Bitcoins Reserve Social Engineering: Difference between revisions

From Quadriga Initiative Cryptocurrency Hacks, Scams, and Frauds Repository
Jump to navigation Jump to search
No edit summary
No edit summary
Line 1: Line 1:
{{Imported Case Study|source=https://www.quadrigainitiative.com/casestudy/bitcoinsreservesocialengineering.php}}
{{Imported Case Study 2|source=https://www.quadrigainitiative.com/casestudy/bitcoinsreservesocialengineering.php}}
{{Unattributed Citations}}
{{Unattributed Sources}}


[[File:Bitcoinsreserve.jpg|thumb|Bitcoins Reserve]]The Bitcoins Reserve email address of Sam Lee was leaked by the US Marshall Service as part of their auction of bitcoin seized from Silk Road. Sam Lee then received and fell for a targeted spear phishing attack, where he entered his password in a fake Google Drive website. The attackers used his email account to request the CTO Jim Chen to transfer them 100 bitcoins and he happily obliged. The money was reimbursed by the platform, so no customers faced losses. It appears that Bitcoins Reserve website has remained online until June 2019.
[[File:Bitcoinsreserve.jpg|thumb|Bitcoins Reserve]]The Bitcoins Reserve email address of Sam Lee was leaked by the US Marshall Service as part of their auction of bitcoin seized from Silk Road. Sam Lee then received and fell for a targeted spear phishing attack, where he entered his password in a fake Google Drive website. The attackers used his email account to request the CTO Jim Chen to transfer them 100 bitcoins and he happily obliged. The money was reimbursed by the platform, so no customers faced losses. It appears that Bitcoins Reserve website has remained online until June 2019.


This exchange or platform is based in Australia, or the incident targeted people primarily in Australia.
This exchange or platform is based in Australia, or the incident targeted people primarily in Australia.<ref name="coindesk-4032" /><ref name="coindesk-4033" /><ref name="coindesk-4034" /><ref name="blockchaindotcom-4035" /><ref name="crunchbase-4036" /><ref name="bitcoinsreservelinkedin-4037" /><ref name="bitcoinsreservearchive-4038" /><ref name="bitcoinsreservearchive-4039" /><ref name="linkedin-4040" /><ref name="coinmarketcap-623" />
<ref name="coindesk-4032" /><ref name="coindesk-4033" /><ref name="coindesk-4034" /><ref name="blockchaindotcom-4035" /><ref name="crunchbase-4036" /><ref name="bitcoinsreservelinkedin-4037" /><ref name="bitcoinsreservearchive-4038" /><ref name="bitcoinsreservearchive-4039" /><ref name="linkedin-4040" /><ref name="coinmarketcap-623" />


== About Bitcoins Reserve ==
== About Bitcoins Reserve ==
Line 71: Line 70:
!Description
!Description
|-
|-
|July 4th, 2014 12:00:00 AM
|July 4th, 2014
|Main Event
|Main Event
|Expand this into a brief description of what happened and the impact. If multiple lines are necessary, add them here.
|Expand this into a brief description of what happened and the impact. If multiple lines are necessary, add them here.
Line 98: Line 97:
== Ongoing Developments ==
== Ongoing Developments ==
What parts of this case are still remaining to be concluded?
What parts of this case are still remaining to be concluded?
== General Prevention Policies ==
Better training for platform operators would avoid falling for schemes like this. Storing funds in a multi-sig wallet where they must be approved by multiple team members increases the scrutiny on transactions.
== Individual Prevention Policies ==
{{Prevention:Individuals:Placeholder}}
{{Prevention:Individuals:End}}


== Prevention Policies ==
== Platform Prevention Policies ==
Better training for platform operators would avoid falling for schemes like this. Storing funds in a multi-sig wallet where they must be approved by multiple team members increases the scrutiny on transactions.
{{Prevention:Platforms:Placeholder}}
 
{{Prevention:Platforms:End}}
 
== Regulatory Prevention Policies ==
{{Prevention:Regulators:Placeholder}}
 
{{Prevention:Regulators:End}}


== References ==
== References ==
<references><ref name="coindesk-4032">[https://www.coindesk.com/markets/2014/07/20/the-9-biggest-screwups-in-bitcoin-history/ The 9 Biggest Screwups in Bitcoin History] (Oct 1, 2021)</ref>
<references><ref name="coindesk-4032">[https://www.coindesk.com/markets/2014/07/20/the-9-biggest-screwups-in-bitcoin-history/ The 9 Biggest Screwups in Bitcoin History] (Oct 2, 2021)</ref>


