TronWeekly

Crypto World News

You are here: Home / Archives for News / Crypto Scam

Crypto Scam

Turkish Police Continue To Arrest More People In Thodex Crypto Exchange Case

by

The Turkish government was seen dealing with an array of criminalities concerning the crypto-verse as it prepares to ban payments in crypto. However, the Turkish police did not fall back as they were quick enough to bag several suspects associated with the country’s most recent crypto fraud.

Last week, Thodex, a prominent cryptocurrency exchange in Turkey, suspended withdrawals for its users. This abrupt decision caused an immense commotion amongst its users. Right after this, the CEO of the platform, Faruk Fatih Özer, went missing which added to the unrest. Even though the CEO absconded, the police managed to detain over 83 people involved in the case.

Most recently, it was revealed that the officials had arrested about six individuals part of the case. This list included the siblings of the CEO who is still missing.

Turkish Authorities Bag Missing CEO’s Siblings

It was recently reported that six members were awaiting trial by the Turkish court. The CEO’s brother and sister Güven Özer and Serap Özer were also detained by the police as they reportedly had a huge role to play in the crypto exchange. Additionally, it was also noted that these members from the Özer family had notable crypto holdings.

The CEO’s sister Serap Özer, who also looked into the finances of the exchange, recorded transactions of about 120 million liras in her possession on the world’s largest cryptocurrency exchange, Binance. She outrightly shot down these claims and suggested that the account did not belong to her. The brother, Güven Özer did not have a major role in the platform but still held about 22 million Turkish liras.

Furthermore, Özer was seen boarding a flight to Albania from Istanbul which has caused Interpol to issue a red notice. Apart from Albania, Turkish authorities have sent out units to four other countries to look for the CEO. Speaking about the same, Interior Minister Suleyman Soylu said,

“When he is caught with the red notice, we have extradition agreements with a large part of these countries. God willing he will be caught and he will be returned.”

While this case has been taking different turns, the government of Turkey’s ban on crypto payments came into effect on Friday 30 April 2021.

Turkey Witnesses the Arrest of 62 People Involved in the Thodex Crypto Scam Case

by

Turkey was one of the countries that decided to pull the plug on cryptocurrencies. The country went on to suggest that the country would soon ban any sort of payments in crypto. A few days after this announcement, a prominent Turkish cryptocurrency exchange, Thodex was called out by its users for looting them for over hundreds of millions of dollars. Just as this investigation was underway, the Turkish law enforcement nabbed over 78 people involved in the case.

Anadolu, a Turkish newspaper announced that the prosecutors involved in the case had bagged over 78 arrest warrants. However, only 62 were detained by the Turkish police.

Turkey Police Bag 78 Arrest Warrants

As per the report, it was noted that the Chief Public Prosecutor’s Office had issued warrants for over 78 individuals that were in contact with the Thodex. Furthermore, the Anti-Cyber ​​Crimes Branch Directorate went on to nab over 62 suspects throughout 8 provinces in Istanbul.

Along with the 62 people that were detained, the Turkey police captured several documents as well as digital materials pertaining to the case.

While the law enforcement has bagged these many suspects, the main person involved in the case, Fatih Faruk Ozer, the founder of the crypto exchange was still missing. Reports suggest that the founder had fled to Albania through a commercial flight from Istanbul. However, a complaint was filed against the CEO/founder Ozer over “aggravated fraud” by a Turkish lawyer, Abdullah Usame Ceran.

Furthermore, it was found that the cryptocurrency exchange’s website was still inactive, depriving users of the right to access their accounts and withdraw funds.

As Turkey prepares to impose a ban on crypto, the Thodex incident seems to have stirred up the country. However, Cemil Ertem, the senior economic adviser to the President of Turkey said,

“Turkey will undoubtedly carry out a regulation that’s in line with its economy but also by following global developments.”

