Bitcoins Reserve Social Engineering: Difference between revisions

From Quadriga Initiative Cryptocurrency Hacks, Scams, and Frauds Repository
Jump to navigation Jump to search
No edit summary
No edit summary
 
Line 1: Line 1:
{{Imported Case Study 2|source=https://www.quadrigainitiative.com/casestudy/bitcoinsreservesocialengineering.php}}
{{Case Study Under Construction}}{{Unattributed Sources}}
{{Unattributed Sources}}


[[File:Bitcoinsreserve.jpg|thumb|Bitcoins Reserve]]The Bitcoins Reserve email address of Sam Lee was leaked by the US Marshall Service as part of their auction of bitcoin seized from Silk Road. Sam Lee then received and fell for a targeted spear phishing attack, where he entered his password in a fake Google Drive website. The attackers used his email account to request the CTO Jim Chen to transfer them 100 bitcoins and he happily obliged. The money was reimbursed by the platform, so no customers faced losses. It appears that Bitcoins Reserve website has remained online until June 2019.
[[File:Bitcoinsreserve.jpg|thumb|Bitcoins Reserve Logo/Homepage]]The Bitcoins Reserve email address of Sam Lee was leaked by the US Marshall Service as part of their auction of bitcoin seized from Silk Road. Sam Lee then received and fell for a targeted spear phishing attack, where he entered his password in a fake Google Drive website. The attackers used his email account to request the CTO Jim Chen to transfer them 100 bitcoins and he happily obliged. The money was reimbursed by the platform, so no customers faced losses. It appears that Bitcoins Reserve website has remained online until June 2019.


This exchange or platform is based in Australia, or the incident targeted people primarily in Australia.<ref name="coindesk-4032" /><ref name="coindesk-4033" /><ref name="coindesk-4034" /><ref name="blockchaindotcom-4035" /><ref name="crunchbase-4036" /><ref name="bitcoinsreservelinkedin-4037" /><ref name="bitcoinsreservearchive-4038" /><ref name="bitcoinsreservearchive-4039" /><ref name="linkedin-4040" /><ref name="coinmarketcap-623" />
This exchange or platform is based in Australia, or the incident targeted people primarily in Australia.<ref name="coindesk-4033" /><ref name="coindesk-4034" /><ref name="blockchaindotcom-4035" /><ref name="crunchbase-4036" /><ref name="bitcoinsreservelinkedin-4037" /><ref name="bitcoinsreservearchive-4038" /><ref name="bitcoinsreservearchive-4039" /><ref name="linkedin-4040" /><ref name="coinmarketcap-623" />


== About Bitcoins Reserve ==
== About Bitcoins Reserve ==
Line 12: Line 11:


"In addition, we work with a number of retail exchanges and OTC traders to provide procurement services, providing emergency liquidity when a larger than expected buy or sell order is beyond their capacity to service." "Looking to stake a portion of your assets in Cryptocurrencies? Having fostered close relationships with major global and regional exchanges, we’re able to offer wiring services as well facilitate localised on demand Over The Counter buying and selling." "Bitcoins Reserve can help secure your cryptocurrency assets through our cold storage solution."
"In addition, we work with a number of retail exchanges and OTC traders to provide procurement services, providing emergency liquidity when a larger than expected buy or sell order is beyond their capacity to service." "Looking to stake a portion of your assets in Cryptocurrencies? Having fostered close relationships with major global and regional exchanges, we’re able to offer wiring services as well facilitate localised on demand Over The Counter buying and selling." "Bitcoins Reserve can help secure your cryptocurrency assets through our cold storage solution."
== About Silk Road Seizure ==
In 2014, the US government had recently auctioned off bitcoin seized from Silk Road, marking a significant event in the currency's history<ref name="coindesk-4032" />. This action has been seen as a step towards legitimizing bitcoin, as the government's willingness to auction it implies a certain acceptance and acknowledgment of its value<ref name="coindesk-4032" />.


