In the world of Bitcoin, there is a Robin Hood active. Security expert Harry Denley has returned money that was stolen by hackers. The anti-phishing professional helped a victim in collaboration with crypto exchange Binance.
The victim lost $10,000 in cryptocurrencies, but got that back through Denley. Earlier, the ‘Handy Harry’ also managed to fish up $ 5,000 in stolen cryptocurrency from someone else.
Buy Bitcoin easily and quickly at Bitvavo. Get started and pay no trading fees for your first purchase up to €1,000! Phishing extensions
In a blog post, Denley talks about how he managed to do this. The victim’s $10,000 was extorted by a sophisticated phishing technique.
The scammers created a piece of software with which they mimicked the cryptowallets of Uniswap and MetaMask.
This way they could fish in private keys, keystore files and mnemonic phrases.
[penci_blockquote style=”style-2″ align=”none” author=””] The scammers implemented a dapp interface (which in this case resembled that of UniSwap). It asked the users to link the MetaMask account. [/penci_blockquote]
Then a pop-up was simulated that gave an error message. To fix this, the user then had to enter the secret access to the extension.
Once the user did this, it forwarded the user’s input to a database via a REST API. After that, the user still ended up in the app.
On the surface, it all looks legitimate. But as the example below shows, under the hood you can see that extensions were fake.
https://twitter.com/sniko_/status/1281247618102853639Bitcoin and other cryptocurrencies
In the meantime, the suffering had already happened, because the evil person acted as an intermediary who was able to intercept the key.
However, the database involved in the hack was simply public. This made it possible for Denley to turn things back. He only had to get past the ‘API key HTTP header’.
This way he could just get his hands on the details of the phishing action. With a few extra clever tricks, he managed to send the stolen cryptocurrency. Fraudulent domains
During the process, he also discovered a number of other fraudulent domains. He also saw that a number of them had come in from Binance. And so, by reasoning back (in collaboration with Binance), he was able to contact the victims.
Within an hour he contacted Denley and after doing a number of verifications, the money was back to whom it belonged.
It wasn’t the first time Denley managed to recover lost or stolen money for victims. At the beginning of this month, he also returned $5,000 worth of cryptocurrency to the user of (a fake variant of) the Trust Wallet.
The app looked just like the original wallet and it had good reviews and multiple downloads. But as soon as the user entered the backup key, the suffering had also happened here. Not your keys …
… not your coins. Let this be a warning to anyone who owns their Bitcoin. Always be careful where you enter the secret access. Extensions are susceptible to fraud at all. Recently, we saw similar problems in the Netherlands with a fraudulent extension of Bitvavo.
This cost a Dutch woman no less than 34,000 euros. Are you afraid that this can also happen to you (due to ignorance)? Then read these five tips from privacy expert Jameson Lopp to store your Bitcoin safely.
If you are unsure whether you know enough about the storage of Bitcoin yourself, you can also go through the following series of articles. In the Hodl Course you can learn more about this: