$3 200 000 USD





"BTG is a cryptocurrency with Bitcoin fundamentals, mined on common GPUs instead of specialty ASICs. ASICs tend to monopolize mining to a few big players, but GPU mining means anyone can mine again - restoring decentralization and independence. GPU mining rewards go to individuals worldwide, instead of mostly to ASIC warehouse owners, recreating network effects that Bitcoin used to have."


"Bitcoin Gold was a new greedy chance for Bitcoin owners to earn some free money: importing mnemonic seeds or private keys belonging to a BTC wallet in a BTG one they had the opportunity to redeem their free BTG."


"As per reports that can be found on the internet, Mybtgwallet.com was created by a person called John Dass who was a respected member of the Bitcoin Gold community." "This was possible through local BTG clients or through some web services such as MyBTGWallet.com, a website listed directly on BTG official webpage. This particular case turned in a scam that stole an impressive number of Bitcoin from “unexperienced” users." "This site was listed on the official bitcoingold.org website as a wallet provider. It has since been removed."


"We have no reason to believe that anybody involved with Bitcoin Gold was involved with this scam. But they did have a conversation with the creator of the Mybtgwallet.com and help him test its balance reporting features."


There was "no formal relationship at all. He did interact with our devs in the Slack regarding developing his open-source code [and] his web site," he told CoinDesk. "The BTG Twitter account was simply supporting an individual in the community who was supporting BTG – that was their sole intent, at the time."


"It was a new cryptoasset that used the Bitcoin Gold name, itself a legitimate organization. While this cryptoasset seemed legitimate, it was actually fraudulent. The scammers behind the scheme created a legitimate-looking website (mybtgwallet.co), which offered new users the chance to create Bitcoin gold wallets. The key issue was, they had to submit the private wallet keys used to protect their cryptocurrency wallets to do so."


"MyBTGWallet scam worked in a very simple way: users imported the mnemonic seed of their BTC wallet on the scam page providing in this way the scammer with the private keys needed to steal the balance of bitcoin still on the wallet and any other cryptocurrencies stored on the same wallet (e.g. Ethereum or Litecoin in case it was a multicurrency wallet)." "Every time someone entered their mnemonic seed into MyBTGWallet, their mnemonic was Base64 encoded, stored on the website cookie, and then transmitted to Google." "There the scammer was free to decode it. Hence, they have full access to that person’s private keys derived from that seed."


"While this might seem both too good to be true and a little suspicious, it was enough to scam quite a number of people. Scammers were able to fraudulently acquire more than $3 million in Bitcoin."


"The website was used by many bitcoin holders after the fork happened. The scammers progressively moved the stolen funds to other bitcoin addresses. Thanks to open source intelligence activities, we were able to create the clusters of the stolen bitcoin and determine that the number of compromised addresses is almost 4500. The aggregated balance of those addresses is almost 400 Bitcoins (equal to 3.3 million Euros at current change rate)."


"By the time the scam was exposed, the fraudsters had managed to steal $3 million worth of Bitcoin, $107,000 worth of Bitcoin Gold, $72,000 worth of Litecoin, and $30,000 worth of Ether. Doubts still remain about the role, if any, played by the Bitcoin Gold website."


"MyBTGWallet was a website with the singular goal of scamming investors out of Bitcoin Gold. The site used links from legitimate Bitcoin Gold websites in order to dupe poor investors trying to get their hands on the cryptocurrency. By the time law enforcement uncovered the fraud, MyBTGWallet had scammed users out of over $3 million in Bitcoin Gold, LiteCoin, Bitcoin, and Ethereum."


"He mixed all the stolen keys to avoid paying too much fee to create a huge number of transactions."


"Then he started stealing directly from the mnemonic seed by creating new wallets each time and performing a transaction to empty the wallet without mixing it with other keys. The number of wallet emptied with the second method is roughly 70. The number of addresses compromised with the first method (key mixing) is 3500. Given the average number of addresses per wallet and some analysis on the transaction history of the grouped addresses, we can estimate that the number of compromised wallet is 345. Our final estimation is that the number of scammed victims is roughly 415."


"The investigation increasingly indicated that the original developer, 'John Dass,' was responsible for the fraud all along … He has dropped out of touch with us, as well," he said.


"As of Nov. 24th, 49 BTC have not been spent by the scammers but we have been able to recreate the spending patterns following the other money they moved. So far, we have been able to determine that about 289 BTC have been moved to a notorious bitcoin mixer named ChipMixer."


"On the Nov. 25th, 1.81 BTC were moved to ShapeShift shifting BTC to DASH (a privacy oriented cryptocyurrency). A total of 3 transactions were performed." "On Nov. 26th, 67 BTC were moved from the stealer wallet to Wex2 with three transactions (7, 30, 30 BTC)."


"Since the mnemonic seed is the key derivation for all the past and future keys created by the wallet, the attacker still has full control of those wallets. Some of them are still receiving and spending bitcoins thinking that the new addresses are safe. We suggest to the victim of the scam to stop using the old seed and start from a completely new one."


"What gets me the most, is this "Disclaimer" they put up on the BTGold official website, the very moment we all got our coins stolen, and they quietly removed the link from their site, all without an official announcement to save other users from the same pitfall, mysteriously. You'd think that they'd want to avoid other users getting scammed by putting out an urgent announcement, alongside the removal of the link."

The My BTG Wallet was a fake wallet listed on the official Bitcoin Gold website. A developer gained prominence in the community and requested them to link to his wallet. This service asked user to enter their private key, then sent it to the attacker. Once the scheme was uncovered, the link was removed, however no urgent announcement was launched. No funds were recovered.

Sources And Further Reading

 For questions or enquiries, email info@quadrigainitiative.com.

Get Social

  • email
  • reddit
  • telegram
  • Twitter

© 2021 Quadriga Initiative. Your use of this site/service accepts the Terms of Use and Privacy Policy. This site is not associated with Ernst & Young, Miller Thompson, or the Official Committee of Affected Users. Hosted in Canada by HosterBox.