A bitcoin mixing service, a service used to mix various transactions to improve privacy on the Bitcoin blockchain, has been reportedly found to be scamming users by both stealing their BTC and then trying to get access to their device.
On Reddit, a user detailed he tried to use a bitcoin mixing service called Bitcoinmixer.eu to make his funds untraceable, but saw that “something in the mixing process failed.” After contracting the server’s support, he was told to run a command with his Bitcoin wallet’s console to request his funds back.
After running the command multiple times, the user got the same reply: “server exception, please, contact with support.” After asking for help on social media, others warned him he was being scammed by the bitcoin mixing service.
The CTO of LocalCoinSwap, Nathan Worsley, replied to the user’s thread warning him to not run the command he was given. Per his words it’s a “remote code execution” and there’s “no legitimate reason” to ask a user to run it. In a follow-up on GitHub, he detailed the code is designed to work with multiple operating systems.
He added that in this specific instance wallet-stealing code was being downloaded, and advised the user to at the very least “completely delete all traces of Electrum from your system and reinstall it” as the malware compromised the installation.