For a long time in Australia when you purchased property you had to visit the local Land Titles office or local equivalent to pay your stamp duty and get paperwork done. Recently several state governments decided to outsource this critical function to a private company, the Property Exchange Australia - PEXA. It was seen as a win-win with a private company taking over storing and maintaining land titles and the State Governments getting a kick back for it. Until it all went wrong recently when $250,000 was stolen from a PEXA conveyancer's account.
The victim of the hack was Dani Venn, who is well known for being on the local version of Masterchef. PEXA has claimed no responsibility for the loss and with the PEXA system soon to be made mandatory in NSW, Victoria and Western Australia, many people are concerned that the system is not secure and should not be used for title or money transfers. While the Commonwealth Bank was able to freeze and recover 138K of the funds, 110K is still missing leaving Ms Venn in the lurch. PEXA has claimed to be taking action to secure the service.
While PEXA has claimed that their online system will be of benefit to lawyers, sellers, buyers and real estate agents, the reality of moving data out of offline systems to internet based servers may very well have just created the sweetest honeypot ever seen online in Australia.
(Score: 1) by anubi on Thursday July 05 2018, @05:59AM (2 children)
Here's another nasty one... it just sits and waits for you to copypasta a bitcoin address...
Then sends the contents of the clipboard home, and they proceed to empty your wallet.
Clipboard HiJacker [firstorderhistorians.com]
"Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
(Score: 4, Informative) by qzm on Thursday July 05 2018, @06:18AM (1 child)
No, they dont.
And it would be a bit useless, since bitcoin wallet addresses are usually quite public (which is kind of the point).
What these things do it recognize a bitcoin wallet address, and substitute another address they know of.
Hence you end up pasting their address instead of your own, they hope you dont notice, and that you (or someone else) then sends bitcoins there.
Rather smart, really. In a 'ffs thats not good' kind of way.
(Score: 1) by anubi on Thursday July 05 2018, @06:35AM
Thanks for the FTFY.... I remembered seeing that, but did not really understand how they were doing it.
"Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]