"The US government's recent auction of bitcoin seized from Silk Road was a landmark in bitcoin's story – as many have pointed out, it gives some small sense of legitimacy to the currency in the sense that the government wouldn't auction off seized cocaine, for example. The US government is willing to deal in bitcoin to some extent, a small but important signal."
"The US government's recent auction of bitcoin seized from Silk Road was a landmark in bitcoin's story – as many have pointed out, it gives some small sense of legitimacy to the currency in the sense that the government wouldn't auction off seized cocaine, for example. The US government is willing to deal in bitcoin to some extent, a small but important signal."
Line 19: Line 21:
"The message was not intended for any particular group of people, but for anyone who had emailed a question to the general mailbox to ask about the auction. Only recipient email addresses were disclosed."
"The message was not intended for any particular group of people, but for anyone who had emailed a question to the general mailbox to ask about the auction. Only recipient email addresses were disclosed."


"The upshot of the US government leak is that the people whose emails were leaked were targeted by scammers, one of whom succeeded in dramatic style." "Individuals on the recipients list of the leaked US Marshals Service email to Silk Road auction enquirers are being targeted in a phishing attack, and at least one individual has fallen for the scam."
"The upshot of the US government leak is that the people whose emails were leaked were targeted by scammers, one of whom succeeded in dramatic style."
 
== The Reality ==
The Silk Road auction was marred by a serious blunder: the government accidentally exposed the email addresses of potential participants by not using the BCC field, leading to a leak of their identities<ref name="coindesk-4032" />. This mistake resulted in those affected being targeted by scammers<ref name="coindesk-4032" />. This mistake is not uncommon, as it's happened before in 2012 with Amir Taaki<ref name="coindesk-4032" />.


== What Happened ==
"Sam Lee of of bitcoin fund Bitcoins Reserve received an email claiming to be from a media company. The attached document was supposedly a list of interview questions but actually linked to a website prompting Lee to enter his password. When he did, the attacker took over his email and sent a message to the CTO, requesting a transfer of 100 bitcoin."
"Sam Lee of of bitcoin fund Bitcoins Reserve received an email claiming to be from a media company. The attached document was supposedly a list of interview questions but actually linked to a website prompting Lee to enter his password. When he did, the attacker took over his email and sent a message to the CTO, requesting a transfer of 100 bitcoin."
{| class="wikitable"
|+Key Event Timeline - Bitcoins Reserve Social Engineering
!Date
!Event
!Description
|-
|June 18th, 2014 12:15:00 PM MDT
|Leak Reported On CoinDesk
|CoinDesk reports on the leak of email addresses bidding on the Silk Road bitcoin<ref name="coindesk-4033" />.
|-
|June 21st, 2014
|Linda Jackson Email
|Sam Lee receives an email which appears to be from Linda Jackson from BitFilm Production. The email sender falsely claimed that BitFilm was preparing a series of interviews about the Silk Road auction for their client.
|-
|June 25th, 2014 6:45:02 AM MDT
|Phishing Attack Succeeds
|Sending an email from Sam Lee's account, the attacker successfully convinces the CTO Jim Chen to send 100 bitcoin to an external bitcoin wallet address that they own<ref name=":0">[https://www.blockchain.com/explorer/transactions/btc/911173b2e8f74cc030baf2b0c1a6fc19120a3f484fabb794cb6bcec1f18aa7f9 Blockchain Transaction Sending 100 Bitcoin - Blockchain.com] (Accessed Jul 17, 2024)</ref>.
|-
|July 20th, 2014 4:20:00 AM MDT
|CoinDesk Article Screwups
|CoinDesk publishes an article on the 9 biggest screw-ups of bitcoin's history. The issue comes in as #4 on the list.
|}


"The funds were sent by the firm's chief technology officer, Jim Chen, after he received what seemed like an email request to do so from Lee. In fact, the funds ended up being sent outside the company to the attacker's wallet. The transaction can be seen here, according to Lee."
== Technical Details ==
 
"Lee received an email on 21st June from a certain 'Linda Jackson' claiming to represent BitFilm Production, a genuine company based in Germany. Jackson falsely claimed that the firm was assembling a series of interviews about the impending auction for a client."
"Lee received an email on 21st June from a certain 'Linda Jackson' claiming to represent BitFilm Production, a genuine company based in Germany. Jackson falsely claimed that the firm was assembling a series of interviews about the impending auction for a client."


Line 33: Line 60:
"The scammers finally sent an email, purporting to be from Lee, to various employees requesting funds be sent to an external bitcoin wallet address, and the CTO unsuspectingly complied."
"The scammers finally sent an email, purporting to be from Lee, to various employees requesting funds be sent to an external bitcoin wallet address, and the CTO unsuspectingly complied."


