Category: Scams

Scam Warning: Fake Crypto Hardware Wallets Sent to Ledger Customers

Post author By José Oramas
Post date June 24, 2021

Last year, hardware wallet provider Ledger suffered an internal breach of security resulting in the exposure of 250,000 to 1,000,000 customer email addresses. In some cases, the information leaked included full names and addresses. A class action is under way, but the after-effects linger.

Initial Concern Regarding Bad Actors

Since self-custody and privacy remain crypto’s greatest drawcards, the initial concern was that the information would be used by malicious actors to separate users from their crypto holdings.

Within a short space of time, Reddit users described various phishing attempts (such as links to the “latest software upgrade”) and death threats (so-called “$5 wrench attacks”). At the time, users quite reasonably began asking questions as to whether or not Ledger was a secure hardware wallet.

Unsurprisingly, once leaked private information becomes available in the public domain, the consequences are likely to linger. Ledger’s 2020 data breach is no different as the ramifications persist.

Latest Fraudster Activity

Recently, Ledger customers have revealed a new and sophisticated effort by fraudsters involving fake hardware wallets being sent to exposed Ledger customers’ addresses.

https://twitter.com/BitcoinMagazine/status/1405572965480153095

Overlooking the fact that Ledger is unlikely to ever send a “new” unsolicited hardware device to its users (much less one that is unsealed/damaged), the clear giveaway in this instance was a single use of slang in the letter:

… For this reason, we have changed our device structure. We now guarantee that this kinda [emphasis intentionally added] breach will never happen again.
Extract from fake Ledger letter

In addition to examples such as that outlined above, some users have also described fake hardware being sent with a pre-installed recovery seed:

https://www.reddit.com/r/CryptoCurrency/comments/o609v2/hardware_wallet_scam/

How to Avoid Getting Scammed

Unfortunately, scammers continue to thrive and innovate within the crypto space. In 2020 alone, Australians lost $26 million in Bitcoin to scams.

The good news, however, is that there are some basic principles within the domain of hardware wallets that dramatically reduce the prospects of being scammed:

Only buy hardware directly from the manufacturer or authorised reseller
Never buy a used device
Make sure the packaging has not been tampered with
When starting the device up, make sure there aren’t any error messages that could be evidence of tampering
Remember that no hardware wallet comes pre-installed with a 24-word recovery phrase.

Bitcoin Hackers Scams

$11 Million Ransom Paid in Bitcoin By World’s Largest Meat Producer

Post author By Cristian Lipciuc
Post date June 12, 2021

JBS SA – a Brazilian company that processes meat largely sourced from Australia in order to sell it in the Americas and Europe – paid a ransom of $11 million worth of BTC to cybercriminals in order to stave off future attacks.

The cyberattack was identified on May 30 and caused about a full work day’s worth of damages across all plants. However, the company’s encrypted servers were not affected, allowing them to ramp production back up without too much of a hassle.

JBS SA in Brazil [source]

‘It Was Very Painful to Pay the Criminals’

Andre Nogueira, CEO of the company’s US division, JBS USA Holdings, said JBS SA decided to pay the ransom in order to prevent more attacks like those that knocked out its plants last week.

It was very painful to pay the criminals, but we did the right thing for our customers.
Andre Noguiera, CEO, JBS USA

However, he also stated that the payment was made only after functionality was restored to most of the processing plants with the aid of encrypted backup systems.

In order to make up for lost time, some of the processing plants scheduled 10-hour shifts – including weekends. By June 10, all JBS plants were reported to be functioning normally.

Cyber Security Needs Improving

Following the attack, lawmakers in US states reliant on agriculture have spoken out about the need to overhaul practices in the industry, claiming antiquated procedures leave the door open to attacks like these.

This problem affects multiple industries, though – the bad actors who shut down a major US gas pipeline last month were most likely able to gain access due to obsolete cybersecurity measures.

Every hack that is successfully paid off with a cryptocurrency becomes an advertisement for more hackers to try more cyberattacks.
US Senator Elizabeth Warren

Last year, Aussie TV stations were taken down by bad actors demanding BTC as a ransom, and new malware known as Egregor has been making the rounds of companies in the gaming industry.

Cryptocurrencies Cryptocurrency Law Scams

China Police Arrest 1,100 People For Crypto-Related Money Laundering Charges

Post author By Cristian Lipciuc
Post date June 10, 2021

In the 5^th round of an operation named “Operation Card Breaking” by local authorities, the Chinese police force has arrested over 1100 people for offences combining SIM card fraud and money laundering via crypto.

