Beware of new scam: Fake QR code generator successfully stole $46,000

So far, nine malicious QR code generation sites have stolen $46,000 from users.

Video link:

https://www.zdnet.com/video/network-of-fake-qr-code-generators-will-steal-your-bitcoin/

Nowadays, it is a very common practice to share Bitcoin addresses as QR codes with others to receive payments.

It is this convenience that causes big trouble when exploited by criminals.

According to media reports, a "Bitcoin to QR code" generator criminal network stole more than $45,000 from users in the past four weeks.

On these nine websites, users can enter their Bitcoin address, a long string of text where their Bitcoin funds are stored, and convert it into a QR code image that can be saved on a PC or smartphone.

Payers can scan the QR code through the Bitcoin wallet application to make payments without having to manually enter the lengthy Bitcoin address. By using the QR code, users can avoid transferring money to other wallets due to input errors.

Some websites try to hijack Bitcoin transactions through fake QR codes

Last week, Harry Denley, head of security at the MyCrypto platform, stumbled upon a suspicious website that converted Bitcoin addresses into QR codes.

Despite the existence of many similar services, Denley discovered that the website was essentially a malicious website. Instead of converting the input Bitcoin (BTC) address into a corresponding QR code, the website always generated the same QR code - the QR code of the scammer's wallet.

This means that if a user shares the QR code with others or puts it on a website soliciting donations, all the money will be sent to the scammer's Bitcoin address.

Image source: ZDNet

Image source: ZDNet

After discovering the first website, Denley found eight more that shared the same interface, suggesting they were all created by the same scammer:

·bitcoin-barcode-generator.com

bitcoinaddresstoqrcode.com

bitcoins-qr-code.com

btc-to-qr.com

create-bitcoin-qr-code.com

·free-bitcoin-qr-codes.com

·freebitcoinqrcodes.com

qr-code-bitcoin.com

qrcodebtc.com

Denley told us that these nine websites generate QR codes for five different Bitcoin addresses, and the funds received by these five addresses total more than seven Bitcoins ($45,000), most likely all from deceived users.

Denley said he used PassiveTotal, a threat intelligence platform from RiskIQ, to track down nine malicious websites and eventually found three web servers:

207.244.100.245

(https://pastebin.com/raw/rAZZwe0s)

207.244.100.241

(https://pastebin.com/raw/yDxmWT0C)

207.244.100.244

(https://pastebin.com/raw/XnUEAcue)

Using PassiveTotal, Denley also found that the same server was hosting more than 450 other types of websites with suspicious-looking domain names containing Gmail, coronavirus, and other cryptocurrency-related entities.

Most of the websites hosted on the three servers were not active and were simply advertisements for cryptocurrency gambling sites where users could place bets in the hope of winning large prizes.

But such sites are generally scams as most of them will hold all bets and not return the previously promised winnings to the bettors.

But in addition to QR code generators and websites displaying gambling ads, the three servers also hosted so-called “Bitcoin transaction accelerators.”

Such sites require users to enter a Bitcoin transaction ID and promise to "speed up" the transaction's approval process on the Bitcoin blockchain.

·bitcoin-transaction-accelerator.com

transaction-accelerator.com

·bitcoin-tx-transaction-accelerator.com

·viabtc-transaction-accelerator.com

The sites charged a fee of 0.001 bitcoin ($6.50), and according to Denley, the bitcoin addresses that collected the fees received more than 17.6 bitcoins, or $117,000.

"I'm still not sure where these sites are being advertised to be able to rake in so much money," Mr Denley said.

This isn't the first time this has happened.

But the MyCrypto researchers’ findings are not unique. There have been shady Bitcoin-to-QR code generator networks in the past.

For example, cryptocurrency wallet company ZenGo discovered one last August. According to ZenGo, the scammers managed to steal more than $20,000 at the time.

Scammers are using a variety of tricks, and perhaps only improved regulatory policies can better prevent these incidents. (Blockchain Base Camp)