"As this attack vector was only successful due to an oversight in operations, the founders of Bitcoins Reserve will compensate the company by injecting an additional 100 Bitcoins to ensure we're still effectively performing arbitrage for our investors."
"The funds were sent by the firm's chief technology officer, Jim Chen, after he received what seemed like an email request to do so from Lee. In fact, the funds ended up being sent outside the company to the attacker's wallet. The transaction can be seen here, according to Lee."


This exchange or platform is based in Australia, or the incident targeted people primarily in Australia.
Bitcoin Send Transaction:<ref name=":0" />


The background of the exchange platform, service, or individuals involved, as it would have been seen or understood at the time of the events.
== Total Amount Lost ==
There were 100 bitcoin sent as a result of the successful attack<ref name="coindesk-4032" />.


Include:
The total amount lost has been estimated at $63,000 USD.


* Known history of when and how the service was started.
== Immediate Reactions ==
* What problems does the company or service claim to solve?
"Individuals on the recipients list of the leaked US Marshals Service email to Silk Road auction enquirers are being targeted in a phishing attack, and at least one individual has fallen for the scam."
* What marketing materials were used by the firm or business?
* Audits performed, and excerpts that may have been included.
* Business registration documents shown (fake or legitimate).
* How were people recruited to participate?
* Public warnings and announcements prior to the event.


Don't Include:
== Ultimate Outcome ==
* Any wording which directly states or implies that the business is/was illegitimate, or that a vulnerability existed.
Lynzey Donahue, a US Marshals spokeswoman, later contact CoinDesk to clarify that the emailer had intended to send all recipients the information via blind carbon copy<ref name="coindesk-4033" />.<blockquote>"The message was not intended for any particular group of people, but for anyone who had emailed a question to the general mailbox to ask about the auction. Only recipient email addresses were disclosed."
* Anything that wasn't reasonably knowable at the time of the event.
There could be more than one section here. If the same platform is involved with multiple incidents, then it can be linked to a main article page.


== The Reality ==
"The USMS apologizes for this mistake which was in no way intentional".</blockquote>
This sections is included if a case involved deception or information that was unknown at the time. Examples include:


* When the service was actually started (if different than the "official story").
* Who actually ran a service and their own personal history.
* How the service was structured behind the scenes. (For example, there was no "trading bot".)
* Details of what audits reported and how vulnerabilities were missed during auditing.


== What Happened ==
"As this attack vector was only successful due to an oversight in operations, the founders of Bitcoins Reserve will compensate the company by injecting an additional 100 Bitcoins to ensure we're still effectively performing arbitrage for our investors."
The specific events of the loss and how it came about. What actually happened to cause the loss and some of the events leading up to it.
{| class="wikitable"
|+Key Event Timeline - Bitcoins Reserve Social Engineering
!Date
!Event
!Description
|-
|July 4th, 2014
|Main Event
|Expand this into a brief description of what happened and the impact. If multiple lines are necessary, add them here.
|-
|
|
|
|}
 
== Total Amount Lost ==
The total amount lost has been estimated at $63,000 USD.
 
How much was lost and how was it calculated? If there are conflicting reports, which are accurate and where does the discrepancy lie?
 
== Immediate Reactions ==
How did the various parties involved (firm, platform, management, and/or affected individual(s)) deal with the events? Were services shut down? Were announcements made? Were groups formed?
 
== Ultimate Outcome ==
What was the end result? Was any investigation done? Were any individuals prosecuted? Was there a lawsuit? Was any tracing done?


== Total Amount Recovered ==
== Total Amount Recovered ==
There do not appear to have been any funds recovered in this case.
There do not appear to have been any funds recovered in this case.


What funds were recovered? What funds were reimbursed for those affected users?
"As this attack vector was only successful due to an oversight in operations, the founders of Bitcoins Reserve will compensate the company by injecting an additional 100 Bitcoins to ensure we're still effectively performing arbitrage for our investors."


