TronWeekly

Crypto World News

You are here: Home / Archives for Scam

Scam

Binance Turkey Alert Users Of An Ongoing Scam Attempt

by

Binance’s ever-growing popularity comes with its downside. The world’s biggest crypto exchange is now facing another battle. No, it is not the regulators, but scammers and fraudsters that are giving the firm a hard time.

Taking advantage of the platform’s expanding fan base, unknown criminals attempted to exploit investors using fake Binance-branded billboards and hoardings in Turkey.

This prompted the Turkish wing of the trading platform to take to Twitter stating that it has no affiliation with the ad and issued a word of caution for users from falling for such scams.

It also added that “Necessary legal processes have been initiated against persons who are clearly involved in fraudulent activities”

The image contains a billboard purportedly sporting an advertisement titled “Binance Tourist exchange” which includes telephone numbers that, when dialed, might link potential victims to scammers.

Binance launched a 24/7 helpline service in Turkey

A few weeks ago, Binance launched its first 24/7 customer service center in Turkey with the primary goal to proactively end fraud cases before it happens. One likely reason for its selection of Turkey is the massive amount volume of traffic the exchange receives from the nation.

As per an announcement, if the pilot test in Turkey is successful, the exchange plans to expand the service globally. As for now, the trading firm will offer customer support in Turkish, only through the app.

Binance, which is regarded as one of the most dominant digital currency exchanges in terms of daily trading volume had discussions with UAE authorities on setting a base camp in the nation.

After Turkey and Lebanon, UAE is the third most rapidly emerging crypto market in the Middle East.

In late December 2021, Binance had inked a deal with the Dubai World Trade Center Authority [DWTCA] intending to carve out a global virtual resource ecosystem. The exchange is one of the first digital currency exchanges to join the DWTCA’s new crypto initiatives.

Binance said in a statement that the agreement allows it to work with DWTCA to “define the idea of hastening the establishment of another industry center point for Global Virtual Assets.”

Beware! Scammers hacked an Indian Website with a Fake Azuki NFT Airdrop

by

Twitter scammers are on a hunting spree for verified accounts. This time it targeted the official Twitter handle of India’s University Grants Commission [UGC] on 10th April. The account which has around 2,96,000 followers was briefly compromised when unidentified hacker/s took control and posted a series of tweets tagging numerous unknown persons across the world.

The fraudsters changed the bio and profile picture replacing them with cartoonish images and a fake promotion of Azuki NFT airdrop. Around 6 hours after the breach, the official handle was restored.

Image

Lately, CryptoTwitter is being hijacked by NFT scammers who are targeting accounts with large followers in an attempt to make a quick buck via Azuki NFTs. They change profile pictures of the compromised account and pose as one of the co-creators of the Azuki project.

The scammers then flood the account with a secret airdrop of Beanz, an NFT drop that was given out to existing Azuki NFT holders. Through the hijacked accounts, the attackers trick people to claim a bean and connect their Ethereum wallets. Once gained entry into their wallets, the fraudsters promptly drain the NFTs from these wallets.

Among the compromised accounts was that of Emily Buder, the Senior Editor at Quanta Magazine. The tweet sent out from her account read,

Shh Secret Airdrop. For the next 24 hours, we are airdropping Beanz to all active NFT traders in the community! The Beanz will no longer be claimable after they have all been airdropped. Good Luck! #Azuki Claim A Bean azuki.team Welcome To The Garden.

Scammers used Phishing emails to hack into verified Twitter accounts

So far, in two confirmed cases, the owners of the compromised Twitter accounts admitted that the hackers could access their accounts through phishing emails, which seemed to originate from Twitter’s support time.

One journalist who wished to remain anonymous said their hacked account sent out over 6,000 tweets. These tweets then tagged several potential victims that the scheme targeted.

This attack rings similar to the ApeCoin [APE] scam, which also promised to airdrop APE to gullible users and saw bad actors walk away with NFTs worth over $1 million.

User s27 Lost His Bubble Gum BAYC NFT Worth $570,000 to a Scammer

by

Unknown BAYC NFT owner “s27” recently lost around $570,000 in NFTs. This was after he swapped his BAYC NFT and two Mutant Ape Yacht Club (MAYC) tokens for counterfeit NFTs that were cleverly disguised as real.

A “bubble gum ape” was among the NFTs that went missing. The user claimed to have completed the swap via the “Swap.Kiwi” NFT exchange platform. It allows for direct NFT exchanges between collectors while lowering transaction fees.

Thanks to his Discord channel programmed to watch BAYC and MAYC listings that are at least 5% below their floor price in Ether, crypto enthusiast “quit” (@0xQuit on Twitter) detected the likely fraudulent transaction first.

s27 adds to the victim’s list of the latest BAYC scam

“The pings are rare, but when they happen it generally means one of two things: somebody is panic selling, or somebody is compromised. When I saw the notification for #1584, I instantly knew it was the latter.”