Turkish Crypto Exchange Users Succumb to Losses After CEO Absconds

by

Just days after the Turkish central bank announced a ban on cryptocurrency payments, users of a prominent crypto exchange in the country faced a catastrophic loss.

As per a recent report, the users of the Turkish cryptocurrency exchange, Thodex had trouble withdrawing their investments. While the exchange hoards about 400,000 users, investments of about hundreds of millions of dollars were reportedly stuck in the exchange. After these users decided to go the legal way, they discovered that the CEO of the platform was missing.

Turkish Govt Should Take Action ASAP Urges President’s Economic Adviser

The users of the crypto platform, Thodex went on to file a complaint against the exchange for fraud. While a prosecutor from Instanbul went on to carry out an investigation of his own regarding the case, funds worth over hundreds of millions of dollars were still stuck in the exchange, Oguz Evren Kilic, the representative of the Thodex users asserted.

The users were alarmed after the platform decided to pull the plug on its services for five days citing maintenance as a reason.

Amidst this, the founder and chief executive officer, Faruk Fatih Ozer had reportedly absconded from the country. He took off from Istanbul on a commercial flight from Istanbul and is speculated to have gone to Albania.

220420211229396544300

A photo of the CEO was captured during his departure from Turkey. While the CEO is not answering his phone, the search for him continues.

Urging the Turkish government to take timely action, Cemil Ertem, the senior economic adviser to Turkey’s President Recep Tayyip Erdogan, stated,

“Pyramid schemes are being established in this area. Turkey will undoubtedly carry out a regulation that’s in line with its economy but also by following global developments.”

Not long ago, the Central Bank of the Republic of Turkey announced that any direct or indirect payments in crypto would be considered illegal. This law would be effective starting from 30 April.

Paxful Users’ Data Is Safe, Affirms CEO Youssef

by

The users of the prominent cryptocurrency exchange, Paxful was recently subject to extreme angst as rumors pertaining to a data breach on the platform surfaced. However, the CEO of the exchange asserted that the platform was safe and had experienced no such thing.

The emergence of digitalization with regard to the financial sphere is promising, however, quite often platforms associated with this fall prey to hacks and attacks. While the crypto industry has witnessed an array of hacks, an online market, Raid Forums solely for the purpose of selling and buying of stolen data has been established. A user of the Raid Forum reportedly claimed to have personal data of over 4.8 million Paxful users. This included names, email addresses, gender, phone number, birth dates as well as passwords.

Recently, social media giant, Facebook had also experienced a data breach. However, in this case, the seller, who used the name, Mafufi demanded 1 Bitcoin [BTC] which was about $60K, during the time of writing.

The news about the exchange being hacked gave rise to another conversation that emphasized the emergence of these hacks despite Know Your Customer [KYC] and Anti-Money Laundering [AML] procedures. Addressing the same, the CEO of Paxful, Ray Youssef said,

“Neither does Paxful. Any KYC data is never on our servers. We don’t take asking for people’s identities lightly. Good news soon”

Paxful CEO: “Ignore the FUD”

While this caused unrest in the crypto community, the CEO of the platform, Ray Youssef restored hope by affirming that no user data was leaked. His tweet read,

“All funds and Identities are Safe @paxful No user data was leaked, no breach was ever made of our users! Ignore the FUD! long live #bitcoin The data they had was old employee records from a payroll site we no longer use. #badguysdontwin”

Furthermore, the users of the exchange were put at ease post this tweet.

“Singaporeans Remain Vigilant While Dealing With Crypto,” Alerts PM Lee Hsien Loong

by

The Singaporean prime minister, Lee Hsien Loong was recently subject to a scam that involuntarily had him involved. A member of the BitClout platform had reportedly used the name of the prime minister in order to pocket some easy money. The user sold fake tokens worth over $10,000. The official revealed that the scammer had made use of the information available on his Twitter account to sell tokens on BitClout. Loong went on to asset that he had nothing to do with BitClout and the entire activity was reportedly done without his permission.

