This article was published on March 21, 2019

Bitcoin scammer boasts $760,000 payday through dark web domain squatting


Bitcoin scammer boasts $760,000 payday through dark web domain squatting

A scammer is claiming to have made 200 BTC ($760,000) through ‘typosquatting’ criminal dark web sites on the Tor network, over the past four years.

Typosquatting is a form of cybersquatting – basically sitting on websites under someone else’s brand – that specifically targets users who incorrectly type a website address into their web browser to lead them to a spoof site. For example, typing Faceboook.com as opposed to Facebook.com.

bitcoin scammer
Splash page discovered on several dark web typosquat domains by Digital Shadows.

Digital Shadows, the company which unearthed the scammer’s claims and analyzed supporting evidence, says it cannot confirm whether the scammer operating this typosquat network was able to abscond with as much Bitcoin as they claim.

The attacker, though, mentions using a self-made payment processor on the websites, highlighting that some form of purchasing activity had taken place.

In this specific instance, Digital Shadows also observed how some of the sites used their own Bitcoin wallets to accept donations.

The scammer says 800 domains were used, a claim Digital Shadows deems possible based on its own analysis, which found approximately 500 domains after searching across several directories.

Harrison Van Riper, a strategy and research analyst at the firm, first came across a splash page in November last year. But the investigation was heightened after he realized this wasn’t an isolated instance – soon coming across other similar pages in relation to several popular dark web marketplaces and forums.

Eventually, he found more than 350 unique .onion domains were being used to spoof legitimate dark web domains.

The scammer’s claims remain unverified, but Van Riper notes this can serve as an important case study to highlight “what would happen if the issue of typosquatting gets out of hand and taken to the extreme.”

“The scammer claimed they had made off with a lot of money: 200 BTC, which is around $760,000 at the time of writing. That’s nothing to scoff at. If what the fraudster says is true, it proves how profitable brand impersonation and domain squatting can be,” he adds.

With hacks becoming increasingly more sophisticated and with payment mechanisms such as Bitcoin becoming more enticing, the onus is on companies and individuals to protect themselves against attacks of this nature. In the meantime, this story, like many before it, will continue to add to Bitcoin’s branding problem.

Did you know? Hard Fork has its own stage at TNW2019, our tech conference in Amsterdam. Check it out.

Get the TNW newsletter

Get the most important tech news in your inbox each week.

Also tagged with