Attention prnt.sc browsers

[TechRodent]

Hello LTT Community,
i watched LTT's newest video „Trying TikTok Computer Hacks...“.
(First of all sorry for bad English, im a non native Speaker and im in a Hurry)
When Linus mentioned the part with the https://prnt.sc/ screenshots i thought a person would never upload his BTC or ETH wallet data .
So when I made a new screenshot with the tool e.g this one: https://prnt.sc/1rbsz09 and changed the last letter to e.g. 0 some wallet Information shows up.
But the new screenshots are full of sometimes the same screenshots!
I decided to Login into some of the sites and found out that some of the Websites are 30-60 days old!
The Login was sucessfull  and i was presented this:

A wallet with over 128 Thousand USD in BTC and ETH. BUT the site looked sus. ඞ
So i tried to pay out a small amount and was presented with a message saying:
You have to send 50$ in BTC to this BTC-Adress: XXX to confirm your payout!

Its a big Scam!

After LTTs Video https://prnt.sc/ gets flooded with screens with information about wallets. The sites look different but you always have to pay 50 USD!
I guess its because the scammers saw the video and thought that they could scam some people because Linus just recommended
the scammers hope that you browsed prnt.sc (and did consider stealing someone's wallet) and do not question the paywall.

I hope that nobody falls for this scam.
(Of course, some will now say that these people deserved it because they wanted to steal BTC but i think that e.g. young teenagers which might not think about it to much could loose $ 50 which is a lot of money for them).

Greetings

EDIT: I tracked some BTC-Adresses mentioned and i found out that these adresses hold 0 BTC and have 0 transactions.

[TechRodent]

Update:
They just wrote a comment:

[da na]

If it has to do with my crypto wallet or 'free money', I stay away from it. Good general rule.

[Spotty]

2 hours ago, TechRodent said:

After your Video https://prnt.sc/ gets flooded with screens with information about wallets. The sites look different but you always have to pay 50 USD!
I guess its because the scammers saw the video and thought that they could scam some people because Linus just recommended to browse prnt.sc if you have nothing to do.

Most likely the platform was already being used for this before LTT's video. The video only went live on YouTube today and you mentioned some of the sites are a few months old. 

The problem with recommending sites that feature user generated content is you're relying on that user content to be in line with your values and trusting that anything malicious, such as these scams, would be removed by the platform in a timely manner. Either prnt.sc isn't aware of the scams, simply doesn't care and doesn't moderate images uploaded to their site, or is actively involved in the scams.

 

And wow. I just visited about 20 different URLs by changing random letters/numbers in the URL and every single one of them was a Bitcoin scam image. They're not even all the same image or website either, I've seen probably half a dozen different scams. I actually cannot find an image on there that isn't a Bitcoin scam. 

 

It's odd they're using prnt.sc for this since it doesn't look like the images are easily discoverable and browsable (at least not that I could see on mobile, I might be missing a a page that lets you browse uploads like Imgur has). I wonder if the scammers intention is to actually try and catch people going to random image links or if they're using the images somewhere else in the scam and just using the prnt.sc site as an image host.

 

2 hours ago, TechRodent said:

BUT the site looked sus. ඞ

My God. The ancient hieroglyphs predicted his coming.

[CT854]

8 minutes ago, Spotty said:

It's odd they're using prnt.sc for this since it doesn't look like the images are easily discoverable and browsable (at least not that I could see on mobile, I might be missing a a page that lets you browse uploads like Imgur has). I wonder if the scammers intention is to actually try and catch people going to random image links or if they're using the images somewhere else in the scam and just using the prnt.sc site as an image host.

Scenario: You discover that prnt.sc has a (presumably) sequential pathing to its image uploads and you get curious. You sift through images out of curiosity, hoping to find something interesting. Then, you stumble upon a BTC wallet that has thousands of dollars in it! With all the credentials and everything! Maybe your "this is too good to be true" alarm bells don't go off this particular instance, and you rush to see if you can get in on it. There's a paywall at first, but that's no issue for such a large payday. Then, bam. Scammed out of that money.

 

And I guess that's how the scam operates. Honestly I think it's somewhat brilliant that they're choosing a method like this, since it preys on a particular type of curiosity that comes from a site that sequentially paths its image uploads. There are other ways to separate fools from their money, but this doesn't seem like a half bad one.

 

Disclaimer: I don't condone any of these activities (neither scamming people, nor trying to steal someone's BTC with supposed wallet credentials, nor even browsing prnt.sc for that matter...), these are just my observations.

[CerealExperimentsLain]

I want to make sure I understand: 

The warning here is that if you use prnt.sc to illegally access accounts that are not your own and then try to steal money from those accounts* then you may be making yourself the victim of a more elaborate fraud/honey pot?

 

So basically "Attention thieving assholes, there might be other thieving assholes out there looking to thieve your asshole." got it.

[LogicalDrm]

Agreeing with above. Imo you should chance title from "warning" to something more appropriate. You should also, now that you have time, edit the thread to include disclaimer/tldr stating that LTT is not at fault here and this site is just used as yet another platform for scams.

 

Otherwise, anytime LTT has video featuring Steam, we would have threads warning about all the scams done there. Or on eBay, Amazon etc.

[TechRodent]

Alright

[TetraSky]

12 hours ago, Spotty said:

And wow. I just visited about 20 different URLs by changing random letters/numbers in the URL and every single one of them was a Bitcoin scam image.

Yep, same here. Went there, changed numbers, letters what have you. All of them ended up being crypto related, with usernames and passwords for some.

Someone who sees this on TikTok and isn't techsavvy at all, won't even bother trying a different address, they'll think they got super lucky and then get scammed.

[TechRodent]

Just now, TetraSky said:

Yep, same here. Went there, changed numbers, letters what have you. All of them ended up being crypto related, with usernames and passwords for some.

Someone who sees this on TikTok and isn't techsavvy at all, won't even bother trying a different address, they'll think they got super lucky and then get scammed.

Exactly. Young teens might think they just made enough money for their life and get scammed (even though they had bad itentions their parents probably paid for it)

[Bramimond]

Seems like both poetic justice and a $50 life lesson for the affected people. 

It's hard to even get mad at scammers like that. 

[CerealExperimentsLain]

As an addendum to this thread, I'd like to alert unwitting users to another common scam: Often times when you go online and attempt to find contacts to buy large amounts of explosive material from so that you can commit acts of terrorism, those 'sellers' are actually the police and the whole thing is just a setup to get you arrested.

 

Young teens might think they found enough explosives to take out the government building of their choice and get scammed (Even though they had bad intentions parents probably paid for it)

[Jebula999]

If you dig a little bit further, you will see that the funds eventually end up in these addresses...
https://etherscan.io/address/0xfd9bbd5abef7b0dc60204d3f683c3d7d6e070b1b

https://etherscan.io/address/0x21a31ee1afc51d94c2efccaa2092ad1028285549