While this account was soon taken down, Loong took to Facebook and asked Singaporeans to stay alert against any possible scams with regard to crypto platforms. The post addressed to his 1.6 million followers read,

“I have discovered that my Twitter profile (and others as well) has been used without my permission or knowledge on a blockchain platform that allows users to buy and speculate with its proprietary cryptocurrency. [….] I urge everyone to remain vigilant when dealing with cryptocurrency platforms.”

Singaporean

Singaporean Financial Regulator Steps In

The Monetary Authority of Singapore [MAS] decided to address this. Tharman Shanmugaratnam, the Chairman of the financial watchdog went on to reveal the risks involved in trading cryptocurrencies. Volatility has been a significant drawback of the crypto industry. Citing the same, Shanmugaratnam suggested that the value of crypto is not related to any economic fundamentals, which further makes them highly risky investment products. This would further not be very feasible for retail investors, he added.

Furthermore, the Chairman affirmed that MAS would make sure to alert Singaporeans about the perils of investing in the crypto industry, to avoid any possible losses. He added,

“The crypto assets space is constantly evolving. MAS has been closely monitoring developments and will continue to adapt its rules as needed to ensure that regulation remains effective and commensurate with the risks posed. Investors, on their part, should exercise extreme caution when trading cryptocurrencies.”

BlockFi Users Faces Racist and Vulgar Spam Attack, Nearly 500 Email Sent

by

Users of cryptocurrency lending startup BlockFi reportedly faced a racist and vulgar attack via email. On the afternoon of 8th March, the company’s employees identified an attacker who spammed BlockFi’s sign-up page with fake accounts using profanity in its correspondence.

Before BlockFi caught the problem and paused registration for maintenance, the perpetrator had already sent an estimated 500 emails that had “vulgar and racist” language. According to reports, the individual behind the spam attack had entered offensive terms as the first and last names for the said fake accounts.

The latest development comes right after BlockFi sent out a tweet notifying a temporary halt in the platform’s new signups. The crypto lending startup did not elaborate except for a tweet that said it was experiencing a minor technical issue.

However, the platform is yet to publish an official acknowledgment of the same. One of the victims of the spam attack tweeted that she had no idea how far this “malicious actor” spread racist language through the platform. Condemning BlockFi, one victim said,

“But it is absolutely shameful that the company is promoting itself with ZERO public apologies or acknowledgment of that fact that on a Sunday morning their software was used to send out RACIAL SLURS to people who had never even signed up for their services in the first place.”

BlockFi’s Only Response On Forbes

CEO and Co-founder, Zac Prince’s only official statement regarding the attack:

“I think this spam attack [was] designed to try and create negative sentiment around BlockFi by trying to get emails sent with vulgar language in them.

This is not the first time that the crypto platform had a temporary data breach. Last May, BlockFi identified an unauthorized intrusion into its systems that exposed some of its client data.

Moreover, the crypto derivatives exchange FTX had reported facing a similar attack this Feb. During this, the perpetrators briefly compromised from Blockfolio’s Signal app, deliver racist messages. FTX CEO Sam Bankman-Fried had earlier speculated that a potential competitor could be behind the attack.

Ledger User Claims Receiving Death Threat, Ransom Attempts

by

Just days after the personal information of Ledger customers was dumped on a hacker site called ‘Raidforum’, victims were being targeted by e-mail and SMS phishing campaigns. But the certain malicious entities have gone a bit too far as reports now suggest not just a spate of hacking and phishing attempts but even more distressing incidents especially for the ones who had their home addresses revealed.

In an alarming situation for the breach victims, details of kidnapping and murdering threats given by the attackers to victims have emerged. In the latest reddit thread, a Ledger user, whose personal details were compromised, claimed to have recoeved a phone call threatening kidnapping and murder. The attacker allegedly demanded 10 XMR by midnight and also threatened the victim of physical violence if the ransom is not paid.

