Scam Alert

Bitcoin Users’ Data Was Stolen By An Entity Using 812 Different IP Addresses

Key Points:

  • A mystery entity may be gathering Bitcoin users’ IP addresses and correlating them to their BTC addresses, thereby infringing on their privacy.
  • The entity has been active since March 2018, and it connects to Bitcoin full nodes using a variety of 812 distinct IP addresses.
  • By altering the IP addresses it uses to connect, the entity might get around list that nodes can use to ban LinkingLion from connecting to them.
An unknown person or group called LinkingLion may be collecting the IP addresses of Bitcoin users and linking them to their BTC addresses, violating the privacy of these users, according to a blog post from pseudonymous Bitcoin app developer 0xB10C.

The entity has purportedly been gathering data since March 2018 and has used a variety of 812 different IP addresses to conceal its identity.

0xB10C calls the entity LinkingLion because the IP addresses from three IPv4/24 ranges and one IPv6/32 range connect to listening nodes on the Bitcoin network, and these IP address ranges are all announced by AS54098, LionLink Networks. However, the ranges belong to different companies based on ARIN and RIPE registry information.

This behavior may indicate that the entity is trying to determine if a particular node can be reached at a particular IP address.

Fork Networking and Castle VPN are US-based companies owned by the same person. Fork Networking offers hosting and colocation services, while Castle VPN is a VPN provider. Linama UAB is a Lithuanian company with no web presence. Data Canopy is a US-based company offering cloud and colocation data centers. Since the connections from these IP ranges share very similar behavior, 0xB10C assume they are controlled or rented by the same entity.

0xB10C stated that about 15% of the time, LinkingLion doesn’t close the connection immediately. Instead, they either listen for inventory messages that contain transactions or send a request for an address and listen for both inventory and address messages. They then close the connection within 10 minutes.

The behaviour indicates that the entity may be recording the timing of transactions to determine which node first received a transaction. This information can then be used to determine the IP address associated with a particular Bitcoin address. According to 0xB10C, the entity can use that information to link broadcast transactions to IP addresses.

0xB10C is the developer of several Bitcoin analytics websites, including Mempool.observer and Transactionfee.info. They have also been awarded a Bitcoin developer grant from Brink.dev in the past.

To help protect the community from this privacy threat, 0xB10C has produced an open-source ban list that nodes can use to ban LinkingLion from connecting to them. However, the entity could circumvent this ban list by changing the IP addresses it uses to connect. In 0xB10C’s view, the only permanent solution to the problem is to change the transaction logic within Bitcoin Core, which developers have so far been unable to do.

DISCLAIMER: The Information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.

Join us to keep track of news: https://linktr.ee/coincu

Harold

Coincu News

Harold

With a passion for untangling the complexities of the financial world, I've spent over four years in financial journalism, covering everything from traditional equities to the cutting edge of venture capital. "The financial markets are a fascinating puzzle," I often say, "and I love helping people make sense of them." That's what drives me to bring clear and insightful financial journalism to the readers of Coincu.

Recent Posts

Best New Meme Coins with 1000X Potential: BTFD Coin’s Hot BIG50 Discount As Baby Doge Coin, Dogs Takes Gaming to the Next Level

Explore the best new meme coins with 1000X potential. Learn how BTFD Coin leads with…

7 minutes ago

BlockDAG Surges Past $170M as BDAG250 Bonus End Countdown Begins – Aave Targets $400 & Solana Shines with Scalability

BlockDAG crosses $170.5M in presale success with BDAG250 bonus and Whitepaper V3 launch! Solana grows…

2 hours ago

Qubetics Presale Price Surge Approaches: The Best Coins to Invest in Right Now While Toncoin, and XRP Gain Traction

Discover why Qubetics, Toncoin, and XRP are the best coins to invest in right now.…

2 hours ago

Book of Meme Old News? This Best Meme Coin to Invest in 2024 Is Multiplying Gains Like a Champ

Over the years, meme coins have evolved from inside jokes into serious investment opportunities.

3 hours ago

Time’s Ticking on BlockDAG’s 5-Tier Bonus- Few Days Left to Grab It While Cardano Whales Take Action, Aave Rallies Strong

Discover BlockDAG's five-tier bonus program's closing phases that enhance buyer holdings. Gain insights on the…

4 hours ago

Best Altcoins to Buy for 2025: Qubetics Presale Surge, Solana’s Lightning Speed, and Cardano’s Blockchain Revolution

Discover why Qubetics, Solana, and Cardano are redefining the crypto landscape. Learn about milestones, price…

4 hours ago

This website uses cookies.