== Ongoing Developments ==
== Ongoing Developments ==
What parts of this case are still remaining to be concluded?
There is no indication of further developments.
== General Prevention Policies ==
Better training for platform operators would avoid falling for schemes like this. Storing funds in a multi-sig wallet where they must be approved by multiple team members increases the scrutiny on transactions.
== Individual Prevention Policies ==
== Individual Prevention Policies ==
{{Prevention:Individuals:Placeholder}}
{{Prevention:Individuals:No Individual Funds Lost}}


{{Prevention:Individuals:End}}
{{Prevention:Individuals:End}}


== Platform Prevention Policies ==
== Platform Prevention Policies ==
{{Prevention:Platforms:Placeholder}}
Better training for platform operators would avoid falling for schemes like this. Storing funds in a multi-sig wallet where they must be approved by multiple team members increases the scrutiny on transactions.
 
{{Prevention:Platforms:Implement Multi-Signature}}
 
{{Prevention:Platforms:Regular Audit Procedures}}


{{Prevention:Platforms:End}}
{{Prevention:Platforms:End}}


== Regulatory Prevention Policies ==
== Regulatory Prevention Policies ==
{{Prevention:Regulators:Placeholder}}
{{Prevention:Regulators:Platform Security Assessments}}


{{Prevention:Regulators:End}}
{{Prevention:Regulators:End}}


== References ==
== References ==
<references><ref name="coindesk-4032">[https://www.coindesk.com/markets/2014/07/20/the-9-biggest-screwups-in-bitcoin-history/ The 9 Biggest Screwups in Bitcoin History] (Oct 2, 2021)</ref>
<references>
 
<ref name="coindesk-4032">[https://www.coindesk.com/markets/2014/07/20/the-9-biggest-screwups-in-bitcoin-history/ The 9 Biggest Screwups in Bitcoin History - CoinDesk] (Accessed Oct 2, 2021)</ref>
<ref name="coindesk-4033">[https://www.coindesk.com/markets/2014/06/18/confirmed-list-of-possible-silk-road-bitcoin-bidders-leaked-by-us-marshals/ List of Possible Silk Road Bitcoin Bidders Leaked by US Marshals] (Oct 2, 2021)</ref>
<ref name="coindesk-4033">[https://www.coindesk.com/markets/2014/06/18/confirmed-list-of-possible-silk-road-bitcoin-bidders-leaked-by-us-marshals/ List of Possible Silk Road Bitcoin Bidders Leaked by US Marshals - CoinDesk] (Accessed Oct 2, 2021)</ref>
 
<ref name="coindesk-4034">[https://www.coindesk.com/business/2014/07/04/phishing-scam-targets-us-marshals-service-bitcoin-auction-list/ Phishing Scam Targets US Marshals Service Bitcoin Auction List] (Oct 2, 2021)</ref>
<ref name="coindesk-4034">[https://www.coindesk.com/business/2014/07/04/phishing-scam-targets-us-marshals-service-bitcoin-auction-list/ Phishing Scam Targets US Marshals Service Bitcoin Auction List] (Oct 2, 2021)</ref>
<ref name="blockchaindotcom-4035">[https://www.blockchain.com/btc/address/1NvuJ3BsASceNXWbe921VpExg6sdk9a1tM Address: 1NvuJ3BsASceNXWbe921VpExg6sdk9a1tM | Blockchain Explorer] (Oct 2, 2021)</ref>
<ref name="blockchaindotcom-4035">[https://www.blockchain.com/btc/address/1NvuJ3BsASceNXWbe921VpExg6sdk9a1tM Address: 1NvuJ3BsASceNXWbe921VpExg6sdk9a1tM | Blockchain Explorer] (Oct 2, 2021)</ref>
 
<ref name="crunchbase-4036">https://www.crunchbase.com/person/sam-lee-7 (Nov 13, 2021)</ref>
<ref name="crunchbase-4036">[https://www.crunchbase.com/person/sam-lee-7 https://www.crunchbase.com/person/sam-lee-7] (Nov 13, 2021)</ref>
<ref name="bitcoinsreservelinkedin-4037">https://au.linkedin.com/company/bitcoins-reserve (Nov 13, 2021)</ref>
 
<ref name="bitcoinsreservelinkedin-4037">[https://au.linkedin.com/company/bitcoins-reserve https://au.linkedin.com/company/bitcoins-reserve] (Nov 13, 2021)</ref>
 
