Bitcoin News and Finance Crypto Users Claim Popular Bitcoin Paper Wallet Generator Is Compromised, Millions Allegedly Stolen Skip to main content

Crypto Users Claim Popular Bitcoin Paper Wallet Generator Is Compromised, Millions Allegedly Stolen

Crypto Users Claim Popular Bitcoin Paper Wallet Generator Is Compromised, Millions Allegedly Stolen

A number of forum posts and tweets say that the website bitcoinpaperwallet.com is compromised and people have said they have lost bitcoin using the paper wallet generator. Three years ago the website domain changed ownership and ever since then losses have been reported on Reddit forums, bitcointalk.org, Twitter, and other public venues. The owner of the paper wallet generating web portal denies the platform’s codebase is compromised and claims it has been audited by a security expert.

Bitcoinpaperwallet.com Wallet Generator Site Accused of Being Compromised and Unsafe

Years ago, a website that was once operated and owned by, Canton Becker, called bitcoinpaperwallet.com was once an extremely popular paper wallet generator. However, when the website was sold in 2018, bitcoinpaperwallet.com’s reviews became very negative. The complaints continue to this day and a month ago on Reddit, a user named u/heroiclife created a thread asking people to help him shut down the website.

“Help me shut down the bitcoinpaperwallet.com scam,” the post explains.

Crypto Users Claim Popular Bitcoin Paper Wallet Generator Is Compromised, Millions Allegedly Stolen

The Reddit user u/heroiclife said he wasn’t personally affected, but he was a crypto wallet recovery service provider that heard about several cases.

“I’ve heard from customers who had their Bitcoin stolen there. It’s dumb to use a paper wallet in 2021, but not everyone knows that,” the individual said. He also asked if bitcoiners could help submit abuse complaints to Enom the domain registrar, report abuse to Linode the web host, and to flag the website on Google Safe Browsing as malicious.

Twitter is also littered with posts that say that bitcoinpaperwallet.com has been compromised. On January 3, 2021, on Bitcoin’s 12th anniversary, Dustin Dettmer said: “Just had a friend lose all his holdings using this website, which appears to be a total scam. How do we get it shut down? We should get the word out about this particular scam bitcoinpaperwallet.com,” Dettmer added.

On December 13, 2019, a Reddit user named u/maff1989 said he lost funds after getting a paper wallet inside a Christmas card.

User Claims His $700,000 in Bitcoin Was Sent to Another Wallet One Minute After Loading the Paper Wallet

A month ago, on the web portal stackexchange.com one user said he leveraged the website bitcoinpaperwallet.com offline and sent 14.5 BTC ($700k+) to the wallet’s public key. A minute later, his 14.5 BTC was sent to another wallet. “Any advice on what I can do?” he asked. “I’ve accepted the loss and the lesson (should have used the offline generator) but want to make sure this doesn’t happen to others.”

Crypto Users Claim Popular Bitcoin Paper Wallet Generator Is Compromised, Millions Allegedly Stolen

After the site was sold in 2018, some Reddit users have accused the current owner of going “rogue.” Others have said that it is obvious that the website is not producing private keys as it should. The Reddit user u/senor_curioso explains it can be tested and said:

“Yes, here is how you can prove that the current site is producing predictable keys.

  • Save the HTML generator to computer
  • Find the long set of “testing keys” represented by eckey_test=[{,,,}]; and replace it with just a single keypair like this:eckey_test=[{pub:”MUtDQ25Td05uQ0I0Y05ZN0hFc0hja1M4Vjk5bUxFNjJKZQ==”,priv:”NUpreTZtM2lZS2FxTm1NZ2NvaEdYb2o0dXVyVTNXaXhiak54R1N4NmNlbmU3S25FWGR6″}];
  • Now load up the generator. It will generate the exact same (predictable) wallet over and over.
  • The server is giving each visitor a different set of “testing keys”. They are not being used as tests. There are being used as seeds for the random number generator, and are obviously being saved on the server so that they can be stolen later.”

Website Owner Claims Paper Wallet Generator’s ‘Servers Are Clean’ and Audited by a Security Expert

A recent report written by the author, Colin Harper, details that the paper wallet generating website is currently maintained by an individual named Sarkis Sarkissian. In the report, Sarkissian is quoted as saying that the owner has “received complaints from users who claim to have lost their bitcoin using our website.”

It seems he was available for commentary concerning the matter at hand. Sarkissian stressed, however, that the complaints were likely “resolved” or the user figured out it was “their own fault.” Harper also asked Sarkissian if he was aware of a “back door” in the bitcoinpaperwallet.com codebase.