China has been cracking down on crypto-related activity for a while now – but this time the crackdown is not targeting traders or miners.

Black Market SIM Cards Used to Launder Money Through Crypto

In China, access to extra SIM cards is restricted. Seeing as in China your phone number is more or less tied to your identity due to the prevalent use of apps like WeChat Pay, many bad actors attempt to dodge these identity checks via the SIM card black market.

The Chinese government has been heavily targeting this market throughout 2020 and 2021 – and this time, the people arrested were allegedly using these black market SIM cards to launder money through cryptocurrency.

In this case, most of the arrests targeted “independent contractors” who would use the aforementioned SIM cards to sign up on crypto exchange platforms, after which money launderers would give them cryptocurrencies to trade.

Once the fences had moved the crypto around and split it up into multiple currencies – both crypto and fiat – the funds would be sent to wallets and bank accounts designated by the money laundering rings, sans a commission fee ranging between 1.5 and 5%.

Organised Crime Rings Brought Down

Much like the warrants served for an illegal crypto gambling ring back in April, these arrests targeted organised crime syndicates.

The arrests in the cities of Hangzhou, Shaoxing, Anhui, Hefei, Hunan, and Changsha were announced by the Ministry of Public Security on their official WeChat account.

Australia Bitcoin Data Scams

Australians Lost $26 Million in Bitcoin to Scams in 2020, Report Shows

Post author By Jody McDonald
Post date June 10, 2021

A new report from the Australian Competition and Consumer Commission (ACCC) published on June 7, 2021, shows scammers are now commonly receiving money from victims via crypto.

Bank transfer remained the most common payment method used in scams, with just over $97 million lost (a 40 percent increase). Bitcoin was the second-highest payment method, with $26.5 million lost.
Targeting Scams Report (page 14)

The Targeting Scams Report reveals that Australians lost over $850 million to scams in 2020. The figure is based on combined data from Scamwatch, ReportCyber, government agencies, banks, and payment platforms.

Targeting Scams Report (Page 19)

According to the report, it’s not surprising non-traditional payment methods are seen as ideal pickings by scammers. It states: “The perceived anonymity of unregulated cryptocurrencies can impede the ability to recover funds or identify scammers.”

Scammers Take Advantage of Rising Interest in Crypto

Scams resulting in the highest losses in 2020 included investment scams, romance scams, and business email compromises.

Many scammers used the COVID-19 pandemic as a ruse to separate people from their hard-earned cash. But Bitcoin and other cryptocurrencies were also a popular way to lure victims via various types of scams.

As financial analyst Martin North has previously warned crypto enthusiasts, the increasing value of crypto also brings out more ‘bad actors’ seeking naive investors.

Report Findings Explained

Scams relating to Bitcoin feature in multiple case studies included in the ACCC report, including:

Investment scams: Featuring sophisticated fake trading sites. ACCC says it’s increasingly difficult for people to identify legitimate investment opportunities – this type of scam resulted in record losses of $328 million in 2020.
Celebrity endorsements: Where images of public figures such as TV host David “Kochie” Koch promote fake websites and trading bots. For instance, Dick Smith’s likeness was used to defraud would-be cryptocurrency investors via ads on The Guardian website.
Romance baiting scams: Striking up a connection via dating apps and then convincing the target to invest money, often in cryptocurrency. ACCC’s report found that people aged 25-34 lost the most money ($7.3 million) to romance baiting in 2020.
Government impersonation scams: Where the scammer contacts a victim over the phone claiming to be from a government agency investigating fraud, and demanding victims deposit money via a Bitcoin ATM.

Bitcoin investment scams were also one of the most common types of scams reported that occurred on social media sites, according to the report, which shows losses to social networking scams increased more than 22 percent in 2020.

Other scams Crypto News Australia has reported on previously that investors should be wary of include fake invoice scams that targeted Tesla buyers, and dusting attacks – where very small amounts of crypto are added to a person’s wallet in an attempt to de-anonymise it.

If you spot a scam you can report it at www.scamwatch.gov.au.

Crypto News Scams

The SEC Files a Lawsuit against Five People Linked to BitConnect

Post author By José Oramas
Post date May 31, 2021

The Securities and Exchange Commission has filed a lawsuit against five individuals linked to BitConnect for promoting and selling unregistered securities.

$2B in Unregistered Sales

According to the filing, the SEC stated that BitConnect’s lending program constituted a $2 billion USD unregistered securities offering ever since the platform was not operating with a broker-dealer license.

