Bittrex is a US-based cryptocurrency exchange known for buying and selling cryptocurrencies and digital tokens.
That’s the reason it makes for a lucrative target for hackers and cyber criminals.
Lately, Bittrex users are complaining about a fake website pretending to be the official site for Bittrex exchange.
But in reality, it is a phishing domain not only stealing login credentials of unsuspecting users but also the money saved in the exchange.
The original site address for Bittrex exchange is Bittrex.com while the Blttrex (dot) com. The difference between both addresses is “i” and “I” or L instead of an I which is enough to target those unfamiliar with phishing pages.
Furthermore, the fake site is a copy of the login page of Bittrex which again is helpful for cyber criminals to carry out their scam. Here are the screenshots of legit and phishing domains.
The phishing website was first noticed by one of its victims “Tourpaul” who wrote his experience on the social news service Steemit that he has fallen victim to a scam in which $2000 has been stolen.
On Aug 15, 2017, my Bittrex account got hacked !! lost all my money, over 2grand!!! I figured out what happened! The hackers created a website that looks just like the real one! Login page looks exactly the same!! And they will get your password and authenticator code once you try to log in on their website! It all happens in less than five minutes! I try to contact Bittrex but so far didn’t receive any reply!
I’m sure I won’t get my money back! The next day the fake website was gone! The website I spotted is “www.blttrex.com” I’m sure the hackers will create more fake website in the future so please be careful! Hope no one has to gone thru what happen to me, said Tourpaul.
A topic was also being discussed on Reddit which also warns users of the fake website. However, by checking on who.is, it can be seen that the phishing domain is owned by “Sergey Valerievich Kireev” from Russia. The data also shows owner’s address, city, state, postal code, phone number and email address which can be used to track him quite easily.
At the time of publishing this article, the fake domain was offline while Google Chrome browser was identifying the site as a phishing site. It’s unclear if the domain has been taken down by its hosting company or the scammer has decided to take it down.
Another phishing scam HackRead.com noticed was also reported by one of the users on Steemit.
In this scam, the cyber criminals were actually using Google AdWords service to rank their site on the first page of Google.
It may sound funny but the scam website was shown on top of the actual Bittrex website. Thank you, Google. However, at the time of publishing the article, this domain was also inactive.
Here is a screenshot grabbed by the user:
What users need to do is be vigilant and bookmark the official websites they visit, use password managers as they only auto fill saved login details for websites where users set it up. If a user is not on the correct URL it won’t auto fill since it doesn’t match the URL that was saved during the initial setup for that site.