Author: Yaroslav0212 | Views: 1030

Phishing attack On hitbtc cryptocurrency exchange

The more people enter the cryptocurrency sphere, the more dynamic it develops and the more capital it attracts, the more scammers who steal from newcomers with the help of old tricks and come up with new tricks for experienced cryptocurrency.


We have discovered a fraudulent scheme against users of the cryptocurrency exchange HitBTC, but this scheme is applicable to any exchange and in General to any site, so be sure to read this technique to protect your funds from theft.

Phishing attack on cryptocurrency exchange HitBTC

So, today we will talk about phishing attacks. This information will be useful for everyone, but today it is especially relevant for those who have invested in the Domraider ICO, tokens of which came to HitBTC and EtherDelta exchanges on October 18.

If you follow the links, everything looks fine. Now let’s try to find this exchange in Yandex. Please note that Google is different. We’ll go this way with fictitious data.


Go to the top link and get to the site. At first glance, everything is good, we see traded pairs, everything works. We log in to the site, and then throws us on a separate page authorization.

Authorization HitBTC

Now please note – when we hammered the email address and password on the first page, she had another url instead, and stood like the letter – Reyes, and revenuew That is, the address was externally very similar, but in fact it is generally a different website.

  • Let’s go again, what just happened
  • Yandex configured is on the website, which looks one to one as real, but it’s not.
  • We leave on it our access to the exchange-login and password.
  • After we have transferred access to the account on the stock exchange, we throw already on the page of this site.
  • Scammers have already received everything they wanted.

At the same time, no letter comes to the post office. The user can re-enter the data and login to this site, but its data is already in the hands of fraudsters. Now it will not be difficult for them to log in to your account and transfer all funds from your account to yours. The scheme is simple, but popular and works smoothly – all means merge in a few minutes.

How to defend against phishing attacks

Phishing attacks are carried out not only through Yandex.Direct. You may receive an email or even SMS with a link. Here are some tips on how not to get caught on this Scam scheme.

  1. Know and check the website address. The address may be different one letter, zero instead of o, hyphen, etc. – these are not real sites.
  2. To avoid the sponsored links in the search and move only for organic results of issuance.
  3. After registration, immediately add the site to bookmarks.

We hope this information was useful for you. We remind you that the most reliable way to store cryptocurrency is cold storage.