<ref name="coindesk-4033">[https://www.coindesk.com/markets/2014/06/18/confirmed-list-of-possible-silk-road-bitcoin-bidders-leaked-by-us-marshals/ List of Possible Silk Road Bitcoin Bidders Leaked by US Marshals] (Oct 1, 2021)</ref>
<ref name="coindesk-4033">[https://www.coindesk.com/markets/2014/06/18/confirmed-list-of-possible-silk-road-bitcoin-bidders-leaked-by-us-marshals/ List of Possible Silk Road Bitcoin Bidders Leaked by US Marshals] (Oct 2, 2021)</ref>


<ref name="coindesk-4034">[https://www.coindesk.com/business/2014/07/04/phishing-scam-targets-us-marshals-service-bitcoin-auction-list/ Phishing Scam Targets US Marshals Service Bitcoin Auction List] (Oct 1, 2021)</ref>
<ref name="coindesk-4034">[https://www.coindesk.com/business/2014/07/04/phishing-scam-targets-us-marshals-service-bitcoin-auction-list/ Phishing Scam Targets US Marshals Service Bitcoin Auction List] (Oct 2, 2021)</ref>


<ref name="blockchaindotcom-4035">[https://www.blockchain.com/btc/address/1NvuJ3BsASceNXWbe921VpExg6sdk9a1tM Address: 1NvuJ3BsASceNXWbe921VpExg6sdk9a1tM | Blockchain Explorer] (Oct 1, 2021)</ref>
<ref name="blockchaindotcom-4035">[https://www.blockchain.com/btc/address/1NvuJ3BsASceNXWbe921VpExg6sdk9a1tM Address: 1NvuJ3BsASceNXWbe921VpExg6sdk9a1tM | Blockchain Explorer] (Oct 2, 2021)</ref>


<ref name="crunchbase-4036">[https://www.crunchbase.com/person/sam-lee-7 https://www.crunchbase.com/person/sam-lee-7] (Nov 12, 2021)</ref>
<ref name="crunchbase-4036">[https://www.crunchbase.com/person/sam-lee-7 https://www.crunchbase.com/person/sam-lee-7] (Nov 13, 2021)</ref>


<ref name="bitcoinsreservelinkedin-4037">[https://au.linkedin.com/company/bitcoins-reserve https://au.linkedin.com/company/bitcoins-reserve] (Nov 12, 2021)</ref>
<ref name="bitcoinsreservelinkedin-4037">[https://au.linkedin.com/company/bitcoins-reserve https://au.linkedin.com/company/bitcoins-reserve] (Nov 13, 2021)</ref>


<ref name="bitcoinsreservearchive-4038">[https://web.archive.org/web/20150214144819/http://www.bitcoinsreserve.com/ Bitcoins Reserve | Your cryptocurrency investment concierge] (Nov 12, 2021)</ref>
<ref name="bitcoinsreservearchive-4038">[https://web.archive.org/web/20150214144819/http://www.bitcoinsreserve.com/ Bitcoins Reserve | Your cryptocurrency investment concierge] (Nov 13, 2021)</ref>


<ref name="bitcoinsreservearchive-4039">[https://web.archive.org/web/20150513021827/http://www.bitcoinsreserve.com/ Bitcoins Reserve | Your cryptocurrency investment concierge] (Nov 12, 2021)</ref>
<ref name="bitcoinsreservearchive-4039">[https://web.archive.org/web/20150513021827/http://www.bitcoinsreserve.com/ Bitcoins Reserve | Your cryptocurrency investment concierge] (Nov 13, 2021)</ref>


<ref name="linkedin-4040">[https://www.linkedin.com/in/yang-he-7a5612a3 https://www.linkedin.com/in/yang-he-7a5612a3] (Nov 12, 2021)</ref>
<ref name="linkedin-4040">[https://www.linkedin.com/in/yang-he-7a5612a3 https://www.linkedin.com/in/yang-he-7a5612a3] (Nov 13, 2021)</ref>


<ref name="coinmarketcap-623">[https://coinmarketcap.com/currencies/bitcoin/historical-data/ Bitcoin price today, BTC live marketcap, chart, and info | CoinMarketCap] (May 15, 2021)</ref></references>
<ref name="coinmarketcap-623">[https://coinmarketcap.com/currencies/bitcoin/historical-data/ Bitcoin price today, BTC live marketcap, chart, and info | CoinMarketCap] (May 16, 2021)</ref></references>

Revision as of 17:57, 12 April 2023

Notice: This page is a freshly imported case study from the original repository. The original content was in a different format, and may not have relevant information for all sections. Please help restructure the content by moving information from the 'About' and 'General Prevention' sections to other sections, and add any missing information or sources you can find. If you are new here, please read General Tutorial on Wikis or Anatomy of a Case Study for help getting started.

