Cryptocurrency trading sites have increasingly come under attack from cybercriminals over the past few months. Now, hackers have reportedly targeted US-based cryptocurrency exchange platform Bittrex. A fake Bittrex phishing site reportedly popped up and has already stolen from users.
Hackers are reportedly operating the fake site to steal users' login credentials and money saved in the exchange. The fake Bittrex site has allegedly been designed to perfectly mimic the legitimate site, even displaying a similar login page, presumably in efforts to lure victims into divulging their login credentials.
Hackread reported that the fake Bittrex site had minor differences, for instance, the fake site was Blttrex.com, which replaced the letter "i" with the letter "l". According to information on who.is, the popular platform that provides information on the owner of IP addresses, the fake Bittrex site is registered to a Russian named "Sergey Valerievich Kireev." The address, phone number, email address, city and post code of the owner of the fake Bittrex site is also available on who.is.
The fake site was offline at the time of writing. It is unclear if the site was taken down by the owner or by the hosting firm. Hackread reported that cybercriminals were using Google AdWords to rank yet another Bittrex phishing site (bittrex.me) high on Google search. At the time of writing, this second fake Bittrex site was also offline.
One user who was reportedly the first to spot the phishing domain claimed to have had his Bittrex account hacked and around $2,000 stolen. "On Aug 15 2017, my bittrex account got hacked !! lost all my money, over 2grand!!! I figured out what happened! The hackers created a website that looks just like the real one! Login page looks exactly the same," the user wrote on Steemit. "And they will get your password and authenticator code once you try to log in on their website! It all happens in less then five minutes!"
IBTimes UK has reached out to Bittrex to determine whether they've been contacted by any potential victims of the scam and is awaiting a response.