This morning, the site Bitcoin.org was compromised by cybercriminals, after which a message appeared on it with a fake distribution of Bitcoins.
Bitcoin.org is an open-source project whose domain Satoshi Nakamoto and Martti Malmi registered back in 2008. It became the first resource related to the main cryptocurrency on the market and is not related to the Bitcoin Foundation, which was founded in 2012.
The first thing a user saw when they entered the site this morning was a pop-up message with an extremely tempting offer. A QR code and the address of a Bitcoin wallet were attached to it, by sending funds to which, you were guaranteed to receive a double amount to your wallet. Needless to say, all of this was a "classic" crypto scam?
As an argument for such “generosity”, the scammers noted that the Bitcoin Foundation intends to give a certain share of Bitcoins to the crypto community as a gesture of “goodwill” and gratitude to everyone who helped and supported the project over the past years. Among the proposed options for transferring BTC were options of $10, $100, $1000, and $10,000 dollars.
It was immediately clear to most people that the site had been hacked. But, unfortunately, the scam turned out to be a success. By the time the site was restored, the attacker's Bitcoin address had already received 0.405 BTC, the equivalent of more than $17,700. Although, given the number of transactions, it can be assumed that they were carried out by the attackers themselves to stir up interest from the public.
Meanwhile, the current owner of Bitcoin.org, @Cøbra, said the problem appeared shortly after he decided to use Cloudflare, a CDN, DNS server, and DDoS protection company. According to Cøbra, the attack happened just 2 months after switching to Cloudflare, and as part of the DDoS attack, its real server did not receive any traffic. Consequently, he wondered where Cloudflare was sending his traffic since Bitcoin.org had never been hacked before.
The company itself did not comment on the incident, although the head of security at Cloudflare tried to contact the company responsible for the registration of Namecheap domains, to which Cøbra also turned his attention.