CryptoPotato
CryptoPotato
  • Crypto News
  • Margin Trading
  • Guides
    • Bitcoin & Crypto Guides 101
    • Bitcoin For Beginners
    • Editorials
  • DeFi & NFT
  • Buy
  • Language
  • Crypto News
  • Bitcoin For Beginners
  • Cryptocurrency Guides 101
  • Editorials
  • Bitcoin & Crypto Margin Trading
  • DeFi & NFT News
  • Bitcoin Price Analysis
  • CryptoPotato Crypto Fund
  • Ethereum (ETH) Price Analysis
  • Ripple (XRP) Price Analysis
  • Market Updates
  • Interviews
  • Buy Bitcoin with Card
  • bitcoin
    BTC$26,213.00
  • ethereum
    ETH$1,578.29
    • Market Updates
    • BTC Analysis
    • ETH Analysis
    • XRP Analysis
    • Interviews
    • Opinions
    CryptoPotato
    CryptoPotato
    • Crypto News
    • Margin Trading
    • Guides
      • Bitcoin & Crypto Guides 101
      • Bitcoin For Beginners
      • Editorials
    • DeFi & NFT
    • Buy
    • Language
    • Crypto News
    • Bitcoin For Beginners
    • Cryptocurrency Guides 101
    • Editorials
    • Bitcoin & Crypto Margin Trading
    • DeFi & NFT News
    • Bitcoin Price Analysis
    • CryptoPotato Crypto Fund
    • Ethereum (ETH) Price Analysis
    • Ripple (XRP) Price Analysis
    • Market Updates
    • Interviews
    • Buy Bitcoin with Card
    Home » Crypto News » Beware: Popular Encrypted Messaging Service Cloned To Steal Bitcoin

    Beware: Popular Encrypted Messaging Service Cloned To Steal Bitcoin

    Author: Jordan Lyanchev

    Last Updated Jun 15, 2020 @ 12:04

    A recent report warns of a scam that clones a legitimate service offering private, encrypted, and self-destructive messages, to alter BTC addresses and ultimately steal funds from unsuspecting victims.

    Stealing BTC By Altering Addresses

    According to the report by KrebsonSecurity, a fraudulent website called Privnotes has been impersonating Privnote.com for about a year. Users are typically utilizing the legitimate service Privnote.com (without the “s”) because it offers encrypted messages that self-destruct automatically when the other party reads them.

    The cybersecurity blog has examined how the impersonating website operates to find its goal and how it deceives people. It concluded that “any messages containing Bitcoin addresses will be automatically altered to include a different Bitcoin address, as long as the Internet addresses of the sender and receiver of the message are not the same.”

    It added that the “the phishing site uses some kind of automated script that scours messages for Bitcoin addresses, and replaces any Bitcoin addresses found with its own.”

    This means that if one user sends funds to another one, they will ultimately arrive at the Bitcoin addresses owned by the perpetrators, not the originally intended one.

    What makes this scam especially worrisome is the fact that once a user initiates a “privnotes” Google search, which sounds almost identical to the original website, the results place the fraudulent site on top because of a misleading paid ad.

    "PrivnoteS" Google Search. Source: KrebsonSecurity
    “PrivnoteS” Google Search. Source: KrebsonSecurity

    The operators of the legitimate website – privnote.com – claim that the fraudulent one is not even implementing full encryption, and the messages can be read or modified.

    “It is very simple to check that the note in privnoteS is sent unencrypted in plain text. Moreover, it doesn’t enforce any kind of decryption when opening a note and the key after # in the URL can be replaced by arbitrary characters, and the note will still open.”

    A Smart Scam

    Chief Research Officer Allison Nixon assisted with the investigation of the scam and called it a “pretty smart” one.

    “And because of the design of the site, the sender won’t be able to view the message because it self-destructs after one open, and the type of people using privnote aren’t the type of people who are going to send that Bitcoin wallet any other way for verification purposes.” – explained Nixon.