“We have searched our source code for the issues present in those documents and we cannot reproduce the same results,” Sarkissian was quoted as saying. “Our servers and source code has been verified clean by [our security expert Jonel Richard]. He is still on retainer and continues to investigate, trying to reproduce the issue found by others,” the website’s current owner insisted.

Creating a paper wallet must be handled with great care and it’s possible that user error was involved with a number of the accusations toward the domain strewn across the web. It is always mentioned in many walkthrough guides, no matter what type of wallet generator leveraged, it should always be done completely offline. A person who attempts to create a cryptocurrency paper wallet online, while being connected to the web, is extremely vulnerable to hacking exploits.

What do you think about the website bitcoinpaperwallet.com accused of being compromised? Let us know what you think about this subject in the comments section below.

Comments

Popular posts from this blog

Custodial Lightning Network Service Attack Discovered by LN ‘Newbie’ — Hacker Strikes 6 LN Custodians

On September 18, a Redditor posted to the r/bitcoin forum and explained how he discovered a way to “attack [the] lightning Network’s custodial services.” The Reddit account dubbed “Reckless Satoshi” wanted to figure out if a “discrepancy between real routing fees and service’s transaction fee can be exploited for a profit.” The researcher disclosed that he wanted to see how large the damage could be and said “it is bad.” 6 Lightning Network Custodial Services Attacked, Researcher Discloses Findings to Offenders Prior to Public Disclosure A Redditor called Reckless Satoshi published a disclosure post on r/bitcoin this past Saturday and disclosed how he had found a vulnerability with routing fees and some of the Lightning Network’s custodial services. The research attack was done in good faith and after it was complete he disclosed the bugs to the offending services before publishing his findings. Reckless Satoshi used the Lightning Network (LN) attack on six different services incl...

Axie Infinity Down 40% Since Last Week’s Price High, Protocol Revenue Outshines Competitors

Last week, the game token leveraged within the Axie Infinity gaming universe skyrocketed to all-time highs, while other crypto markets remained extremely lackluster. During the last seven days, Axie Infinity’s platform token has dropped significantly in value shedding more than 12%. Meanwhile, the game platform’s smooth love potion token has slid over 8% over the last 24 hours. Axie Infinity Down More Than 40% Since All-Time High Not too long ago, the axie infinity (AXS) token was a topical conversation because it reached an all-time high on July 15. At the time, AXS managed to capture $28.93 per unit and since then it has shed 12.8% during the last seven days. The axie infinity (AXS) token is used within the blockchain-based game that involves battles between token-based creatures called “Axies.” AXS is used for the game’s governance system as well as other actions within the game. At the time of writing axie infinity (AXS) is exchanging hands for $16.70 per coin. AXS/USD on Ju...

Play-to-Earn Game From Polker (PKR) Exchange Listing – Endorsed by Akon

The Play-to-Earn NFT based Polker.Game ‘s native token $PKR has been officially listed on the popular centralized exchange BitMart. Polker.game has been in the spotlight recently as Akon, the American R&B superstar and record producer gave his official endorsement of polker stating that the “game is revolutionary” and that Polker is “hands down.. the best play to earn, NFT game in the space.”. With the BitMart listing and celebrity endorsement from Akon, Polker is perfectly positioned to become a major player in the Play-to-Earn league. Watch Akon’s Video Here What is Play-to-Earn? Although not a new concept, play-to-earn has become a trending term due to the popularity of the NFT game AXIE infinity. In the past, previous play-to-earn games have also achieved success – however, thanks to the huge amount of development in the blockchain space in recent years the gaming experience is now massively improved. Play-to-Earn games are essentially free to play and open to anyone and...

China to Crack Down on Copyright Infringement Through NFTs

Authorities in China are going after creators of digital collectibles based on other people’s works of art, the use of which was not authorized. The government offensive is part of a campaign to combat online copyright infringement and piracy with the participation of several departments. Regulators in China Move to Strengthen Copyright Supervision of Online Platforms The National Copyright Administration of China (NCAC) has recently launched a campaign against copyright infringement and piracy on the internet, together with the Ministry of Industry and Information Technology, the Ministry of Public Security, and the State Internet Information Office of the People’s Republic. A major objective of the initiative is to improve copyright supervision of online businesses by investigating cases involving the sale and distribution of infringing products on short video, live broadcast and e-commerce platforms, and promptly dealing with infringing content, the agency announced in a press r...
Blogarama - Blog Directory