Bitcoin.org Hijacked by Hackers Website

The pseudonymous operator at Bitcoin.org informed the public via Twitter on Thursday that the website had been “compromised.” He explained that hackers were able implement a scam to double bitcoins and that the site would remain down for a few days.

Cobra Warns Bitcoin.org Has Been Attacked

Cobra, the mysterious operator of Bitcoin.org is again in the center of controversy. The website’s pseudonymous owner claims that Bitcoin.org was attacked. “Bitcoin.org was compromised,” Cobra tweeted on Thursday morning (EST). “[I] am currently investigating how hackers set up the scam model for the site. It may be down for a few more days.”

Cobra refers to as a doubler scam. This scam tries to get people to deposit fractions of bitcoin in exchange for a promise of doubling their deposit. The doubler scam does not offer a double reward for victims who have invested funds in it. Instead, hackers take the funds and use them to buy something else.

One account stated that the scammers were able $17,000 in bitcoin (BTC), while the fake page was still online. Others have claimed that the scam wallet didn’t make as much as the website advertised.

For context, 3 people sent $100, 1 person sent around $200, and the rest (0.4 BTC) seemed to have been sent to make the “giveaway” seem legitimate. One person mentioned.

DNS Hijack Attack, Cobra Queries Cloudflare

According to the operator of nuke.asia, the takeover was most likely “social Engineering.”

Charles from nuke.asia stated that it appeared the domain had been taken over. “The WHOIS information was updated at time of hack. The nameservers and DNS were changed. If you attempt to visit any other pages than the index, you will get a 404. Except for the domain name, it’s a completely new website.

Cobra has been tweeting at Cloudflare to request assistance. “Bitcoin.org is not hacked. Then we move to Cloudflare and then two months later, we are hacked. Could you please explain to me where your traffic was being routed? My actual server didn’t receive any traffic during the hack. Cobra replied, “@Cloudflare @eastdakota.” Cobra was then asked by someone if his accounts had been compromised. Cobra stressed

Nothing. None of my accounts appear to be compromised. The server is also fine (it was not even getting traffic during hack). It appears that the DNS flaw was exploited by the attackers.