A Bitcoin address holding over $8.7 billion—linked to the infamous Mt. Gox hack—has become the latest target of scammers using clever blockchain-based tactics. Security researchers at BitMEX have flagged an unusual transaction sent to the address, containing an embedded message meant to lure its owner.
The suspicious message was delivered via Bitcoin’s OP_RETURN function, a little-known feature that allows users to store data directly on the blockchain. While typically used for technical metadata or benign purposes, in this case it was exploited to display a website URL—likely part of a broader phishing operation.
The targeted address, known to have received 79,956 BTC in 2011, has long been a point of fascination in crypto history. Now, with the coins still untouched and their value surging, it seems the wallet has drawn the attention of cybercriminals hoping to trick whoever controls it.
Impersonated Website Claims Wallet ‘Abandoned’
The URL embedded in the transaction redirects users to a webpage claiming to be associated with “Saloman Brothers,” a defunct investment bank from Wall Street’s past. The page states that the wallet appears abandoned and suggests its operators are trying to identify a “bona fide owner.”
BitMEX Research was quick to issue a warning about the domain, describing it as clearly fraudulent and labeling the effort an “ongoing Bitcoin scam.” Their analysis also revealed that this wasn’t an isolated case—similar messages had been sent to other legacy Bitcoin wallets last active in 2011.
The purpose of the website appears to be phishing for personal information under the guise of legal inquiry. By implying possession of the wallet and seeking verification, the scammers likely hope to provoke interaction from a real owner—or from someone curious enough to follow the bait.
A Ghost Wallet From Crypto’s Darkest Chapter
The wallet at the center of this scam holds coins stolen from the defunct Japanese exchange Mt. Gox, once the world’s largest Bitcoin trading platform. The exchange collapsed in 2014 after repeated security breaches, during which hackers stole an estimated 850,000 BTC—valued at over $92 billion today.
Though authorities managed to recover a portion of the stolen assets—around 140,000 BTC—most of the funds remain unrecovered and untouched in wallets like the one recently targeted. A court-approved rehabilitation plan launched in 2021 promised to return roughly 90% of the recoverable assets to victims.
Still, the bulk of the stolen Bitcoin remains locked away, either lost forever or held by unknown entities. The untouched status of these wallets has long fueled speculation about whether the original thief—or a new controller—might one day surface. This latest phishing attempt seems to suggest someone is betting on exactly that.
Quick Facts
- A Bitcoin address linked to the 2011 Mt. Gox hack was targeted by scammers using OP_RETURN.
- The embedded message led to a fake legal website claiming the wallet was “abandoned.”
- BitMEX flagged the site as part of a broader phishing campaign against legacy wallets.
- The targeted wallet holds 79,956 BTC, now worth over $8.7 billion.
- Most stolen Mt. Gox funds remain unrecovered more than a decade after the exchange’s collapse.
