Phishing website - lost my funds

Hi community,

just so you can protect yourself from loosing your funds:

I misstyped the URL, and ended up at https://tormado.cash it is a phishing site that works exactly like the real site, except that the guy that hosts the website changes the payout address to his own address.

He bought the domain ~30 days ago. He also bought other domains that will be common misspells.

Phishing domains I am aware of after I made some investigation:

ornado.cash
tonado.cash
tormado.cash
tornao.cash
torndo.cash
trnado.cash

IP address of the server hosting the website: 192.153.57.197
Hosting provider/owner of that IP: https://blnwx.com/
Registered On: 2021-05-18

8 Likes

Just reported to Bitlaunch and Registrar.eu
Normally they will shut down these websites very quickly.

Guys, most welcomed to send abuse form here concerning these domain names : https://abuse.registrar.eu/

5 Likes

Sorry for your loss :pensive:

I would say that running the UI on your localhost is an effective way of avoiding scam attempts. There is no need to trust websites, maintained by others.

3 Likes

If you know how to do that please wouldn’t you make a Tutorial and share it? :innocent:

If you know how to do that please wouldn’t you make a video Tutorial and share it? :innocent:

Instructions for running the UI is on the GitHub page. You need to copy the files then run a webserver.

1 Like

Also please make sure that unless using port 3000 (http://localhost:3000) your transactions will not be saved on the UI due to the setting related to localStorage. See https://raw.githubusercontent.com/tornadocash/ui-minified/gh-pages/_nuxt/6d5b032.js for more info. The file path may be changed occasionally when it’s updated. Clone the repository and look for the string locally as seeking it on GitHub UI does not really work fine.

If the UI is served on other than port 3000 the browser’s console returns this warning message: The page has been loaded from ipfs.io. LocalStorage is disabled.

1 Like