<ref name="bitcoinsreservearchive-4038">[https://web.archive.org/web/20150214144819/http://www.bitcoinsreserve.com/ Bitcoins Reserve | Your cryptocurrency investment concierge] (Nov 13, 2021)</ref>
<ref name="bitcoinsreservearchive-4038">[https://web.archive.org/web/20150214144819/http://www.bitcoinsreserve.com/ Bitcoins Reserve | Your cryptocurrency investment concierge] (Nov 13, 2021)</ref>
<ref name="bitcoinsreservearchive-4039">[https://web.archive.org/web/20150513021827/http://www.bitcoinsreserve.com/ Bitcoins Reserve | Your cryptocurrency investment concierge] (Nov 13, 2021)</ref>
<ref name="bitcoinsreservearchive-4039">[https://web.archive.org/web/20150513021827/http://www.bitcoinsreserve.com/ Bitcoins Reserve | Your cryptocurrency investment concierge] (Nov 13, 2021)</ref>
 
<ref name="linkedin-4040">https://www.linkedin.com/in/yang-he-7a5612a3 (Nov 13, 2021)</ref>
<ref name="linkedin-4040">[https://www.linkedin.com/in/yang-he-7a5612a3 https://www.linkedin.com/in/yang-he-7a5612a3] (Nov 13, 2021)</ref>
<ref name="coinmarketcap-623">[https://coinmarketcap.com/currencies/bitcoin/historical-data/ Bitcoin price today, BTC live marketcap, chart, and info | CoinMarketCap] (May 16, 2021)</ref>
 
</references>
<ref name="coinmarketcap-623">[https://coinmarketcap.com/currencies/bitcoin/historical-data/ Bitcoin price today, BTC live marketcap, chart, and info | CoinMarketCap] (May 16, 2021)</ref></references>

Latest revision as of 15:42, 13 September 2024

Notice: This page is a new case study and some aspects have not been fully researched. Some sections may be incomplete or reflect inaccuracies present in initial sources. Please check the References at the bottom for further information and perform your own additional assessment. Please feel free to contribute by adding any missing information or sources you come across. If you are new here, please read General Tutorial on Wikis or Anatomy of a Case Study for help getting started.

Notice: This page contains sources which are not attributed to any text. The unattributed sources follow the initial description. Please assist by visiting each source, reviewing the content, and placing that reference next to any text it can be used to support. Feel free to add any information that you come across which isn't present already. Sources which don't contain any relevant information can be removed. Broken links can be replaced with versions from the Internet Archive. See General Tutorial on Wikis, Anatomy of a Case Study, and/or Citing Your Sources Guide for additional information. Thanks for your help!

Bitcoins Reserve Logo/Homepage

The Bitcoins Reserve email address of Sam Lee was leaked by the US Marshall Service as part of their auction of bitcoin seized from Silk Road. Sam Lee then received and fell for a targeted spear phishing attack, where he entered his password in a fake Google Drive website. The attackers used his email account to request the CTO Jim Chen to transfer them 100 bitcoins and he happily obliged. The money was reimbursed by the platform, so no customers faced losses. It appears that Bitcoins Reserve website has remained online until June 2019.

This exchange or platform is based in Australia, or the incident targeted people primarily in Australia.[1][2][3][4][5][6][7][8][9]

About Bitcoins Reserve

"Bitcoins Reserve has serviced hundreds of customers since starting operations in June 2013, first to market in Cryptocurrency Arbitrage and large volume Procurement, we work to offer our investors a diversified approach to generate returns in both Fiat and Cryptocurrency." "Offering the worlds first cryptocurrency arbitrage fund, Bitcoins Reserve has since June 2013 consistently generated double digit monthly returns for investors. Since the fund started 9 months ago, our automated trading engine has generated a return of over 205.8%." "Our team constantly seeks and executes opportunities and manage their associated risks. With a strong understanding on what is becoming the greatest financial revolution in the 21st century, we have helped both skeptics and believers realise incredible returns in the Cryptocurrency space."

"Based out of Level 11, 470 Collins Street, Melbourne, Australia, Bitcoins Reserve runs a number of initiatives educational initiatives such as Bitcoins 101 and the Arbitrage Acadamy. We take pride to provide the general public with the information necessary for them to make an informed decision when investing into cryptocurrency, one such investment vehicle is our Arbitrage fund, which performs automated simultaneous trades across multiple exchanges with price differentials, to correct market inefficiencies and bring liquidity, all in the while netting profitable trades."

