Over 3,200 Bitcoin Gold user wallets have been emptied by malefactors on the night of November 13th to 14th due to a vulnerability in the only BTG wallet, Mybtgwallet. According to preliminary estimations, the losses comprise 300 BTC and 300 BTG, which exceeds $2.5 million.
A group for victims (102 people) was organized in Slack by an activist nicknamed Concorde. They are confident that even if the Bitcoin Gold team was not directly involved in the scam, it still provided the malefactors with everything they needed to steal the coins, so they should be held equally culpable.
It is known that the Bitcoin Gold team hired a third party to develop the ecosystem. It was John Dass, who was dubbed DEVELOPER in the official Bitcoin Gold slack channel. He openly called users to chose the wallet he had developed. Notably, the BTG team confirmed their cooperation with John Dass, and endorsed the usage of Mybtgwallet.
“If you want, can import this like a etc seed,” John Dass told one of the miners.
When the BTG network was launched, Mybtgwallet was the only way to generate a BTG address for miners, aside from downloading a full node, which took about 147 gigabytes. For that reason, most users generated the address via the wallet, where the BTC wallet’s seed phase had to be input.
“Yes that wallet is not fake it’s by a 3rd party creator who has been working with our team keep in mind it’s still in beta some features are limited,” the project’s official Twitter read.
There are allegations that the malefactors accessed the seed phases and used it to steal the assets.
On Sunday, November 12th, Bitcoin Gold representatives have stated the wallet is launched.
“No both of those wallets are safe and work keep in mind some of the features may not work until the Main net is launched,” the team responded to allegations of a possible scam.
Later the BTG team distanced itself from third-party applications and stated it cannot held liable for any work by John Dass.
The users, however, claim that Bitcoin Gold’s official website was hacked nearly one month before the mainnet was launched, and changed the official Twitter address for a fake one. No statements have been issued by developers in this regard, so the users suspect they didn’t want any negative media coverage or public accusations, and concealed the fact.
Sources suggest that a group of 8 people under the auspices of a business angel are negotiating with the developers. The group demanded that the developers remunerate all assets at the exchange rate of November 14th to 15th, otherwise they would be sued individually and collectively for aiding and abetting. The group gave the developers only 24 hours to comply.
The spokespersons for the group claim the BTG team stated they were cooperating with the FBI to bring back the money.
The screenshot shows a BTG employee named Joseph asks one of Slack channel members to notify all U.S. citizens who fell victims of the theft they should fill in forms to attract the attention from the FBI.
We gave @bitcoingold 24h to respond at noon 11/21/2017 UTC. 19h remaining.
They said they’re in contact with @FBI and need more time.$BTG plays for time with each deadline’s shifted because they need “more time” and can’t even tell if they CAN REFUND.#BTGscam #BTGStoleMyMoney
— BTG Stole My Money (@BTGStoleMyMoney) 21 November 2017
Tuesday, November 21st, the activist group decided to go on the war path and sue Bitcoin Gold for aiding and abetting. The spokespersons for the developers on their side have threatened they would not cooperate whatsoever if the developments are covered in the media.
ForkLog will be monitoring the developments.