Recently reports from cryptocurrency users filed on twitter indicate that there is a multitude of fake bitcoin QR code generators stealing money from unsuspecting users. A compilation of all the reports involving loss of BTC through fake QR scanners put a figure of $45,000 as the money lost in the month of March 2020 alone.
More than nice fake Bitcoin QR generators have been identified in the recent weeks. A security researcher tweeted that he identified two domains that hosted most of the identified fake BTC code generators. The same analyst identified seven other domains with similar interfaces. He concluded that all the fake QR code scanners came from the same developer since the domain hosting them had very similar interfaces.
More than 7 Bitcoins Lost to Fake QR Code Generators in one Month
There are legitimate Bitcoin QR codes generators issued by well-known cryptocurrency exchanges. However, there are malicious players on the internet who develop fake Bitcoin QR Code generators promising the same services are the legitimate ones. However, these fake QR code generators send the user bitcoin into another wallet where the user cannot retrieve their funds thus losing the funds.
Bitcoin code scanners are meant to change a user’s Bitcoin address into a QR code to eliminate the chances that the user would type a wrong address when sharing their addresses. QR codes are not readable or memorable by humans. This way once a user enters his address to be converted into a QR code, a malicious app can place a different address behind the QR code. The user shares the code with the sender who will send the funds to a different address other than the intended one.
The recent QR code fraud involved a series of up to five Bitcoin addresses where the funds were sent each time a user fell victim to the QR code fraud. The website hosting the fake Bitcoin QR codes are bitcoin-barcode-generator.com, bitcoinaddresstoqrcode.com, bitcoins-qr-code.com, btc-to-qr.com, create-bitcoin-qr-code.com, free-bitcoin-qr-codes.com, freebitcoinqrcodes.com, qr-code-bitcoin.com, and qrcodebtc.com.
More Than 450 Other Crypto-Related Malicious sites Hosted
After digging deep into the servers of the above-listed websites which hosted the fake Bitcoin QR code scanning apps, security researchers found more alarming news. There is a web of about 450 websites hosted by three servers all linking back to the sites running the Bitcoin QR code scams. The sites all have keywords such as Coronavirus, Gmail and all the cryptocurrencies in the market.
Among the sites is a bundle of sites that claimed to accelerate bitcoin transactions in exchange for 0.001 BTC. The Bitcoin addresses linked to the sites claiming to speed up Bitcoin transactions held a whopping 17.6 BTC translating to over $110,000.