The Privnote encrypted messaging site cloned to steal Bitcoin

1390225471_KREBS-1024x606 Encrypted messaging site Privnote cloned to steal BitcoinPrivnote, a free web service that allows users to send encrypted messages that self-destruct once read, has been cloned with the clear goal of redirecting the bitcoins of users who have fallen into the scam to criminals.

Finally revealed the scam behind the clone site of Privenote

In a Sunday post on the IT security page KrebsonSecurity, journalist Brian Krebs warned users of a phishing scam implemented thanks to an almost identical version of the privnote.com website called privnotes.com.

However, Krebs has discovered thanks to some tests that the fake site does not fully encrypt the messages and can "read and / or modify all the messages sent by the users". Moreover, the site contains a script that identifies messages containing bitcoin addresses and exchanges the recipient's address with that of the scammer.

"All messages containing bitcoin addresses will be automatically changed to include a different bitcoin address, as long as the sender and recipient of the message are not the same," Krebs said in the post.

"Until recently, I couldn't understand what Privnotes was doing, but today it's all become clear," he said. Krebs said he was informed by privnote.com owners that someone had created a clone version of their site and that he was deceiving users of the legitimate site.

"It is not difficult to understand why: Privnotes.com is confusingly similar in name and appearance to reality, and comes second in Google's search results for the term" privnote ".

Also, anyone who incorrectly types "privnote" into Google search can see a misleading paid ad for "Privnote" at the top of the results that actually leads to privnotes.com, "Krebs wrote.

The self-destructive nature of these messages means that the victims are unable to go back and check the bitcoin addresses that the script alters: they are sent, read and eliminated, which simplifies the scam.

A non-isolated case of scam against cryptocurrency holders

Bitcoin fraud - here the quotation in real time - have increased in recent months when cybercriminals have taken advantage of concerns related to the coronavirus pandemic.

UK residents were warned in late March that scams were being used to exploit fear and uncertainty through text messages and emails that looked like they were coming from an official health organization.

"Even if you don't use or plan to never use Privnote.com's legal encrypted message service, this scam is a great reminder of why it's important to pay special attention to using search engines to find sites you expect to entrust sensitive data, ”said Krebs.

And have you ever used this messaging service to encrypt your conversations? Let us know in the comments below what your preferences are and which apps you prefer to use. Privacy is very important, unfortunately the internet is still not a very safe place.