MyEtherWallet Private Key Hack Through Phishing Web Pages and FaceBook Groups

There are so many KBC coin holders who have lost their coins because of having their MyEtherWallet private keys hacked and stolen.

When someone has your MyEtherWallet private key, they can login to your wallet and transfer everything to another wallet. And, this is a big disaster for the KaratBars members who have bought hundreds of thousands of KBC coins and have been eagerly waiting for their coins’ value to go up. Now they have nothing in their MyEtherWallet wallets.

If you don’t know how phishing sites can steal your personal data, just spend a few minutes and read the below article. You will learn a lot.

In this article, I am reporting one of the phishing sites that is trying to steal people’s KaratGold.io login, and then their MyEtherWallet private key. After that, I give you some important tips and advice to teach you how to recover your stolen KBC tokens if you are one of the victims of this organized crime.

Please make sure to read this article entirely, and also watch this video:

FaceBook Phishing Groups to Steal Your MyEtherWallet Private Key and Hack Your MyEtherWallet Account:

I was trying to find KaratBars related FaceBook groups that I stumbled upon a group called “KaratBars International Gift KBC” that currently has 153 followers. So, it is not a popular group, although it was created on November 14, 2018:

FaceBook Phishing Group

What is interesting about this FaceBook group is that once you join the group, they publish a post and attach your FaceBook account to it, so that you receive a notification from FaceBook indicating that you are mentioned in a post by the “KaratBars International Gift KBC” group. Here is the post they published for me but then they removed it as they found out I was investing on them because I warned against them on some other KaratBars other related FaceBook groups:

Phishing FaceBook Posts

There is no problem so far. The problem is when you refer to the post to find out what it is about, you will see that you are going to receive a 35% bonus from KaratBars and MyEtherWallet, if you are among the first 200 affiliates who claim their bonus. According to the post, this 35% bonus equals 200,000 KBC coins:

🔥 Karatbars Incentive 2019 – Claim your 35% affiliate bonus. (KBC) 🔥

Dear Karatbars affiliates,
Immediately claim your 35% affiliate bonus.
We are pleased to announce that Karatbars and MyEtherWallet have worked together to provide 200000 KBC Bonuses for 200 active users who are currently lucky.
You are one of the lucky users to get Bonuses 35% – 200000 KBC.
Take your bonus immediately.

Claim your bonus here : https://ico.karatgold.io.karatbars-affiliate-event.com/?karatbars_event_affiliate

1. Login to the Dashboard.
2. Login your MyEtherWallet using a Private Key or Mnemonic Phrase.
3. Wait to Get Tokens.
Now all you have to do is wait until we release your tokens automatically into your wallet.

🌐 www.karatbars.com
🌐 www.myetherwallet.com

Best Regards,
Karatgold Management
Harald Seiz
CEO​​​​ of Karatgold

First of all, there is no such a relationship between KaratBars and MyEtherWallet. MyEtherWallet is just a facilitator that connects you to the Ethereum Blockchain. They charge you some Ethereum to handle your transactions. They are not like a bank that has a treasury to hold the funds, gold or coins. It is just a virtual service. Why should they give 200,000 KBC coins to 200 KaratBars active affiliates?

That was the first question that a wise and smart internet user has to ask when they see such a message or post.

But, that is not the phishing part yet. You will lose your coins if you click on the link they have inserted in the post to login to your KaratGold.io and then your MyEtherWallet account.

The link is where the trick is. Scammers and fraudsters always build phishing web pages to collect people’s online banking usernames and passwords, credit or bank card info, PayPal login etc., to rob their money. It is not something new. Only those who are new and inexperienced in using the Internet can be deceived by the phishing web pages.

If you have looked at the link they have inserted in the above message, you will see that it includes the words karatbars and ico.karatgold.io:

https://ico.karatgold.io.karatbars-affiliate-event.com/?karatbars_event_affiliate

You always see these words on the web browser’s address bar when you want to login to your KaratBars.com or KaratGold.io accounts. So, your eyes are used to seeing them in the address bar. Therefore, when you see that a link includes these words, you instinctively think that it is the real address, and so you click on it without getting suspected that it may not be exactly the same site.

