Entrapment E-mail were Sent to Several Exchanges, blackmailing for BTC
Recently, a number of crypto exchanges received entrapment e-mails. The blackmailer sent an e-mail or telegram message to the exchange claiming that there were bugs in the exchange which might result in breakdown once attacked. The blackmailer said in the message that if the exchange wants to obtain bugs reports, BTC should be paid to the appointed address. However, several exchanges said that the blackmailer only sent preliminary bug reports or did not have any response after paying BTC.
“At present, five exchanges have received entrapment e-mails. The blackmailers use different mailboxes or Telegram IDs to send blackmail messages to the managers of the exchanges. The amount of blackmail varies from 0.1BTC to 2BTC, and different BTC addresses are used.”
Said by SlowMist, a blockchain ecology keeper. The blackmailer’s Telegram ID is @zed1331, @bbz12, @samzzcyber, the mailbox is email@example.com, and the BTC address is 3GQt2zJnPAWvirym7pbwvNTeM5igGuKxy, which accounts for about 4345 BTCs (about $404,100), as shown below.
The entrapment e-mail reads, “There is a ‘Web Service Overflow’ bug in the exchange. Once attacked, it will cause the Web server to crash and ultimately be inaccessible… We can solve this problem… If you want to get a bug report, you need to pay two BTC to the appointed address.” The blackmailer also claimed that “by March 1, 2019, about $100,000 has been awarded, including KuCoin, CoinSwitch, Phantasma, Platon Finance, Vulnerability Analysis, STEX Exchange, XCOYNZ Project and so on.”
There’s another kind of entrapment email related to Linkedin.
The mail contains a Linkedin link, only by logging in to your personal account can you view personal information on Linkedin platform, so when exchange staff log in to their Linkedin account to view Linkedin account information of blackmailer, blackmailer can also view the information of the staff.
The so-called “entrapment e-mail” means that the blackmailer disguises himself as a trustworthy person or organization to obtain the recipient’s user name, password, private key and other private information by means of e-mail, communication software, social media.
For an exchange, whether or not bugs were actually discovered by blackmailer, they are willing to gamble. By this means, exchange may get rid of some public relations crisis. In fact, the blackmailer is taking advantage of the psychology of the exchange.
Why some exchanges were deceived is mainly because of the lack of judging ability of professional security and information isolation, which made them unable to make an accurate judgment of the overall situation of the current bugs.