    Although this investigation hasn’t disclosed if or how many bitcoins were indeed stolen, a recent report informed that crypto thefts, hacks, and frauds totaled $1.4 billion in the first five months of this year. However, it’s worth noting that despite the large amount, the cryptocurrency field is maturing with more robust security systems.

    SPECIAL OFFER (Sponsored)
    Binance Free $100 (Exclusive): Use this link to register and receive $100 free and 10% off fees on Binance Futures first month (terms).

    PrimeXBT Special Offer: Use this link to register & enter CRYPTOPOTATO50 code to receive up to $7,000 on your deposits.

    You Might Also Like:

    • BidenTrumpBitcoin
      Trump Or Biden? Max Keiser Explains Why Bitcoin Will Be The Ultimate Winner After the US Elections
    • scan_cover
      Brainwallet Users Beware: Hackers Scan Bitcoin's Network 24/7 for Popular Passphrases
    • filb2
      $14,000 By End of 2020 a Reasonable Target for Bitcoin's Price: Filb Filb in Exclusive Trader's Digest
    Tags: Bitcoin Crypto Scams Security
    Enjoy reading? Share with your friends
    Facebook Twitter LinkedIn Telegram

    About The Author

    Jordan Lyanchev
    More posts by this author

    Jordan got into crypto in 2016 by trading and investing. He began writing about blockchain technology in 2017 and now serves as CryptoPotato's Assistant Editor-in-Chief. He has managed numerous crypto-related projects and is passionate about all things blockchain. Contact Jordan: LinkedIn

  • bitcoin
    BTC$26,213.00
  • ethereum
    ETH$1,578.29
  • Join Our Community

    FacebookTwitter YouTubeTelegram


    Editorials
    Quantstamp’s CEO: Here’s Why ‘Audited By’ for Crypto Security in 2023 is Not Enough (Interview)

    Quantstamp’s CEO: Here’s Why ‘Audited By’ for Crypto Security in 2023 is Not Enough (Interview)

    Deep Dive into Ethereum: What Changed A Year Post-Merge?

    Deep Dive into Ethereum: What Changed A Year Post-Merge?

    The Reports of Friend.tech Death Have Been Greatly Exaggerated (Opinion)

    The Reports of Friend.tech Death Have Been Greatly Exaggerated (Opinion)

    Exploring PayPal’s Foray into Cryptocurrency: A Game-Changer in Digital Finance

    Exploring PayPal’s Foray into Cryptocurrency: A Game-Changer in Digital Finance

    DeFi Without Native Rights Is Dead

    DeFi Without Native Rights Is Dead

    How Does the Shiba Inu (SHIB) Burn Work: Everything You Need to Know

    How Does the Shiba Inu (SHIB) Burn Work: Everything You Need to Know

    Crypto Will Go Away If There’s No Privacy: Interview With Anoma and Namada’s Adrian Brink

    Crypto Will Go Away If There’s No Privacy: Interview With Anoma and Namada’s Adrian Brink

    Join Our Newsletter
    Become a CryptoPotato VIP
    One Weekly Email Can Change Your Crypto Life.
    Sign-up FREE to receive our extended weekly market update and coin analysis report
    We NEVER send spam. You can unsubscribe at any time.
    Invalid email address
    Thanks for subscribing!
    Footer Logo
    About
    Advertise on CryptoPotato
    About Us | Contact Us | Careers
    Editorial Policy
    Terms of service | Privacy Policy | GDPR
    More Sections
    IEO List | Evaluations
    Airdrops
    Scholarship
    Disclaimer
    Disclaimer: Information found on CryptoPotato is those of writers quoted. It does not represent the opinions of CryptoPotato on whether to buy, sell, or hold any investments. You are advised to conduct your own research before making any investment decisions. Use provided information at your own risk. Full disclaimer
    © Copyright CryptoPotato 2016 - 2021
    Scroll to top
    One Weekly Email Can Change Your Crypto Life.

    Sign-up FREE to receive our extended weekly market update and coin analysis report

    We never send SPAM. You can unsubscribe at any moment
    Invalid email address
    Thanks for subscribing!