A bitcoin gold (BTG) wallet scam recently managed to nipt overheen $Three.Two million after taking advantage of bitcoin users looking to voorkeur their BTG tokens. A listig to the fraudulent MyBTGWallet wasgoed, before the scam came to light, placed on bitcoin gold’s webstek, but wasgoed quickly eliminated once users embarked noticing their balances were missing.
According to various reports, the webstek containing the fake wallet essentially encouraged users to upload their private keys or recovery seeds to optie their bitcoin gold, spil an archived screenshot of the webpagina shows.
The result wasgoed a $Trio.Two million theft, spil the scammer behind the webstek managed to obtain at least $107,000 worth of bitcoin gold, $72,000 of litecoin, $30,000 of ethereum, and $Trio million of bitcoin. Spil one Reddit user waterput it, when he went to check his balance, he found that all of his funds on an Electrum wallet were gone, just like the MyBTGWallet webstek.
“Yesterday I wished to check my BTG balance on https://mybtgwallet.com/ today I see that all my BTC from my electrum wallet is gone! Even the webstek is downright gone! I am honestly a bit heartbroken, and of course, I know if it is my fault for providing out my 12-word seed…. didn’t think it would go down this way.”
Users trusted the webstek with their private keys – despite security experts advising against it – partly due to bitcoin gold’s support for the wallet, and to the website’s code being open source. Through their twitter account, bitcoin gold’s team assured users the wallet wasgoed safe on numerous occasions, and even listed it on its webstek spil a resource.
No both of those wallets are safe and work keep ter mind some of the features may not work until the Main netwerken is launched.
The website’s code on Github wasgoed then switched after the scam wasgoed initiated. An analysis by Reddit user Uejji found that the webstek essentially encoded users’ security seed te Base64 and stored it on the webstek cookie, which wasgoed straks transmitted to Google. There, the scammer wasgoed free to decode it and use it steal the person’s funds.
The MyBTGWallet webstek wasgoed reportedly developed by a user named John Dass. A transaction linksaf his wallet to that of the scammer’s, meaning he either is the scammer, or wasgoed a victim spil well. It is, however, unclear whether this is the individual’s actual name or merely a pseudonym.
Bitcoin Gold’s Response
Bitcoin gold representatives promptly issued a statement on the wallet scam, clarifying that they are figuring out a way to remedy the situation, and that an internal investigation has bot launched. The statement says the team is “working with security experts to get to the bottom of the punt,” but doesn’t clarify who thesis experts are.
The statement further adds that the findings will be disclosed to the public spil soon spil it is “appropriate to do so,” and that the team will cooperate ter every possible way to find out exactly what happened.
Bitcoin gold has bot somewhat controversial. Spil covered by CCN, the project’s webstek has previously bot succesnummer with a DDoS attack after the hard fork that created the cryptocurrency, and then launched on November 12 to little fanfare. Straks on, it wasgoed exposed that one of its developers allegedly added a hidden 0.5% toverfee into a BTG mining pool, sending the funds directly into his wallet.
Ter its statement, the team stated that it worked with various platforms – including Google, Facebook and Twitter – to zekering scammers from taking people’s funds, but added that their influence is limited, and encouraged users to report scams whenever they see them.
At the end of the announcement, bitcoin gold’s team added some advice for cryptocurrency enthusiasts:
“It’s worth reminding everyone that it will never be truly safe to inject your private key or mnemonic phrase for a pre-existing wallet into any online webstek. When you want to sweep fresh coins from a pre-fork wallet address, best practice is the same spil after other forks: send your old coins to a fresh wallet very first, before you expose the private keys of the original wallet. Following this basic rule of private key management greatly reduces your risk of theft.”