Phishing for Bitcoin Gold

0
425

Bitcoin underwent a fork on the 25th of October, with regular bitcoin remaining as it were, whilst a new cryptocurrency, Bitcoin Gold (BTG), was formed, leading to many phishing attempts to steal users wallet details. The backers, behind this hard-split, cited issues with the original bitcoin’s block chain and it’s mining algorithm. They believe that the ethos behind the currency had changed from one of an anonymous, decentralised cryptocurrency dissimilar to regular industry and banking, to its current centralised state where the majority of bitcoins are being mined by huge farms, using expensive application-specific integrated circuit (ASICs) bitcoin miners, creating huge barriers to entry. This fork is meant to return the cryptocurrency back to these decentralised ideals.

btg5

The fork itself was backed by Jack Liao. the CEO of LightningAsic, a Hong Kong-based mining equipment manufacturer, as well as some developers and miners. The lead developer behind Bitcoin Gold, going by the internet mononym h4x3rotab, stated that “Bitcoin Gold is also a real blockchain to pilot Bitcoin upgrades.” The granular difference between the vanilla version of Bitcoin and Bitcoin Gold is the algorithm protocol used to mine it. Rather than the SHA-256 algorithm used on Bitcoin, BTG will use the Equihash algorithm which is resistant to ASICs, allowing casual miners using cheap graphic processing units (GPUs) to mine the currency.

Upon the date of this hard fork, users had to claim their Bitcoin Gold by exporting the private key assigned to their bitcoin wallet into a Bitcoin Gold compatible wallet.  This led to many phishing attempts. Phishing is a fraudulent method of deceiving users by sending emails purporting to be from reputable companies, often asking for personal information, like passwords or credit card details. In this case, the phishing email directed users to a fake website, asking for personal email address and the private key of the wallet.

btg1
The email

One attempt that has been made aware to us here at Dispatch Weekly involved an email asking users to claim their Bitcoin Gold by entering key information into this site: https://blockchain-gold.org/gold/#/. The look and feel of the website is extremely similar to the legitimate https://www.blockchain.com/ where many bitcoin users store bitcoins. The email address the email was sent from is masked, presenting itself as coming from blockchain.com when in reality it has been sent from test@lan22.tk. When inspecting the fraudulent website, it appears that the website is hosted in the Kazakhstan, with links to Russian emails and servers. Using the whoishosting tool, it would seem that the owner is an Italian, yet the address is not a real location and the phone number has a +7 country code, which is actually Russian.

btg2

btg3

The fake site (top) looking very similar to the actual Blockchain site (bottom)

This practice is prevalent in all industries so make sure you are careful, especially when websites ask for personal details or you are unsure whether the site that it is purporting to be is correct. Good luck and happy mining.