Latest news about Bitcoin and all cryptocurrencies. Your daily crypto news habit.
A number of forum posts and tweets say that the website bitcoinpaperwallet.com is compromised and people have said they have lost bitcoin using the paper wallet generator. Three years ago the website domain changed ownership and ever since then losses have been reported on Reddit forums, bitcointalk.org, Twitter, and other public venues. The owner of the paper wallet generating web portal denies the platformâs codebase is compromised and claims it has been audited by a security expert.
Bitcoinpaperwallet.com Wallet Generator Site Accused of Being Compromised and Unsafe
Years ago, a website that was once operated and owned by, Canton Becker, called bitcoinpaperwallet.com was once an extremely popular paper wallet generator. However, when the website was sold in 2018, bitcoinpaperwallet.comâs reviews became very negative. The complaints continue to this day and a month ago on Reddit, a user named u/heroiclife created a thread asking people to help him shut down the website.
âHelp me shut down the bitcoinpaperwallet.com scam,â the post explains.
The Reddit user u/heroiclife said he wasnât personally affected, but he was a crypto wallet recovery service provider that heard about several cases.
âIâve heard from customers who had their Bitcoin stolen there. Itâs dumb to use a paper wallet in 2021, but not everyone knows that,â the individual said. He also asked if bitcoiners could help submit abuse complaints to Enom the domain registrar, report abuse to Linode the web host, and to flag the website on Google Safe Browsing as malicious.
Twitter is also littered with posts that say that bitcoinpaperwallet.com has been compromised. On January 3, 2021, on Bitcoinâs 12th anniversary, Dustin Dettmer said: âJust had a friend lose all his holdings using this website, which appears to be a total scam. How do we get it shut down? We should get the word out about this particular scam bitcoinpaperwallet.com,â Dettmer added.
On December 13, 2019, a Reddit user named u/maff1989 said he lost funds after getting a paper wallet inside a Christmas card.
User Claims His $700,000 in Bitcoin Was Sent to Another Wallet One Minute After Loading the Paper Wallet
A month ago, on the web portal stackexchange.com one user said he leveraged the website bitcoinpaperwallet.com offline and sent 14.5 BTC ($700k+) to the walletâs public key. A minute later, his 14.5 BTC was sent to another wallet. âAny advice on what I can do?â he asked. âIâve accepted the loss and the lesson (should have used the offline generator) but want to make sure this doesnât happen to others.â
After the site was sold in 2018, some Reddit users have accused the current owner of going ârogue.â Others have said that it is obvious that the website is not producing private keys as it should. The Reddit user u/senor_curioso explains it can be tested and said:
âYes, here is how you can prove that the current site is producing predictable keys.
- Save the HTML generator to computer
- Find the long set of âtesting keysâ represented by eckey_test=[{,,,}]; and replace it with just a single keypair like this:eckey_test=[{pub:âMUtDQ25Td05uQ0I0Y05ZN0hFc0hja1M4Vjk5bUxFNjJKZQ==â,priv:âNUpreTZtM2lZS2FxTm1NZ2NvaEdYb2o0dXVyVTNXaXhiak54R1N4NmNlbmU3S25FWGR6âł}];
- Now load up the generator. It will generate the exact same (predictable) wallet over and over.
- The server is giving each visitor a different set of âtesting keysâ. They are not being used as tests. There are being used as seeds for the random number generator, and are obviously being saved on the server so that they can be stolen later.â
Website Owner Claims Paper Wallet Generatorâs âServers Are Cleanâ and Audited by a Security Expert
A recent report written by the author, Colin Harper, details that the paper wallet generating website is currently maintained by an individual named Sarkis Sarkissian. In the report, Sarkissian is quoted as saying that the owner has âreceived complaints from users who claim to have lost their bitcoin using our website.â
It seems he was available for commentary concerning the matter at hand. Sarkissian stressed, however, that the complaints were likely âresolvedâ or the user figured out it was âtheir own fault.â Harper also asked Sarkissian if he was aware of a âback doorâ in the bitcoinpaperwallet.com codebase.
âWe have searched our source code for the issues present in those documents and we cannot reproduce the same results,â Sarkissian was quoted as saying. âOur servers and source code has been verified clean by [our security expert Jonel Richard]. He is still on retainer and continues to investigate, trying to reproduce the issue found by others,â the websiteâs current owner insisted.
Creating a paper wallet must be handled with great care and itâs possible that user error was involved with a number of the accusations toward the domain strewn across the web. It is always mentioned in many walkthrough guides, no matter what type of wallet generator leveraged, it should always be done completely offline. A person who attempts to create a cryptocurrency paper wallet online, while being connected to the web, is extremely vulnerable to hacking exploits.
What do you think about the website bitcoinpaperwallet.com accused of being compromised? Let us know what you think about this subject in the comments section below.
Disclaimer
The views and opinions expressed in this article are solely those of the authors and do not reflect the views of Bitcoin Insider. Every investment and trading move involves risk - this is especially true for cryptocurrencies given their volatility. We strongly advise our readers to conduct their own research when making a decision.