@0xQuit tweet

Quit found that not only did the deceived user transfer his expensive NFTs to a fraudster, but he was also the one who initiated the exchange, as he revealed in a Twitter thread.

Quit then tracked down the scammer’s NFTs, which s27 had gotten following the trade. They all seemed to be authentic BAYC tokens, but they weren’t.

Kiwi uses a “green checkmark” to ensure that tokens are genuine.

However, the way the checkmark appears on the UI can be readily faked using a basic image editor, which is precisely what the fraudster did.

The scammer essentially downloaded several “jpegs” displaying a few high-priced BAYC apes and applied a false watermark to make them look legitimate when posted on Swap. Kiwi.

Shortly after receiving them, the fraudster sold the BAYC and two MAYC NFTs for 98.85 ETH, 23 ETH, and 25.25 ETH, totaling $521,000. Quit said these postings were lower than their respective floor pricing, putting s27’s potential loss at $570,000.

Meanwhile, holders of NFTs appear to be becoming a prominent target for fraudsters of all kinds, who, in turn, continue to come up with increasingly imaginative strategies for their schemes.

Avalanche Network-based Snowdog token tanks as developers relinquish ownership

by

The wfirst meme coin in the Avalanche network, SnowdogDAO (SDOG), slipped by more than 90% yesterday after being live only for eight days. While many call it the platform’s largest rug pull, the SnowdogDAO team said that event wasn’t a rug pull. They named the millions of dollars lost as a “game-theory experiment gone wrong.”

SDOG attracted a lot of attention in the community and was scheduled to end with the major buyback after an 8-day long operation. 

The huge buyback, which would be financed by assets of the Snowdog treasury through mint sales, was to be the experiment’s climax. The treasury market value increased to $44 million in just eight days, allowing holders to fight for a piece of those funds during the buyback.

The main reason for such a huge loss was that only 7% of the Avalanche-based meme coin supply was eligible to be sold above market price before the buyback. However, the founders neglected to reveal to the community, or at least had not made it explicit enough.

Snowdog built its own AMM based on Uniswap V2, moving all SDOG liquidity from popular Avalanche DEX Trader Joe to prevent front running.

Avalanche-based meme coin causes loss in millions

Hundreds of users lost their funds within the seconds of buyback launch when a single address managed to grab around $10 million by exchanging SDOG for other cryptos. This reduced treasury’s buyback power by 25%

The address purchased around $180,000 worth of the Avalanche-based meme coin just before the buyback event with MIM and staked the token. Within 24 hours, it was able to drain more than $10 million worth of MIM. Apart from this, two more wallets drained $7.7 million and $3.3 million using a similar method.

Many believe that the addresses which comprise the “7% mark” were associated with the owners of the development team.

The development team of the Snowdog came out with a post after the failed blowback to clarify that the event wasn’t a rug pull.

“We understand that the buyback experience created frustration as only 7% of the supply holders would benefit from a price superior to the market price before the buyback. We deeply regret not having communicated more on this. We should have warned the community about the risks that waiting for the buyback to sell represented.”

Snowdog development team said

However, it failed to convince the investors who lost their funds and believed that the actions were pre-planned.

EthereumX scam token jumps 70,000,000% in a day

by

A token named EthereumX (ETX) jumped by more than 70,000,000% in just over 24-hours, driving investors crazy over this bullish course of action. The token is a copycat of Ethereum, the world’s second-biggest cryptocurrency. Investors claimed to have witnessed the token reach as much as $50,000, generating instant millionaires.

Indeed the token is another scam that is made for the classic rug pull tactic. While the token’s bullish surge is something to admire, it seems that a glitch ticked off this scam event. If the price action was true, EthereumX would’ve broken barriers in the entire crypto industry.

According to a report presented by Watcherguru, the token reached $50,850 from $0.008945, generating a market capitalization of $4.4 trillion, which is nearly thrice of the world’s first and biggest cryptocurrency, Bitcoin. However, this seems to be a glitch from CoinmarketCap’s database and not an actual event.

EthereumX: another scam token

According to statements by members of the crypto community on Twitter, such scams have been prevalent in the crypto market for quite some time. Back in 2017, attempts were made to close the creation of such scam tokens. However, it seems that coins like EthereumX just keep popping up.

This shitcoin is up 66.5 million percent within the last 24 hours. Retail noobs be like: “ooooh wow! now looks like a good time to buy.”

said a Twitter user

These scam tokens need to be removed from the industry, and it seems that the government will have to take regulatory steps. The Infrastructure Bill that awaits President Biden’s approval is just one of the many regulatory processes against scam tokens.