“He demanded 10 XMR and said if it’s not sent by midnight, he will show up at my house, kidnap me, and “stab to death” any relatives living at my address. I was able to record this phone call as I put him on speaker phone.”

While the Ledger customer did take the help of the local police, this breach has caused severe distress among the community members whose personal information were dumped on the site. Several users have reported phishing emails. Another user under the pseudonym ‘JimboChewdip’ reported a sim swapping incident which cost him $2k. The attacker was able to access the victim’s phone, thereby changing passwords on several platforms.

Ledger CEO Pascal Gauthier had recently apologized for the event and clarified that the data breach has no link nor impact on its hardware wallets, the app or customer funds and concerns only e-commerce related information.

The exec further noted that the goal of the platform was to provide its customers with the best protection and security for their digital assets. However, he went on to confirm that the firm would not be providing any compensation for victims who had their home addresses revealed

That’s precisely Ledger’s mission: we continuously invest to improve security standards. That’s also why we won’t be refunding customers like some have suggested – instead, the best and most sincere thing we can offer is our dedication to being better and making these investments to continuously upgrade the security of the products we make available for you.

Is The Ledger Leak Forgivable?

by

It has been a bad year for Ledger, even worse for its users. In the latest development, the hacker of Ledger’s data breach on its e-commerce and marketing database has reportedly dumped the stolen contents of the hardware wallet provider customer database on the hacker site called ‘Raidforums.

According to Alon Gol the network security firm Hudson Rock’s Co-founder, the leaked database contains user information such as email IDs, physical addresses, phone numbers, and more information. Over a million customer emails stolen from the hardware wallet manufacturer were made publicly available on a hacker site today.

Ledger confirmed that payment information, credentials [passwords], or crypto funds were not impacted and the data breach has no link nor impact on the platform’s hardware wallets and the Ledger Live application.

While this security seems like just another addition to the long list of cybercrimes, not everyone is of the opinion that Ledger can be forgiven. The pseudonymous crypto researcher, Hasu, for one posted criticized Ledger in the following tweet:

“You simply can’t sell hardware wallets and store the personal information of your customers on an online server. Cut off business with them, only way companies in this space are gonna learn to take our physical security seriously.”

How Can The Ledger Leak Victims Protect Themselves?

While the information leaked in this breach would not directly compromise a users’ Ledger device and crypto funds, it could however be used [or already being used] in social engineering attacks. This was noted by a well-known cryptographer, Nik Bougalis, who went on to state that the attackers are likely to use the information to target users’ and hence they might very well get emails, phone calls, snail mail, and even packages.

According to the Bougalis, most of these will be “ham-fisted” attempts, which will stand out, while others will be tailored and carefully designed to dupe the victims. He also urged the users’ to approach every email critically.

Furthermore, the software engineer also warned,

“If the phone number you used for your order is used as a 2nd factor anywhere, change it immediately. If possible, avoid using SMS/phone as a 2nd factor altogether. Get a YubiKey or something similar and set up something like Google Authenticator.”

In a series of tweets, Bougalis also asked the victims to use a password manager for everything and enable 2FA wherever they can.

 A Quick Synopsis of The Security Breach

This hack seems to originate back in April 2020 to the 28th of June, 2020, when an attacker got access to a portion of Ledger’s e-commerce and marketing database through a third party’s API key that was misconfigured on its website. This apparently enabled unauthorized access to Ledger’s customers’ contact details and order data. The platform claimed to have fixed the data breach within the same day it was detected and the API key was deactivated.

According to the Twitter Handle, ‘Have I Been Pwned’, which was created by Microsoft Regional Director Troy Hunt, revealed that since the time of the original hack, 69% of the addresses in the dumped database as having been compromised.

Robinhood Swims Out Of Troubled Waters After Agreeing To Pay $65M

by

Lawsuits and legal interventions have become remarkably prevalent. Robinhood, a trading platform decided to fend off a lawsuit instead of prolonging it by deciding to pay off the designated fine. The platform had found itself drowning in troubled waters with the Securities and Exchange Commission [SEC] charged the trading application for duping customers and seeking extra money from its users.

