Hot search keywords

Hot search keywords

ICO Investors Lose All Their Money When Reads a Whitepaper Encoded with Viruses

An ICO investor reported June 29 he fell victim to a scam in which he was led to believe a startup is doing an ICO project.  Alex said he received a zip file with detailed information about the project and found his 80,000 yuan worth of ETH disappeared the next day.

conman

The conman whose QQ number is 45295299 added Alex this Thursday claiming that he is working on an ICO project and wishes Alex to help check the whitepaper.

He said something nice about Alex and asked him to support his project. The criminal promised Alex that if everything worked out fine, he could get some kickback.

Alex took the bait. He received a zip file detailing everything he needs to know about the project.

When he was about to give some feedback on the whitepaper this morning, he was shocked to find that he lost 80,000 yuan worth of ETH.

The worst is yet to come. Alex searched the QQ number on Baidu and realized that the crook had been asking questions about how to bypass an antivirus on several hacker forums.

An antivirus works to detect viruses through two main ways, signature based detection and suspicious behavior. To cheat an antivirus, it involves a lot of encoding work. You can learn about about it at semantic:http://www.secmaniac.com/blog/2010/02/24/set-v0-4-1-rise-of-the-pink-pirate/

When Alex shared his story in an ICO group, he was surprised to hear that he was not the only victim. Some investors lost 180,000 yuan and some at least 1 million yuan. Now Alex has reported it to the police.

These victims all received an ICO file and the antivirus failed to detect some malware in it.

They read the whitepaper all night long in hopes of giving some useful advice and expected to get some rewards. But there is no such a thing called “Read my whitepaper, I’ll pay you.”

transaction record

Tan Guopeng, founder of bitbill, said this morning that one of his colleagues lost all of his cryptocurrencies. He has been using imToken wallet and his assets were transferred last night without his knowledge. He is now talking with the company to see if there is any way to get his assets back.

COMMENTS(17)

  • BitcoinAllBot
    3 months ago BitcoinAllBot

    Here is the link to the original comment thread. Or you can comment here to start a discussion. Author: 8btccom

  • jessquit
    3 months ago jessquit

    Well that’s a novel way to keep noobs from reading the Satoshi paper. Make people afraid of “white papers.”

  • KoKansei
    3 months ago KoKansei

    But there is no such a thing called “Read my whitepaper, I’ll pay you.”

    AKA, the 0th Law of Economics: There is no such thing as a free lunch.

    It is kind of disappointing that they don’t get into any of the technical details of how the trojan worked and how it was able to re-send the victim’s ether so easily. Did all the victims just leave their private keys unencrypted on their computers, or what?

    Edit: The thought just occurred to me that it would be funny if the author of the trojan ended up having used some of those leaked NSA 0-day expoits to pull off his heist.

  • SnapshillBot
    3 months ago SnapshillBot

    Given Bitcoin as tips (via paper wallets?) would almost force the servers to get into Bitcoin

    Snapshots:

    This Post – archive.org, megalodon.jp*, archive.is

    I am a bot.(Info/Contact)

  • zom-ponks
    3 months ago zom-ponks

    Impressive, normally the whitepaper just describes the scam, now it is itself a scam.

    But it’s his fault for not epoxying his birdbath.

  • jstolfi
    3 months ago jstolfi

    Now that is what I would call a smart contract. It manages to fleece you even before you sign it.

  • leducdeguise
    3 months ago leducdeguise

    an Guopeng, founder of bitbill, said this morning that one of his colleagues lost all of his cryptocurrencies. He has been using imToken wallet and his assets were transferred last night without his knowledge. He is now talking with the company to see if there is any way to get his assets back.

    Immutability! Be Your Own BankTM ! Fundamentals!

  • kekcoin
    3 months ago kekcoin

    PDFs are notorious for carrying viruses, but at the same time it’s “the” ubiquitous document format that every noob has the software for. It’s a problem that needs a universal solution, really, or it just won’t work.

  • devliegende
    3 months ago devliegende

    It could have been worse.
    If it was a real ICO and he had invested his 80,000 yuan in ether in it and the ether price had shot up 1000% as a result, he would have lost up to 80,000,000 yuan worth of ether.

  • zom-ponks
    3 months ago zom-ponks

    “It wasn’t me sir, it was the whitepaper acting in it’s own enlightened self-interest.”

  • extoleth
    3 months ago extoleth

    We need a hardware wallet, just for whitepaper reading.

  • ZaphodBoone
    3 months ago ZaphodBoone

    Ok he received an email and a zip file right. But what was in the zip file?

    Did he click on any kind of executable file on the same computer he run his wallet? Well then yes, the problem is not the whitepaper, it’s that the guy is technologically illiterate, and even if no one deserve to be scammed, taking charge for securing your assets when you know nothing about security is the the problem.

  • SuaveMariMagno
    3 months ago SuaveMariMagno

    Maybe they can hardfork them out of this nightmare ?

  • boof_de_doof
    3 months ago boof_de_doof

    He is now talking with the company to see if there is any way to get his assets back.

  • IIoWoII
    3 months ago IIoWoII

    This is on the level of mysummerolpics.jpg.zip.exe

  • jstolfi
    3 months ago jstolfi

    I don’t use Windows. I recall reading that one of its “features” was that trying to open an executable file sent as an email attachment would auto-execute it, even if the file had a bogus extension like “.pdf” or “.zip” instead of “.exe”. Was that true? Is t still the case?

  • ZaphodBoone
    3 months ago ZaphodBoone

    That one was an outlook/office exploit if I remember correctly, but there is also the fact that for many years now, Windows hides by default the file extensions, so most users these days have no concept of file extension so they click on anything thinking it’s all the same.

Please sign in first