"In addition, we work with a number of retail exchanges and OTC traders to provide procurement services, providing emergency liquidity when a larger than expected buy or sell order is beyond their capacity to service." "Looking to stake a portion of your assets in Cryptocurrencies? Having fostered close relationships with major global and regional exchanges, we’re able to offer wiring services as well facilitate localised on demand Over The Counter buying and selling." "Bitcoins Reserve can help secure your cryptocurrency assets through our cold storage solution."

About Silk Road Seizure

In 2014, the US government had recently auctioned off bitcoin seized from Silk Road, marking a significant event in the currency's history[10]. This action has been seen as a step towards legitimizing bitcoin, as the government's willingness to auction it implies a certain acceptance and acknowledgment of its value[10].

"The US government's recent auction of bitcoin seized from Silk Road was a landmark in bitcoin's story – as many have pointed out, it gives some small sense of legitimacy to the currency in the sense that the government wouldn't auction off seized cocaine, for example. The US government is willing to deal in bitcoin to some extent, a small but important signal."

"But it was also accompanied by its fair share of farce. Before the auction the government accidentally emailed the potential participants but forgot to bcc them, so everyone who received the email could see who else had been emailed, meaning their names were eventually leaked."

"The message was not intended for any particular group of people, but for anyone who had emailed a question to the general mailbox to ask about the auction. Only recipient email addresses were disclosed."

"The upshot of the US government leak is that the people whose emails were leaked were targeted by scammers, one of whom succeeded in dramatic style."

The Reality

The Silk Road auction was marred by a serious blunder: the government accidentally exposed the email addresses of potential participants by not using the BCC field, leading to a leak of their identities[10]. This mistake resulted in those affected being targeted by scammers[10]. This mistake is not uncommon, as it's happened before in 2012 with Amir Taaki[10].

What Happened

"Sam Lee of of bitcoin fund Bitcoins Reserve received an email claiming to be from a media company. The attached document was supposedly a list of interview questions but actually linked to a website prompting Lee to enter his password. When he did, the attacker took over his email and sent a message to the CTO, requesting a transfer of 100 bitcoin."

Key Event Timeline - Bitcoins Reserve Social Engineering
Date Event Description
June 18th, 2014 12:15:00 PM MDT Leak Reported On CoinDesk CoinDesk reports on the leak of email addresses bidding on the Silk Road bitcoin[1].
June 21st, 2014 Linda Jackson Email Sam Lee receives an email which appears to be from Linda Jackson from BitFilm Production. The email sender falsely claimed that BitFilm was preparing a series of interviews about the Silk Road auction for their client.
June 25th, 2014 6:45:02 AM MDT Phishing Attack Succeeds Sending an email from Sam Lee's account, the attacker successfully convinces the CTO Jim Chen to send 100 bitcoin to an external bitcoin wallet address that they own[11].
July 20th, 2014 4:20:00 AM MDT CoinDesk Article Screwups CoinDesk publishes an article on the 9 biggest screw-ups of bitcoin's history. The issue comes in as #4 on the list.

Technical Details

"Lee received an email on 21st June from a certain 'Linda Jackson' claiming to represent BitFilm Production, a genuine company based in Germany. Jackson falsely claimed that the firm was assembling a series of interviews about the impending auction for a client."

"Jackson then sent Lee a second email containing a link that directed to a file containing the questions for the interviews. This appeared to be a Google Drive document, but was actually a website controlled by the attacker."

"The faked page then requested Lee's email password to gain access to the document, and consequently, when the password was entered, the attacker gained access to Lee's email accounts."

"The scammers finally sent an email, purporting to be from Lee, to various employees requesting funds be sent to an external bitcoin wallet address, and the CTO unsuspectingly complied."

"The funds were sent by the firm's chief technology officer, Jim Chen, after he received what seemed like an email request to do so from Lee. In fact, the funds ended up being sent outside the company to the attacker's wallet. The transaction can be seen here, according to Lee."

Bitcoin Send Transaction:[11]

Total Amount Lost

There were 100 bitcoin sent as a result of the successful attack[10].

The total amount lost has been estimated at $63,000 USD.

Immediate Reactions

"Individuals on the recipients list of the leaked US Marshals Service email to Silk Road auction enquirers are being targeted in a phishing attack, and at least one individual has fallen for the scam."