Four BitConnect promoters —Trevon Brown, Craig Grant, Ryan Maasen and Michael Noble— plus Joshua Jeppesen are now facing disgorgement (repayment of ill-gotten gains) plus interest, injunctive relief and civil penalties. In particular, Jeppesen served as a liaison between BitConnect and its promoters and represented the company at promotional events and conferences.

We allege that these defendants unlawfully sold unregistered digital asset securities by actively promoting the BitConnect lending program to retail investors. We will seek to hold accountable those who illegally profit by capitalizing on the public’s interest in digital assets.
Lara Shalov Mehraban, Associate Regional Director of SEC’s New York Regional Office

As reported, the Australian Securities and Investments Commission accused John Bigatton, a former BitConnect promoter, of ripping off small investors in Australia, back in 2017/2018. Despite the various counts of financial crime, Bigatton pleaded not guilty at Downing Centre Local Court.

Biggest Scam in Crypto History?

Carlos Matos, leader of BitConnect, during an event

BitConnect has been considered one of the largest scams in crypto history. The platform debuted in 2016 with great success but shut its lending platform in 2018 following allegations of fraud and warnings from regulators.

The scam has also been compared to OneCoin, a Ponzi scheme promoted as a cryptocurrency, which had connections with Phoenix Holding Group Ltd — a Dubai-based company recently accused of money laundering through horse racing in Australia.

Crypto News Hackers Scams

Beware of “The Dusting Attack” Hackers Are Using to Break Blockchain Privacy

Post author By José Oramas
Post date May 27, 2021

Dust attacks have become a popular way of malicious activity for hackers trying to break blockchain privacy. Dusting was used at first by programmers performing stress tests on a network and email blasts, but scammers are now using it to unmask address anonymity.

What is a Dusting Attack?

Crypto dust is referred to a very small amount of a certain coin or token, which could accumulate in a wallet for example as a result of airdrops or rounding of transactions.

Users sometimes don’t notice crypto dust because it tends to have very little fiat value. Certain wallets and exchanges even have functions to hide small balances. For example, the smallest unit into which a Bitcoin (BTC) can be subdivided is 0.00000001 BTC (by design). Usually referred to as 1 satoshi, it is currently worth around $0.0005 AUD – in other words, it would take about 20 satoshis for 1 cent AUD.

Dusting basically means sending a tiny amount of cryptos to various wallet addresses in an attempt to deanonymise them. By linking together the addresses of a given crypto asset, the hackers then track down the transactional activity of the corresponding wallets, analysing every address while looking for clues to identify the person or company behind each wallet.

An example of dust attack transaction [source]

This manuver does not give the attacker access to your funds, as if you were under attack instead. Dusting could only allow guessing the identity behind those addresses.

Scammers and criminals are not the only ones to perform these kinds of activities, though. Law enforcement agencies could use this technique to bind an individual or even criminal organizations to an address, for example to target money launderers, contraband, or any large criminal network.

Dusting Attacks on the Rise

A reason why these malicious attacks are becoming so popular for hackers is that traders and large holders don’t seem to pay much attention to the small amount of tokens showing up in their wallet addresses.

Dust attacks were first seen on the Bitcoin network but are quickly expanding to Litecoin, BNB (Binance Coin) and other cryptocurrencies. A popular example of a dust attack occurred in late October 2018, when Samourai Wallet developers warned some users were under dusting attacks.

If you have recently received a very small amount of BTC in your wallet unexpectedly, you may be the target of a "dusting attack" designed to deanonymise you by linking your inputs together – Samourai users can mark this utxo as "Do Not Spend" to nip the attack in the bud. pic.twitter.com/23MLFj4eXQ
— Samourai Wallet (@SamouraiWallet) October 25, 2018

How to Protect Yourself Against Dusting?

First, get an export of your addresses and review the balances in each one. Check your addresses on a block explorer like Etherscan.io or Blockchair.com to see if you’re under attack.

To spot one, a dust transaction typically has one address on the sender side and hundreds or thousands of addresses on the other with the same small traces ent to them.

If you have been “dusted”, look for wallets that show dusty UTXOs (unspent transaction) and mark them as “do not spend” if your wallet or exchange allows you to do so. This will prevent them from being used for later transactions.

Notice the BTC trace behind the pop-up window [source]

You can also use a hardware wallet to protect yourself as well – while expensive, they can be safer storage for your private keys.