Notice: This page contains sources which are not attributed to any text. The unattributed sources follow the initial description. Please assist by visiting each source, reviewing the content, and placing that reference next to any text it can be used to support. Feel free to add any information that you come across which isn't present already. Sources which don't contain any relevant information can be removed. Broken links can be replaced with versions from the Internet Archive. See General Tutorial on Wikis, Anatomy of a Case Study, and/or Citing Your Sources Guide for additional information. Thanks for your help!

Bitcoins Reserve

The Bitcoins Reserve email address of Sam Lee was leaked by the US Marshall Service as part of their auction of bitcoin seized from Silk Road. Sam Lee then received and fell for a targeted spear phishing attack, where he entered his password in a fake Google Drive website. The attackers used his email account to request the CTO Jim Chen to transfer them 100 bitcoins and he happily obliged. The money was reimbursed by the platform, so no customers faced losses. It appears that Bitcoins Reserve website has remained online until June 2019.

This exchange or platform is based in Australia, or the incident targeted people primarily in Australia.[1][2][3][4][5][6][7][8][9][10]

About Bitcoins Reserve

"Bitcoins Reserve has serviced hundreds of customers since starting operations in June 2013, first to market in Cryptocurrency Arbitrage and large volume Procurement, we work to offer our investors a diversified approach to generate returns in both Fiat and Cryptocurrency." "Offering the worlds first cryptocurrency arbitrage fund, Bitcoins Reserve has since June 2013 consistently generated double digit monthly returns for investors. Since the fund started 9 months ago, our automated trading engine has generated a return of over 205.8%." "Our team constantly seeks and executes opportunities and manage their associated risks. With a strong understanding on what is becoming the greatest financial revolution in the 21st century, we have helped both skeptics and believers realise incredible returns in the Cryptocurrency space."

"Based out of Level 11, 470 Collins Street, Melbourne, Australia, Bitcoins Reserve runs a number of initiatives educational initiatives such as Bitcoins 101 and the Arbitrage Acadamy. We take pride to provide the general public with the information necessary for them to make an informed decision when investing into cryptocurrency, one such investment vehicle is our Arbitrage fund, which performs automated simultaneous trades across multiple exchanges with price differentials, to correct market inefficiencies and bring liquidity, all in the while netting profitable trades."

"In addition, we work with a number of retail exchanges and OTC traders to provide procurement services, providing emergency liquidity when a larger than expected buy or sell order is beyond their capacity to service." "Looking to stake a portion of your assets in Cryptocurrencies? Having fostered close relationships with major global and regional exchanges, we’re able to offer wiring services as well facilitate localised on demand Over The Counter buying and selling." "Bitcoins Reserve can help secure your cryptocurrency assets through our cold storage solution."

"The US government's recent auction of bitcoin seized from Silk Road was a landmark in bitcoin's story – as many have pointed out, it gives some small sense of legitimacy to the currency in the sense that the government wouldn't auction off seized cocaine, for example. The US government is willing to deal in bitcoin to some extent, a small but important signal."

"But it was also accompanied by its fair share of farce. Before the auction the government accidentally emailed the potential participants but forgot to bcc them, so everyone who received the email could see who else had been emailed, meaning their names were eventually leaked."

"The message was not intended for any particular group of people, but for anyone who had emailed a question to the general mailbox to ask about the auction. Only recipient email addresses were disclosed."

"The upshot of the US government leak is that the people whose emails were leaked were targeted by scammers, one of whom succeeded in dramatic style." "Individuals on the recipients list of the leaked US Marshals Service email to Silk Road auction enquirers are being targeted in a phishing attack, and at least one individual has fallen for the scam."

"Sam Lee of of bitcoin fund Bitcoins Reserve received an email claiming to be from a media company. The attached document was supposedly a list of interview questions but actually linked to a website prompting Lee to enter his password. When he did, the attacker took over his email and sent a message to the CTO, requesting a transfer of 100 bitcoin."

"The funds were sent by the firm's chief technology officer, Jim Chen, after he received what seemed like an email request to do so from Lee. In fact, the funds ended up being sent outside the company to the attacker's wallet. The transaction can be seen here, according to Lee."

"Lee received an email on 21st June from a certain 'Linda Jackson' claiming to represent BitFilm Production, a genuine company based in Germany. Jackson falsely claimed that the firm was assembling a series of interviews about the impending auction for a client."

