A group allegedly from Russia is behind the latest crypto thefts
Since the beginning of this year, more than 1,000 deceptive websites have been misguiding people through sham reward schemes that were, until now, unrecognized cryptocurrency fraud. Last week, a team of researchers from Trend Micro released a report indicating that a campaign involving collaboration with a rock group called Impulse Team had the potential to deceive numerous individuals worldwide. The scale of the operation was significant.
The scam functions by deceiving its targets with an initial scam, whereby they are convinced that they have won virtual currency. But, they must pay to create an account on their bogus website in order to redeem their prize. The entire scheme involves a network of deceitful tactics, which commence with Twitter bursts that contain misleading information and attract potential victims to unscrupulous websites. As a result of these activities, several accounts have already been suspended.
Upon signing up on the fraudulent website, individuals are prompted to verify themselves by depositing a minimum of 0.01 bitcoin, or roughly $258. This supposedly serves as a means of confirming identity and finalizing account creation. Evidence from a public Telegram group reveals that scammers managed to swindle over $5 million from unsuspecting victims within the span of December 24, 2022, to March 8, 2023.
Heads up! A massive campaign involving over 1,000 fraudulent #cryptocurrency websites has scammed thousands of people worldwide with false promises of huge rewards.
Don't fall for their trickery — spread the word: https://t.co/jDA24Zmlt3#cybersecurity
— The Hacker News (@TheHackersNews) June 12, 2023
Impulse, a so-called crypto-scam project that was promoted on a Russian cybercrime forum as early as February 2021, has been connected by Trend Micro to hundreds of domains involved in this fraudulent activity. These domains were found to have been in operation as far back as early 2016, and are all part of the scam ring.
The company operates on a ransomware-as-a-service (RaaS) model, wherein affiliates must pay a participation fee and share a portion of their earnings with the company’s founders. In order to appear credible, the founders supposedly developed a variant of ScamDoc, a well-known anti-virus tool that assigns trust scores to various websites. This was done as an endeavor to make their cryptocurrency operations pass as trustworthy.
Partners have been utilizing several methods to promote the scam, as revealed by Trend Micro after analyzing personal messages, online videos, and advertisements across various social platforms like TikTok and Mastodon.
Simultaneously with the emergence of the sham transfer scheme, there has been a fresh assault on the theft of cryptocurrency, devised by a perpetrator who goes by the name Pink Drainer. The imposter assumes the identity of a journalist and illegally takes control of the victims’ Discord and Twitter accounts, promoting counterfeit crypto endeavors. It’s working so far, with netizens not picking up on the known fraudulent cues.
Editor-in-Chief of the Big Blind, a prominent gambling industry publication, brings 30+ years of journalism experience to his role. His vision emphasizes clarity, accessibility, and responsible journalism, making the Big Blind a trusted source in the online gambling sector.