The bitcoin.org site is the victim of an attack. For several hours, a scam attempt appeared on the home page, before the site was taken offline. It is now active again.
” The Bitcoin Foundation gives back to community members! We want to thank you for your help over all these years. Send bitcoins to this address, and we’ll resend double! Offer reserved for the first 10,000! “. This is the message that appeared on September 23, 2021, on the home page of bitcoin.org, the oldest bitcoin information site.
This was not a real informational message, however, but a scam, as the bitcoin.org site was hacked.
A common scam
The message appeared on the morning of September 23, according to the first Internet users who sounded the alert. Shortly after, the site was taken offline – it has since been online again, as Numerama noticed on the morning of September 23.
All of the site’s resources appear to have come back online, such as the PDF of the Bitcoin Whitepaper, written by Satoshi Nakamoto and hosted on the bitcoin.org site. It was no longer available for a few hours, as the specialist site The Block had noticed.
For now, little information is yet available on the incident: it is not known who is behind the attack, nor how the hackers went about it. It is also not known how the site came back online, or if the problem was finally fixed. The site teams have not communicated on the events, either on Twitter or on their site. We’ve also reached out to them via email, but haven’t heard back from them yet – we’ll update this article as appropriate.
However, some hypotheses circulate on the origin of the hack: according to the account specializing in cybersecurity, it could be a DNS (domain name system) attack, a particular type of attack that makes it possible to scramble the communication between the servers and the targeted website, and let cybercriminals pass. This is still only a hypothesis for the moment, and nothing has been proven.
Update: https://t.co/Tp6AcWSV3o is currently offline
Read thread for more details
– vx-underground (@vxunderground) September 23, 2021
0.4 bitcoin on the account of hackers
However, we do know that the address to which the hackers were returning contained 0.4 bitcoin, or nearly 15,000 euros at the time of this writing. It is not so much the amount collected in itself that is impressive: we are far from the 120,000 dollars stolen in 2020 using a similar scam. Moreover, we do not even know yet if the hackers had already deposited them on this account, or if the hacking unfortunately made victims. What is impressive is that a site as large as bitcoin.org was targeted, and that the hack was successful.
It should always be remembered that, even if the message comes from a trusted site, you should never believe messages asking to send bitcoins to an unknown address, let alone when they promise to return twice as much. It is indeed a very common scam in the cryptocurrency world: crooks regularly pass themselves off as Elon Musk, and use the same technique.