Robinhood’s Tiff With The SEC

In an elaborate press release, the Securities and Exchange Commission of the United States called out and charged Robinhood Financial LLC with an array of accusations. This list included the submission of “misleading statements and omissions in customer communications” from 2015 all the way up to 2018. This entailed false assertions in the platform’s FAQ pages where it lied about its revenue sources.

Joseph Sansone, Chief of the SEC Enforcement Division’s Market Abuse Unit commented on Robinhood’s activities and said,

“Robinhood failed to seek to obtain the best reasonably available terms when executing customers’ orders, causing customers to lose tens of millions of dollars. Today’s action sends a clear message that the Commission will not allow brokers to ignore their obligations to customers.”

The SEC further alleged that the trading platform went on to deceive individuals by hoarding the “commission-free” trading option. While this seemed like an attractive deal to its customers, it was nothing but a mere honey pot as the trading firm charged higher prices for order flow. This was off-putting for many as the prices of other brokers were comparatively lesser. The statement further read,

“The order finds that Robinhood provided inferior trade prices that in aggregate deprived customers of $34.1 million even after taking into account the savings from not paying a commission. Robinhood made these false and misleading statements during the time in which it was growing rapidly.”

The trading application was quick enough to try and get out of trouble. Robinhood went on to agree to pay $65 million as a civil penalty. The platform refrained from accepting or denying the charges imposed by the SEC.

Dan Gallagher, Chief Legal Officer of Robinhood had asserted that the settlement relates to historical practices that do not reflect the platform today. While recognizing the responsibility that comes with having helped millions of investors make their first investments, the executive went on to say that the team was committed to continuing to evolve the trading platform as it grows to meet the needs of its customers. He also added,

“We are fully transparent in our communications with customers about our current revenue streams, have significantly improved our best execution processes, and have established relationships with additional market makers to improve execution quality”

Bitcoin Mining Farm Accused Of Carrying Out The Biggest Electricity Theft In Bulgaria

by

Bitcoin has become one of the most valuable assets over time. From 10,000 Bitcoins being worth merely two Papa John’s pizzas, to a whopping $19K, the king coin has come a long way. While this industry got more attractive, the Bitcoin mining rewards started luring in several who intended to make a profit through the crypto industry. Bitcoin mining isn’t an easy job, it requires an immense amount of electricity. This factor remains unfavourable for many and hence they resort to illegal means to garner electricity to mine the king coin.

Bitcoin Mining Behind The Biggest Electricity Theft

Even though the Bitcoin miner rewards have depreciated with every halving, the value of the asset has surged. With Bitcoin currently priced at $19,251, every miner gets a reward of 6.25 BTC following the recent halving that took place in May 2020. While this is a profitable method of pocketing the money, the mining process eats a ton of electricity. Recent news from Bulgaria revealed that a village called Herakovo was stealing electricity from the CEZ Group, an electricity exporter in Europe.

The CEZ Group went on to find out that a crypto mining farm in the village was operating over 1,000 ASIC miners. The farm duped the electricity exporter by illegally connecting to a medium voltage network. This theft of electricity was touted as the biggest of its kind in Bulgaria as a whopping 4,250 families could live off the electricity that the mining farm had illegally used for an entire month.

Bitcoin

This isn’t the first time Bulgaria is seen taking a drive on the bad side of the crypto-verse. The country has time and again been subject to several crimes pertaining to electricity theft to execute Bitcoin mining. More recently, two residents of the country were nabbed by Bulgarian law enforcement for stealing electricity worth about $1.5 million for mining the king coin.

While the police managed to seize the biggest electricity theft in Bulgaria, the CEZ Group took a while to discover the treachery. Nevertheless, the electricity exporter suggested that it went on to recognize the loss and the location of the preparators.