The link that scammers have inserted in their FaceBook group’s post includes the words karatbars and ico.karatgold.io, but these words are in the sub-domain part of the link, and the main domain is karatbars-affiliate-event.com that has nothing to do with Karatbars International GmbH.

Scammers have registered the karatbars-affiliate-event.com domain. Then, to make people think that they login to their KaratGold.io account when they click on the link, they have created the ico.karatgold.io sub-domain under the karatbars-affiliate-event.com domain.

Another thing is that when you click on the link, it will refer you to a login form that exactly looks like the KaratGold.io login form and web page. Therefore, you won’t think that you are entering your username and password on a wrong place. That web page is something that we call phishing web page. It is where you give your account’s username and password to the scammers.

When you login on that web page, indeed it doesn’t take you to your real KaratGold.io account. It sends your KaratGold.io account username and password to the scammers. Then they can login to your account and steal your coins. However, in this special case they are after your MyEtherWallet private key, because indeed your KBC coins are in your MyEtherWallet account.

This is how the login page looks:

Phishing Login Form

As you see, it exactly looks like what the KaratGold.io login page was used to be.

As I knew that this page was a phishing web page and it was not connected to the KaratGold.io database, and it was there just to steal people’s login and MyEtherWallet private key, I entered a fake username and password to see how the inside of this site looks. I entered a fake email like [email protected] and then 123456789 as the password, because I did know that it took me to where it would request my MyEtherWallet private key, whether I enter a correct KaratGold.io login or not. As I mentioned above, they are only after people’s MyEtherWallet private key because their KBC coins are accessible and can be sent to another wallet from there.

So, this login form is for nothing but to fool users to make them enter their KaratGold.io login and then their MyEtherWallet private key:

Phishing Login Form

After clicking on the login button, it redirected me to a small form that requested my MyEtherWallet private key. If I enter my MyEtherWallet private key, they will receive it immediately and then will login to my MyEtherWallet account to send my KBC coins to another wallet that belongs to scammers:

Phishing We Page to Steal MyEtherWallet Private Key

A MyEtherWallet private key is a code with such a format:

521cef46dfcd6f2807b0eee0e7d6d5988805a6b0bfeada1cfd1f039857a0ceac

There are 64 characters in it. Any account’s private key is unique and different from the other accounts.

I entered the above MyEtherWallet private key which is fake, just to see what will happen. It returned this error:

Please check again : Invalid Private Key or Mnemonic Phrase

Phishing We Page to Steal MyEtherWallet Private Key

It will most probably return the same error even if you enter a valid MyEtherWallet private key, because they just want to receive your key. They don’t want to take you to your MyEtherWallet account really. Once you enter your MyEtherWallet private key, they will receive it at the other side of the line, login to your account and steal everything you have there. This has happened to many of the KBC holders, buyers and investors so far. Be careful.

How to Avoid Getting Robbed Like This

Those who have no enough experience and knowledge about computer and Internet, can easily be deceived and cheated by these scams.

You must know that there is only one place that you can login to your MyEtherWallet account: https://www.myetherwallet.com/

You should NEVER enter your MyEtherWallet private key anywhere else and on any other website. You are the only one who should have your MyEtherWallet private key. If a website or person asks for your MyEtherWallet private key, he/she is a thief definitely.

You can give your MyEtherWallet wallet’s address to others or add them to your accounts on the site sites that want it, because that address is something that you can share with the public when other people want to send you some coins or cryptocurrencies. But your MyEtherWallet private key is something that you should never disclose and send to anybody.

Besides, using your MyEtherWallet private key is the unsafest way of having access to your MyEtherWallet account. There are several other methods that are much safer:

  1. Using the MEWconnect App.
  2. The hardware like Leger, BitBox, etc., that you can buy and use whenever you want to login to your account.
  3. Metamask extension that will be installed on your web browser.

Using your MyEtherWallet private key is the easiest and fastest way to login to your MyEtherWallet account, BUT it is the unsafest and riskiest way too.

Who Are These Hackers and Scammers?