Crypto News DeFi Hackers Scams

DeFi100 Goes Down, Claiming They Were Hacked And Haven’t Rug-Pulled

Post author By Cristian Lipciuc
Post date May 24, 2021

Question mark neaon photo https://unsplash.com/photos/8xAA0f9yQnE

DEFI100 (D100), a DeFi project dealing with virtual assets, has gone down.

At the time of writing, visitors to the DeFi project’s website are being displayed a “404 – Not Found” message.

Error “404 – Not Found” on Defi100.org

It is not clear whether D100 has gone down as a result of a hack, or if instead the project has done a so-called rug pull – that is, an exit scam by intentionally becoming unavailable, disappearing with all of the funds.

$32 Million USD Estimated Vanished

Similar to other times where DeFi projects were messed with, the bad actors accompanied their misdeeds with a little taunting. An analyst know as CryptoWhale on Twitter has shared the news, speculating $32 million USD in investor funds have been siphoned off.

REMINDER: As the bull market fades, many projects will too! Expect a huge increase in exit scams over these next few months.

Never invest in projects that are very new, with anonymous teams, made as memes, and have a lack of real utility. Stay safe everyone!
— Mr. Whale (@CryptoWhale) May 22, 2021

The team behind D100 claims instead they have been hacked, with the malicious actors leaving a message (which has been taken down).

The website was hacked yesterday and the message was shown by the hackers. It has been taken down.
— DEFI100 (@DEFI100) May 23, 2021

They have also publicly stated that the rumours of rug-pulling are utterly false and they are trying to bring the project back up and running.

2/2 Thirdly, total tokens sold during IDO were 750,000 at $0.80 per token.

These facts are available in public for checking their authenticity. The rumours of stealing $32 million are absolutely false and baseless.

We reiterate it again that we have not made any exit.
— DEFI100 (@DEFI100) May 23, 2021

2/2 Yes, our investors faced huge losses as project failed to achieve what we hoped for. But there is no exit scam and we are still working on finding a way to bring the project back on its feet.
— DEFI100 (@DEFI100) May 23, 2021

It is worth remembering that this is not the first time a DeFi project is suffering this kind of situation. However these claims are being treated with great suspicion by Twitter users, with some arguing this is just a cover-up before maybe an even bigger heist is pulled off.

DYOR Reminder

Whether the project stole the funds or just suffered an attack by anonymous bad actors, the website remains down and the price of D100 has plummeted by over 50 percent, currently being traded around $0.08 AUD.

The same analyst who broke the news also reminded everyone to be wary of shady projects with anonymous devs, especially in periods of bear market – which might encourage malicious players to take their bags and go home. As always, Do Your Own Research.

Crypto News Cryptocurrencies Scams

1000’s Of Personal Data Possibly Leaked By Mobile Crypto Mining App Pi Network

Post author By Robert Drage
Post date May 20, 2021

Pi Network, a mobile cryptocurrency mining app that leverages social connections, has been connected to a personal information data leak.

The Know Your Customer (KYC) checks of Vietnamese citizens were put up for sale on a hacker forum last week.

Personal Information Leaked

A local news outlet in Vietnam reported that an estimated 10,000 identity card information, home addresses, phone numbers, and email addresses were put up for sale on RaidForums, a database marketplace of breaches and leaks. The account selling the data admitted to accessing the data via Pi Network, and was selling the information for $9,000 USD payable in Bitcoin (BTC) or Litecoin (LTC).

The Vietnam Ministry of Public Security’s cybersecurity division has since launched an investigation into the matter, also making remove the post from the site in the meantime. An estimated 17 GB worth of Vietnamese personal information was put on the marketplace, potentially connected to up to 10,000 people according to a cybersecurity expert that contacted the account.

Leak Might Not Be From Pi

Some proponents of the network don’t believe that the Pi Network is to blame for the data breach, since the platform doesn’t directly verify its users’ info nor does it require pictures of identity cards. But basic information is required when registering on the Pi app.

The KYC of the Pi Network is processed through a third party called Yoti. The digital verification site accepts passports from 200+ countries, and Vietnam is indeed one of them. However, Vietnamese identity cards are not accepted.

To perform KYC verification on Pi Network, Vietnamese would need to use their passports. Only some users who used earlier versions of Pi could perform KYC verification using their driver licenses, but so far the system has yet to accept Vietnamese identity cards.
Phien Vo, Pi Network group moderator

This means that the identity card information could also have been leaked from another source. Authorities are trying to uncover the mystery.