Ultimate Outcome

Lynzey Donahue, a US Marshals spokeswoman, later contact CoinDesk to clarify that the emailer had intended to send all recipients the information via blind carbon copy[1].

"The message was not intended for any particular group of people, but for anyone who had emailed a question to the general mailbox to ask about the auction. Only recipient email addresses were disclosed." "The USMS apologizes for this mistake which was in no way intentional".


"As this attack vector was only successful due to an oversight in operations, the founders of Bitcoins Reserve will compensate the company by injecting an additional 100 Bitcoins to ensure we're still effectively performing arbitrage for our investors."

Total Amount Recovered

There do not appear to have been any funds recovered in this case.

"As this attack vector was only successful due to an oversight in operations, the founders of Bitcoins Reserve will compensate the company by injecting an additional 100 Bitcoins to ensure we're still effectively performing arbitrage for our investors."

Ongoing Developments

There is no indication of further developments.

Individual Prevention Policies

This case does not appear to have resulted in a loss to any individual.

For the full list of how to protect your funds as an individual, check our Prevention Policies for Individuals guide.

Platform Prevention Policies

Better training for platform operators would avoid falling for schemes like this. Storing funds in a multi-sig wallet where they must be approved by multiple team members increases the scrutiny on transactions.

All wallets, minting functions, and critical infrastructure should be implemented with a multi-signature requirement, with a recommended minimum of 3 signatures required. This means that making important changes or approving spending will require the keys held by at least 3 separate individuals within the organization to approve. The multi-signature should be implemented at the lowest layer possible, all key holders should have security training, and all key holders should be empowered and encouraged to exercise diligence.

All aspects of any platform should undergo a regular validation/inspection by experts. This validation should include a security audit of any smart contracts, reporting any risks to the backing (of any customer assets, ensuring treasuries or minting functions are properly secured under the control of a multi-signature wallet, and finding any inadequacies in the level of training or integrity of the team. The recommended interval is twice prior to launch or significant system upgrade, once after 3 months, and every 6 months thereafter. It is recommended that the third party performing the inspection not be repeated within a 14 month period.

For the full list of how to protect your funds as a financial service, check our Prevention Policies for Platforms guide.

Regulatory Prevention Policies

All platforms should undergo published security and risk assessments by independent third parties. Two assessments are required at founding or major upgrade, one after 3 months, and one every 6 months thereafter. The third parties must not repeat within the past 14 months. A risk assessment needs to include what assets back customer deposits and the risk of default from any third parties being lent to. The security assessment must include ensuring a proper multi-signature wallet, and that all signatories are properly trained. Assessments must be performed on social media, databases, and DNS security.

For the full list of regulatory policies that can prevent loss, check our Prevention Policies for Regulators guide.

References

  1. 1.0 1.1 1.2 List of Possible Silk Road Bitcoin Bidders Leaked by US Marshals - CoinDesk (Accessed Oct 2, 2021)
  2. Phishing Scam Targets US Marshals Service Bitcoin Auction List (Oct 2, 2021)
  3. Address: 1NvuJ3BsASceNXWbe921VpExg6sdk9a1tM | Blockchain Explorer (Oct 2, 2021)
  4. https://www.crunchbase.com/person/sam-lee-7 (Nov 13, 2021)
  5. https://au.linkedin.com/company/bitcoins-reserve (Nov 13, 2021)
  6. Bitcoins Reserve | Your cryptocurrency investment concierge (Nov 13, 2021)
  7. Bitcoins Reserve | Your cryptocurrency investment concierge (Nov 13, 2021)
  8. https://www.linkedin.com/in/yang-he-7a5612a3 (Nov 13, 2021)
  9. Bitcoin price today, BTC live marketcap, chart, and info | CoinMarketCap (May 16, 2021)
  10. 10.0 10.1 10.2 10.3 10.4 10.5 The 9 Biggest Screwups in Bitcoin History - CoinDesk (Accessed Oct 2, 2021)
  11. 11.0 11.1 Blockchain Transaction Sending 100 Bitcoin - Blockchain.com (Accessed Jul 17, 2024)
Retrieved from "https://quadrigainitiative.com/cryptocurrencyhackscamfraudwiki/index.php?title=Bitcoins_Reserve_Social_Engineering&oldid=5936"