There are thousands of them around the world. They can be anybody and anywhere. However, it is possible to track and locate them in this special case.

I checked the WhoIs information of the karatbars-affiliate-event.com to see if I can find anything or not.

I found out that the domain was registered on 2019-01-15 through tucowsdomains.com as the domain registrar. They have a Canada/Toronto based address on the domain WhoIs info which can be a fake address.

However, it is possible to find them through contacting the domain registrar and also the web hosting company they are currently using, because they have used some payment methods to make the payments when they wanted to register the domain and buy the web hosting package. It is possible to find them through the payment methods, be it a credit card or a PayPal account, unless they have used a stolen credit card to make the payments. Even in this case, the domain registrar and web hosting company will be responsible to verify their customer identity and their payment methods.

What I am trying to say is that it is not impossible to find them, but it needs time and effort and also spending money. You will need some court orders in some steps of chasing them, otherwise you can’t get anywhere. And, to get the court order, you have to spend time and money.

To those who have lost their KBC coins, it may not look worthwhile to look for the hackers now because KBC is currently so cheap and most probably many of the KBC holders haven’t spent too much money to buy their coins. But after few years that these coins may gain some value (read this), they will regret that they forgot about their stolen KBCs so easily and them let them go. So, think about it before you let it go so easily.

Not only it is not impossible to find the hackers, but also it is possible to return all of the stolen tokens back to their real owners. Now it is the best time to do it, because they haven’t cashed or withdrawn the stolen tokens yet, and chances are they can never do it:

Nothing Will Be Lost in the Blockchain World

You may think that these hackers and thieves will become multi-billionaires in the near future, because probably they have stolen millions of coins so far, right?

Wrong!

These people are the most stupid ever, because they thought that they could enjoy the stolen coins just by hacking people’s accounts and sending their coins to their wallets. Yes, they have stolen and sent people’s coins to their wallets, but they haven’t been aware of two things:

First, any transactions will be recorded and the original and destination wallets are always known to anybody including the account owners and MyEtherWallet.com. Everything is always recorded and can be tracked.

Second, the system doesn’t records all activities just for fun. It does it to monitor everything and track the suspicious users and accounts. Nobody can login to several different MyEtherWallet accounts, transfer their coins to the other wallets, sell the coins later and enjoy the wealth. This is impossible to happen. I assure you that the hackers accounts and wallets have already been tracked and are being monitored. They cannot cash even one of the coins they have stolen.

What Does This Mean to Those Who Have Lost Their Coins?

Well! It is not that easy to reverse the transactions and take the coins back to where they were before they got stolen. The main reason is that according to MyEtherWallet.com terms of service, users are the sole responsible of protecting their accounts access info and private keys, and MyEtherWallet.com doesn’t accept any responsibility if someone’s account gets hacked and their coins get stolen.

In spite of this, it seems they always monitor the accounts and users activities. They can easily track the suspicious activities and freeze the suspicious accounts and transactions. As I mentioned above, even the account holders can see all the transactions if they refer to their accounts history. If you login to your MyEtherWallet.com account and click on the “Transaction History” at the top and then click on “Ethplorer (Tokens)”, you will see all the tokens’ transactions:

MyEtherWallet Transaction History

You can see exactly when the hackers have sent your tokens to their accounts. Also, you can even see their wallets’ addresses that your tokens are sent to. This is a part of the MyEtherWallet transaction history of my own account:

MyEtherWallet Transaction History

Therefore, the thieves and your stolen tokens can easily be tracked and MyEtherWallet.com knows where they are. I am sure they can’t cash out the stolen tokens, and so most probably all of the stolen tokens are still in the MyEtherWallet accounts. So, it is possible to return them back to the original wallets.

However, to oblige MyEtherWallet.com to do this and return your tokens, you need some court orders. They don’t listen to you if you just contact and ask them to return the stolen tokens back to your account. The reason is that they are not sitting there to take care of your belongings. It was your responsibility to take care of your wallet private key.

There Are Several Other Phishing FaceBook Groups and Sites

While investigating, I learned that there are several FaceBook pages with different names like “Karatbars International Gift KBC”, “Karatbars International Award”, “Karatbars International Event KBC”. They look almost the same and are all using the same trick and phishing method.