"Jackson then sent Lee a second email containing a link that directed to a file containing the questions for the interviews. This appeared to be a Google Drive document, but was actually a website controlled by the attacker."

"The faked page then requested Lee's email password to gain access to the document, and consequently, when the password was entered, the attacker gained access to Lee's email accounts."

"The scammers finally sent an email, purporting to be from Lee, to various employees requesting funds be sent to an external bitcoin wallet address, and the CTO unsuspectingly complied."

"As this attack vector was only successful due to an oversight in operations, the founders of Bitcoins Reserve will compensate the company by injecting an additional 100 Bitcoins to ensure we're still effectively performing arbitrage for our investors."

This exchange or platform is based in Australia, or the incident targeted people primarily in Australia.

The background of the exchange platform, service, or individuals involved, as it would have been seen or understood at the time of the events.

Include:

  • Known history of when and how the service was started.
  • What problems does the company or service claim to solve?
  • What marketing materials were used by the firm or business?
  • Audits performed, and excerpts that may have been included.
  • Business registration documents shown (fake or legitimate).
  • How were people recruited to participate?
  • Public warnings and announcements prior to the event.

Don't Include:

  • Any wording which directly states or implies that the business is/was illegitimate, or that a vulnerability existed.
  • Anything that wasn't reasonably knowable at the time of the event.

There could be more than one section here. If the same platform is involved with multiple incidents, then it can be linked to a main article page.

The Reality

This sections is included if a case involved deception or information that was unknown at the time. Examples include:

  • When the service was actually started (if different than the "official story").
  • Who actually ran a service and their own personal history.
  • How the service was structured behind the scenes. (For example, there was no "trading bot".)
  • Details of what audits reported and how vulnerabilities were missed during auditing.

What Happened

The specific events of the loss and how it came about. What actually happened to cause the loss and some of the events leading up to it.

Key Event Timeline - Bitcoins Reserve Social Engineering
Date Event Description
July 4th, 2014 Main Event Expand this into a brief description of what happened and the impact. If multiple lines are necessary, add them here.

Total Amount Lost

The total amount lost has been estimated at $63,000 USD.

How much was lost and how was it calculated? If there are conflicting reports, which are accurate and where does the discrepancy lie?

Immediate Reactions

How did the various parties involved (firm, platform, management, and/or affected individual(s)) deal with the events? Were services shut down? Were announcements made? Were groups formed?

Ultimate Outcome

What was the end result? Was any investigation done? Were any individuals prosecuted? Was there a lawsuit? Was any tracing done?

Total Amount Recovered

There do not appear to have been any funds recovered in this case.

What funds were recovered? What funds were reimbursed for those affected users?

Ongoing Developments

What parts of this case are still remaining to be concluded?

General Prevention Policies

Better training for platform operators would avoid falling for schemes like this. Storing funds in a multi-sig wallet where they must be approved by multiple team members increases the scrutiny on transactions.

Individual Prevention Policies

No specific policies for individual prevention have yet been identified in this case.

For the full list of how to protect your funds as an individual, check our Prevention Policies for Individuals guide.

Platform Prevention Policies

Policies for platforms to take to prevent this situation have not yet been selected in this case.

For the full list of how to protect your funds as a financial service, check our Prevention Policies for Platforms guide.

Regulatory Prevention Policies

No specific regulatory policies have yet been identified in this case.

For the full list of regulatory policies that can prevent loss, check our Prevention Policies for Regulators guide.

References

  1. The 9 Biggest Screwups in Bitcoin History (Oct 2, 2021)
  2. List of Possible Silk Road Bitcoin Bidders Leaked by US Marshals (Oct 2, 2021)
  3. Phishing Scam Targets US Marshals Service Bitcoin Auction List (Oct 2, 2021)
  4. Address: 1NvuJ3BsASceNXWbe921VpExg6sdk9a1tM | Blockchain Explorer (Oct 2, 2021)
  5. https://www.crunchbase.com/person/sam-lee-7 (Nov 13, 2021)
  6. https://au.linkedin.com/company/bitcoins-reserve (Nov 13, 2021)
  7. Bitcoins Reserve | Your cryptocurrency investment concierge (Nov 13, 2021)
  8. Bitcoins Reserve | Your cryptocurrency investment concierge (Nov 13, 2021)
  9. https://www.linkedin.com/in/yang-he-7a5612a3 (Nov 13, 2021)
  10. Bitcoin price today, BTC live marketcap, chart, and info | CoinMarketCap (May 16, 2021)
Retrieved from "https://quadrigainitiative.com/cryptocurrencyhackscamfraudwiki/index.php?title=Bitcoins_Reserve_Social_Engineering&oldid=3392"