  • Platform
  • Features
  • Rating
  • Visit Site
  • US-Friendly
  • Paypal accepted
  • 12+ cryptocurrencies
4.5/5

Visit Site
75% of retail investors lose money.
eToro Reviews

    eToro Reviews

    https://insidebitcoins.com/visit/etoro-newsCreate your account
    Hide eToro Reviews
    • Best broker for non-US countries
    • Trade crypto CFDs, forex and stocks
    • No withdrawal or deposit fees
    4.5/5

    Visit Site
    80.5% of retail investors lose money.
    Plus500 Reviews

      Plus500 Reviews

      https://insidebitcoins.com/visit/plus500-newsCreate your account
      Hide Plus500 Reviews
      Remember, all trading carries risk. Past performance is no guarantee of future results.
      Avatar

      Jimmy has been following the development of blockchain for several years, and he is optimistic about its potential to democratize the financial system.