Cybersecurity and Bitcoin: Watch out For the ‘Smart Site’ That Will Siphon Your BTC

Mon 25 Jan 2021 ▪ 19h56 ▪ 3 min read — by Zoé De La Roche

Think back to when your English teacher marked you down for spelling a word incorrectly: it might help you to avoid losing some bitcoin (BTC). Hackers have been able to use the fact that people don’t notice spelling mistakes to their advantage. It all involves sending a note via privnote.com, and the goal is to steal BTC.

S for Scam

Your mission, if you choose to accept it: steal some bitcoin using the counterfeit site privnote.com. This message will self-destruct in five seconds.

Privnote.com sends messages that self-destruct after being read. This method of communication is secure in theory, and is used to communicate sensitive information about BTC transactions.

Privnote.com may have everything in terms of online communication security, but they forgot one key step: the developers didn’t register similar domain names to protect against cybersquatting and the possible creation of phishing sites by hackers.

This is where the criminal team behind privnotes.com (note the ‘s’) comes in. This team really went the full mile, and loved their acronyms: they not only worked on their search engine optimisation (SEO) to get the site up to second place in Google’s search engine results pages (SERP), but they also used search engine advertising (SEA) by using Google AdWords to position themselves above the legitimate privnote.com site in the paid ads area.

Smart phishing

Security expert Allison Nixon recognised the genius of privnotes.com’s criminal team, identifying all the possible actions hidden in the hackers’ script.

The algorithm is able to modify BTC addresses contained in messages whose sender is different from the recipient, to redirect BTC transactions with finesse.

The algorithm doesn’t just replace a repeated BTC address in several messages. Chances are they are also able to siphon off all other sensitive data contained in a note, such as passwords.

The privnotes.com hackers used the strength of privnote.com to execute their scam discreetly: they took advantage of the fact that the sender of the note could not verify the content of the message received by the recipient, since the note always self-destructs after it is read.

The hunt for the stolen BTC is on! Here is a short message from the hackers themselves: We would like to thank Google for pushing privnotes.com to the top of the list in its SERP, giving it some credibility. We also want to thank the self-destruct system of the notes sent from privnote.com, protecting our operations by masking the changes made from the senders’ prying eyes. Thank you for all your help!

Recevez un condensé de l’actualité dans le monde des cryptomonnaies en vous abonnant à notre nouveau service de newsletter quotidienne et hebdomadaire pour ne rien manquer de l’essentiel Cointribune !

Zoé De La Roche avatar
Zoé De La Roche

La mode c'est bien, mais la blockchain c'est l'avenir, on est d'accord non ?! C'est une super opportunité et un secteur en pleine évolution ! Au quotidien, mon travail c'est d'essayer de vulgariser au mieux les cryptos/blockchain qui paraissent pour beaucoup trop techniques.


The views, thoughts, and opinions expressed in this article belong solely to the author, and should not be taken as investment advice. Do your own research before taking any investment decisions.

Ne manquez aucune actu et abonnez-vous à Cointribune sur Google Actualités !