Furthermore, another scam token, the Squid Game token, also ate millions of investors’ money as the token creators were not known. The website and the Twitter handle of the token responsible for promotions all vanished without a trace.

With such incidents prevailing currently, it is very important that every investor does their own research before trying their luck.

$3.6B in Bitcoin disappears with South African crypto exchange owners after “hack”

by

Cryptocurrency investors of South African exchange AfriCrypt have reportedly lost $3.6 billion in Bitcoin after what was first reported to be a hack. However, along with the funds, the two founders of the crypto firm, who also happens to brothers, have vanished and there is no trace of them yet.

This is another major incident after last year’s fall of another South African Bitcoin trader, called Mirror Trading International. The platform had suffered losses of 23,000 digital coins, that summed up to approximately a whopping $1.2 billion. Hence, it went on to become the largest hack of 2020. If the funds are not recovered, the Africrypt investors are at a risk of losing three times as much.

Biggest Bitcoin Hack?

It all started in April this year when Bitcoin was rallying to record-breaking numbers. Hence, the disappearance of nearly 69,000 Bitcoin could be essentially turn out to be the biggest-ever dollar loss in a cryptocurrency hiest.

Africrypt Chief Operating Officer and the elder brother Ameer Cajee notified clients that the firm suffered a hack. However, he advised them to not report the incident to lawyers and authorities, as it could impede the recovery process of the missing funds. This message was sent on the 13th of April at a time when the crypto exchange raked in around $3.6 billion in Bitcoin.

However, not all of the investors compiled with this request. Some of the ones involved with the exchange also went on to onboard a law firm, Hanekom Attorneys. Additionally, a few also initiated the liquidation proceedings against Africrypt. After the Cape Town-based law firm failed to trace the two brothers, they alerted the South African police force, Hawks. Furthermore, it notified other cryptocurrency exchanges across the world if the brothers attempted to convert the coins to fiat.

However, the investigations also revealed that Africrypt’s pooled funds were moved from its South African accounts and client wallets. To top that, the digital coins were put through tumblers and mixers to essentially make them untraceable. The law firm was quoted saying,

“Africrypt employees lost access to the back-end platforms seven days before the alleged hack”

SEC Charges Three Persons in Digital Asset Frauds of Over $11 Million

by

The US Securities and Exchange Commission [SEC] has charged three individuals on the 1st of February with defrauding hundreds of retail investors of $11.4 million via the 2018 B2G token offering advocated by Hollywood actor Steven Seagal.

The accused were involved with the now-defunct crypto projects called Bitcoiin2Gen which was the 2018 initial coin offering for the Steven Seagal-promoted altcoin and Start Options.

Kristina Littman, Chief of the SEC Enforcement Division’s Cyber Unit was quoted saying,

“The conduct alleged in this action was a blatant attempt to victimize those interested in digital asset technology and these defendants should be held accountable. In reality, we allege, these ventures were fraudulent enterprises aimed simply at misappropriating funds from investors.”

According to SEC’s complaint, Kristijan Krstic, the founder of Start Options and Bitcoiin2Gen, and John DeMarr, the primary U.S.-based promoter for these firms, fraudulently persuaded the investors to purchase digital asset securities from approximately December 2017 through May 2018.

The US watchdogs further alleged that Krstic and DeMarr also claimed Start Options’ purported digital asset mining and trading platform from December 2017 through late January 2018.

The SEC further noted that the two individuals in question allegedly went on to assert that that Start Options was “the largest Bitcoin exchange in euro volume and liquidity” among other claims and also promoted Bitcoiin2Gen’s unregistered initial coin offering [ICO] of digital asset securities known as B2G tokens.

The third individual in the SEC’s complaint was Robin Enos who worked with DeMarr and was accused of drafting sham promotional materials that Enos had known would be circulated to the investors. It further noted that the fraudulent materials included several fake statements including that the B2G tokens would be deliverable on the Ethereum blockchain, that the invested funds would be utilized to develop a cryptocurrency that was “mineable,” and that the tokens would be tradeable on a proprietary digital asset trading platform at the platform’s supposed ‘launch’ in early April 2018.

“In reality, the complaint alleges, these claims about the B2G tokens were false, Bitcoiin2Gen was a sham, and Krstic and DeMarr allegedly misappropriated millions of dollars of investor funds for their own personal benefit.”

UK’s FCA Claims Fintech Firm Lanistar Has Not Received Regulatory Sanction, Company Responds

by

The rapid growth of the fintech industry has grabbed the attention of financial regulators all over the planet with the discussion around privacy taking priority. Europe is one of the few regions where the financial ecosystem has been taken over by digital innovation with some players trying to fly under the regulatory radar.

