BitMEX Research sounded an alarm on 8 July after spotting what it calls âan ongoing Bitcoin scam.â In a X post the analytics desk described a wave of tiny âdustâ transactions sent to pre-2012 Bitcoin addresses that still contain large, untouched balances. Each transaction carries an OP_RETURN message that reads: âNOTICE TO OWNER: see salomonbros[.]com/owner_notice.â One of the targets is the famous 1Feex wallet holding almost 80,000 BTC stolen from Mt. Gox in March 2011âfunds now worth roughly $8.6 billion.
Bitcoin Scam Alert
The link embedded in the OP_RETURN string resolves to a slick website branded âSalomon Brothers,â complete with an âadvisory boardâ of genuine 1980s bond-trading luminaries. The site claims to have taken âconstructive possessionâ of the dormant wallets and gives any âbona fide ownerâ ninety daysâuntil 5 October 2025âto prove ownership or forfeit all rights. Proof, it says, can be provided either by signing an on-chain transaction or by submitting personal information through a web form.
BitMEX Research calls the set-up âa Calvin Ayre-style legal scam,â echoing past attempts by Craig Wright and associates to seize the Mt. Gox coins via creative legal theories. Independent investigators agree: security analyst @0xZilayo labelled the OP_RETURN notices âmost definitely phishing attempts and have no legitimacy.â
The scam coincides with a burst of coordinated activity uncovered by blockchain sleuths. On 4 Julyâa US holiday that saw record-breaking on-chain movementâ80,000 BTC were transferred out of eight decade-old wallets within minutes of each other, each wallet having first received a trio of OP_RETURN messages culminating in the âSalomon Brothersâ notice.
Researchers believe the scammers are exploiting OP_RETURN because the opcode lets them âgraffitiâ arbitrary text onto the blockchain without spending significant funds, guaranteeing that any future ownerâor curious on-chain watcherâwill see the notice.
BitMEXâs advice is blunt: âDo NOT fill in this form.â Anyone holding coins in an address that receives one of these messages can prove control safely by moving funds to a fresh wallet; anyone without the private key has nothing to gain and much to lose by responding. Law-enforcement agencies have been notified, but no jurisdiction has yet announced an investigation.
The episode underscores a growing trend: attackers are reaching back into Bitcoinâs early history, exploiting both technical primitives (OP_RETURN messaging) and legal grey areas to monetize dormant or stolen coins. It also highlights the enduring magnetism of the Mt. Gox saga, whichâmore than a decade after the hackâstill tempts opportunists to stake spurious claims on the exchangeâs missing treasure.
For now, the safest course is to treat any unsolicited legal notice broadcast via the blockchain with extreme skepticism. In Bitcoin, possession of the private key remains the only proof of ownership that mattersâno matter what an OP_RETURN string or a glossy website might say.
At press time, BTC traded at $108,811.
Featured image created with DALL.E, chart from TradingView.com
Editorial Process for bitcoinist is centered on delivering thoroughly researched, accurate, and unbiased content. We uphold strict sourcing standards, and each page undergoes diligent review by our team of top technology experts and seasoned editors. This process ensures the integrity, relevance, and value of our content for our readers.
