Bře 14

DADI ICO Investors Become Targets of Phishing Scams Amid Reports of Data Leak

· March 14, 2018 · 1:30 pm

In January of this year, DADI launched an ICO that required investors to undergo KYC (Know Your Customer) verification in order participate in the token sale. Investors were asked to provide personal information (full name, address, DOB, etc…) as well as upload a copy of their photo ID. According to recent reports, nearly all that personal data has been leaked and is now been used by scammers to try and steal people’s coins.


Users Voicing Complaints Censored

Over the past few days, DADI token sale investors have taken to Reddit, Telegram, and Twitter offering up reports of a coordinated phishing attack against those who signed up through DADI’s KYC customer process. The blockchain start-up was the victim of a data leak where user credentials such as names and email addresses were stolen by a team of hackers for use in this attack. In a disturbing turn, the DADI team appears to be silencing any reports of this attack on their social media channels, primarily their subreddit. DADI has publicly denounced the claims, saying any phishing attempt was from a hack on a “third party email marketing vendor” back in January.

Multiple emails from [email protected] found their way into user’s inboxes, attempting to resemble the official [email protected] email. Fake links to popular cryptocurrency websites were included, trying to get people to give up their private keys or passwords and steal their funds. Like the Binance phishing attack that happened earlier this year, the hackers used “punycode” techniques to create the fake internet addresses. Punycode allows for characters with a small dot underneath, the dot usually hidden by the underline many addresses have by default.

But Wait…There’s More!

This isn’t the first time DADI has been in the news for possible wrongdoing. Also in January of this year, the team was called out for plagiarizing huge portions of their whitepaper from other projects, most notably their competitor SONM. DADI responded to this allegation by stating that it was a mistake, and someone forgot to delete the portions from the whitepaper before it was released.

DADI phishing attack

Another blockchain based project and Airbnb competitor Bee Token was hit with a similar phishing attack last month. As more and more money moves into the crypto-currency space, scammers will continuously ramp up their efforts to defraud people of their hard-earned Bitcoins.

Were you involved with the DADI hack? What do you think about user security among scammy ICOs? Let us know in the comments below!


Images courtesy of Shutterstock, Pexels

Show comments

Share
Čvn 02

Spoofed Kraken Email Is A Mt.Gox Victims Phishing Attempt

Source: bitcoin

Bitcoinist_Email Phishing

It appears as if there is a phishing email making the rounds regarding the ongoing Mt. Gox investigation. These emails are allegedly coming from the Kraken exchange, and contain a link to a Google Drive file.

Also read: Six Russian Banks Lose US$25.7m To Hacker Collective

That file supposedly holds the list of all accepted and rejected Mt. Gox claims, but there is a likely chance this is an attempt to infect users with malware or ransomware.The incident was initially reported on the Bitcoin subreddit and seems to be targeting email address found on the Bitcointalk forum.

Malicious File Claiming To Hold Mt.Gox Information

What is even more disconcerting is how these messages allegedly are coming from the Kraken exchange platform. People who have been following the Mt. Gox bankruptcy proceedings will recall the exchange was appointed to aid in collecting affected customer’s claims for the trustee.

The phishing email contains a link to a Google Drive file, which should hold a list of all accepted and rejected Mt. Gox claims. It is not the first time a document like that is trying to make the rounds among Bitcoin members. The real information can be found here. Users should always be extra careful when facing these types of files and documents, as there is a high chance someone wants to hack your computer and steal your Bitcoin.

What is rather strange is how these emails are allegedly only sent out to members of the Bitcointalk forum, rather than those who have filed a Mt. Gox claim. There will be plenty of forum members who are affected by the defunct exchange. However, the vast majority of users may have used a different email address, which raises a lot of flags regarding this phishing attempt.

It is unclear as to why these messages are being sent to Bitcointalk users, or where the assailants got the email list from in the first place. Moreover, not every member of Bitcointalk has received the message to their email address on file either. A very strange phishing attempt, to say the least.

Did you receive a similar phishing email in the past 48 hours? Let us know in the comments below!

Source: Reddit

Images courtesy of Kraken, Shutterstock

The post Spoofed Kraken Email Is A Mt.Gox Victims Phishing Attempt appeared first on Bitcoinist.net.

Spoofed Kraken Email Is A Mt.Gox Victims Phishing Attempt

Share