On Wednesday, the United Kingdom Financial Services Authority issued a warning to fintech company Lanistar for launching services without the body’s approval. The FCA stated that organizations will not be allowed to run investment scams under the pretense of nascent technologies.

Lanistar had recently made waves in the fintech space when several digital influencers posted about the fintech firm’s product on their social media handles. Some of these ‘celebrities’ even posted the new Lanistar digital card promo without clearly stating that it was an advertisement. As soon as the FCA got wind of the product, the government watchdog issued the aforementioned notice.

According to the FCA statement:

“ This firm [Lanistar] is not authorised by us and is targeting people in the UK. Based upon information we hold, we believe it is carrying on regulated activities which require authorisation. [S]ome firms act without our authorisation and some knowingly run investment scams”.

Lanistar claims to help customers better manage their facilities using their native polymorphic technology and an open banking system. The firm had earlier released statements citing FCA approval which seems to have come under fire after the latest warning. FCA officials have taken a stand that the services do not come under any audit conducted by them.

Founded by entrepreneur Gurhan Kiziloz, Lanistar has made its voice clear during the controversy. Lanistar said that they were aware of the notice and insisted that all of the company’s workings came under the legal prerogative. As of now, the company is set to contact the FCA and provide a clear answer to its user base.

Report: North Korea Hacking Group Targeting Government COVID-19 Stimulus Checks

by

Popular North Korea hacking group, Lazarus Group, is preparing to launch a massive cyberattack this weekend. According to a report by the Internet security company Cyfirma, the infamous North Korean hacking group, the attack will take place after the government distributes the COVID-19 stimulus checks.

The notorious hacking syndicate may target Americans who are recipients of government stimulus checks, and all the recipients of stimulus checks worldwide. The group has planned a phishing strategy according to the report, targeting some specific 5 million individuals and companies, bridging across the United States, UK, Japan , India, Singapore and South Korea.

North Korea hacking group plans to impersonate government officials

The internet security firm anticipates the group to launch the attack this weekend for two days, impacting small, medium, and large businesses, on top of individual people. The plan is to lure these individuals by mimicking a government official, or the governing body in the victim’s country.

According to Cryfirma, if the individuals fall for the trap, they may then disclose information that the North Korea hacking group can use to access vital accounts. The report reads: 

“The hacking campaign involved using phishing emails under the guise of local authorities in charge of dispensing government-funded Covid-19 support initiatives. These phishing emails are designed to drive recipients to fake websites where they will be deceived into divulging personal and financial information.”

Massive phishing strategy

Every nation included in the report is undertaking some stimulus, either for businesses, its citizens, or even both of them. All the strategies outlined by Cryfirma in the report involve luring the victims by extra payouts, to squeeze out more private information, maybe to sell on the dark web.

Furthermore, the internet security firm has highlighted some emails that are likely to be used in the phishing plan. Cryfirma has identified the following emails as impersonator accounts:

covid19notice@usda.gov;

ccff-applications@bankofengland.co.uk;

covid-support@mom.gov.sg; 

covid-support@mof.go.jp; 

ncov2019@gov.in; 

fppr@korea.kr.

Austrian Government Funds QualiSig, a Blockchain Project to Create the Covid-19 App Prototypes

by

Criminals worldwide are using the Covid-19 pandemic to scam unsuspecting people. Anti-scam campaigns are being promoted by authorities and governments and people have been advised to be alert and report any suspicious cases. The Austrian government, meanwhile, is taking a different approach to dealing with fake news, health data, and fraud prevention. The Government has granted $67,600 to an initiative called QualiSig through the Federal Ministry for Digital and Economic Affairs. The initiative will exploit aspects of Austria’s digital identity system to design three prototypes of COVID-19 apps. These three prototypes will enable the government to curb fraud and scams.

Fraud Prevention During Pandemics

 

Fraud Goes Viral, according to a Forbes article; a UK-based association for fraud prevention warned individuals of a growing amount of schemes where criminals are taking advantage of the pandemic. The article mentioned phone calls, the internet, text messages, and direct door-to-door visits as some of the means fraudsters use to get data, cash or initiate identity theft.

Therefore, QualiSig will study all these approaches and attempt to design a system that will perform identity verification ensuring that Covid-19 door-to-door testers will not fall prey to fraudsters. The initiative has already begun, and three application prototypes are being tested.

The prototypes will, in fact, request that testing agents display a unique QR code.Using a mobile application, a person being tested scans the QR code and the application directs them to a page for verification. The verification page reveals the tester ‘s identity and highlights their responsibilities. The page will also reveal a public authority digital signature and maybe some more signatures from a government health agency or the Red Cross.

That being said, the applications will only be live after eight months. Alexander Pfeiffer, one of the developers says; app applications are boundless and not limited to the Covid-19 cause alone.