However, they are using different links and phishing web pages under the same karatbars-affiliate-event.com domain. Maybe there are some other hacking teams who use different domains and sites and different methods.

We must report all of these groups to FaceBook. I see that many of them have been around for over a year. I am sure some people have already reported these groups to FaceBook. But FaceBook usually doesn’t care. However, if we keep reporting them, they will close them finally, although it is so easy to create new groups.

What to Do?

Reporting these kinds of FaceBook groups and closing them is not the definite solution. Hackers and scammers keep cheating people and stealing from them. There are several things we have to do to end such a disaster for good:

1. Educate yourself and also your KaratBars team about these things. Tell them that they should not click on any link they see and then enter their accounts private information. They have to look at the address bar and see where exactly they are trying to login to.

Refer the others, specially your KaratBars team to this article and the video I have created for it, to let them learn about this before they lose anything.

2. You should note and let your KaratBars team know that they should only follow the company’s official sites, FaceBook pages/groups and newsletters:

www.karatbars.com
www.karatgold.sg
www.karatpay.com
www.k-merchant.com
www.karatbit.com
www.impulse.technology
karatgold-kbc.com

3. If your coins are stolen, you have to take actions to receive your coins back. Contacting MyEtherWallet.com and reporting the problem won’t do anything. Also, KaratBars can’t do anything for this problem because it is not under their control at all. MyEtherWallet.com is a completely different website related to a different company that has nothing to do with KaratBars.

You have to talk to a lawyer who is expert in the internet crimes. You have to spend time and money if you want to recover your stolen coins, because your lawyer has to file a complaint and take court orders that oblige MyEtherWallet to return your tokens back, if they are still in their hackers MyEtherWallet accounts.

If they have been able to send the stolen tokens out of their MyEtherWallet wallet, for example to their KaratBit account, then there is nothing that MyEtherWallet can do for you. But They can confirm that your coins have been stolen through an unauthorized access to your MyEtherWallet, so that you can follow up with the other company (KaratBit/KaratBars) and prove that what they have received was stolen from you.

Unfortunately, there is a long way to recover your stolen coins and it can take you a long time to do it, if you can do it at all.

4. If your MyEtherWallet private key has been stolen, you should never use that wallet anymore. The same people can still have access to your wallet through the same private key. You can’t change your wallet’s private key. But you can create a new wallet if you want.

If you are a KaratBars affiliate…

Maybe it is a good time to tell you something important. If you are a KaratBars affiliate, you have to grow your KaratBars team otherwise you won’t make any money.

And, growing your KaratBars team is not easy if you are not good in digital marketing.

We have been able to refer close to 7000 affiliates to our team within a few months. This is something that no other KaratBars affiliate, even those who have been with KaratBars since 2011, have been able to achieve. But we have a fully-automated online system that really works.

I strongly recommend you to submit your email address through the below form to subscribe to my newsletter. I will let you know what to do then.


Please subscribe to my newsletter and let me keep in touch with you. I won't spam you. I will keep you updated about my programs and plans. You need me if you really want to change your life:

Published by

Vahid Chaychi

Vahid is an experienced web developer and internet marketer since 2002. He has been able to become the top seller/earner and affiliate with several different companies. He has launched his own affiliate programs as well. He is a blogging and WordPress expert with lots of enthusiasm in blogging and vlogging to share his knowledge and experience. He is also a serious Kyokushin Karate warrior and a good snowboarder. Follow him if you like to become a successful entrepreneur and businessperson.

4 comments:

  1. Again, great article thanks Vahid. What is the difference between myetherwallet.com and in karapay load ewallet, can we not load there with protection?

    1. Thank you Anne.

      Well! These two, myetherwallet and KaratPay, have nothing to do with each other. They are both so safe and secure. It is the users mistakes that enable the hackers to hack the users accounts.

    1. You can buy CashGold and then load it to your KaratPay account. You can’t do this on MyEtherWallet, because it has nothing to do with KaratBars and CashGold.

Leave a Reply

Your email address will not be published. Required fields are marked *