Is The Network a Pi In The Sky?

Pi Network proposes a new method of mining its own cryptocurrency, using social connections rather than a Proof-of-Work approach like Bitcoin.

Instead of burning energy as proof of work cryptocurrencies like Bitcoin do, Pi secures its ledger when members vouch for each other as trustworthy. This forms a network of interlocking “security circles” that determines who can execute transactions. This novel approach allows crypto mining on your phone by leveraging your existing social connections, with no financial cost, no battery drain and a light footprint on the planet.
FAQ page at minepi.com

Pi Network has received several critiques hinting at a possible scam – these are some major points that are focused on:

Pi cryptocurrency is not yet traded on exchanges, it cannot be withdrawn and it has no practical value
Users have no access to their private/public keys (until mainnet launch)
Mining rates increase by referring other people and earlier members benefit from a higher mining rate (MLM-esque approach)
Pi app is designed to collect personal information (requires email, cellphone number, full names to register) and Pi crypto can only be claimed after successful KYC (with ID or Passport)

Pi Network’s data collection approach is similar to other social networks like Facebook in the sense that they collect almost all data they can get from users and use them in optimizing advertising.
Cem Dilmegani, Founder of AIMultiple [source]

However, some of these issues are addressed in the white paper, for instance the token will be launched on exchanges when mainnet is launched. According to the community Pi is now in Phase 2, busy testing the Pi wallet.

17m+ Million Engaged Pioneers!

Mine at a higher rate while you can. The mining rate may halve or fall to zero at Mainnet and when Pi reaches 100m engaged Pioneers. Don't miss out! pic.twitter.com/ku9mIatsT7
— Pi Network (@PiCoreTeam) May 10, 2021

The paper also stipulates that “Pi Node uses a different consensus algorithm based on the Stellar Consensus Protocol (SCP). In SCP, nodes form trusted groups (quorum slices) and only agree to transactions that those trusted nodes agree to.“. This is how your mining rates increase by adding contacts (people you know) to a larger security circle to form these trusted groups.

There seems to be a lot of speculation about the Pi Network, but it seems only time will tell how much utility the network actually has with the launch of its mainnet.

As always, remember: DYOR [Do Your Own Research].

Australia Crypto News Scams

Australian BitConnect Promoter Pleads Not Guilty In Ongoing Court Battle

Post author By José Oramas
Post date May 14, 2021

Alleged former BitConnect promoter John Bigatton pleaded not guilty at Downing Centre Local Court, according to his lawyer.

Bigatton, 52, was one of the promoters of BitConnect, a cryptocurrency project that turned out to be one of the biggest Ponzi schemes in the history of crypto.

Bigatton Charged with Defrauding Australian Investors

The Australian Securities and Investments Commission accused Bigatton of ripping off small investors in Australia back in 2017/2018, besides various counts of financial crime. Bigatton is facing six charges that could give him up to 10 years in prison.

Bigatton’s lawyer, Liam Macandrews, told the court his client will maintain his not guilty pleas. Magistrate Jennifer Atkinson approved Bigatton’s pleas, however, he will next appear in the District Court on June 11 to face trial without bail.

BitConnect: Greatest Fraud in Crypto History?

Bigatton was a promoter of BitConnect in Australia before its collapse in early 2018. BitConnect, a cryptocurrency and crypto exchange, had an estimated market cap of more than US$2.5 billion in December 2017.

BitConnect became wildly popular through aggressive propaganda and offering attractive returns to investors. It went from US$0.16 to $436 in 2017 but crashed as soon as U.S. authorities came in as BitConnect was an unregistered exchange.

1 hour of Bitconnect guy screeming – [Youtube]

Carlos Matos, the leader behind BitConnect and famous for the “yell BITTCONNEEEECCTTTTT!” phrase, disappeared since the platform was shut down, only to reappear in 2018 as a health promoter, trying to leave behind his reputation as a crypto scammer.

Blockchain Crypto News DeFi Scams

DeFi Company Rari Capital To Reimburse UpTo $26 Million After Getting Hacked For 2600 ETH

Post author By Cristian Lipciuc
Post date May 11, 2021

Hacker binary attack code https://unsplash.com/photos/iar-afB0QQw

Last weekend, Rari Capital was hit with an attack that left them down by 2600 ETH – which was around 60% of all user funds in the Rari Capital Ethereum Pool.

A DeFi company that automates yield farming by rebalancing users’ funds and pools, the attack seems to have been carried out by “evil contract” exploits affecting the HomoraBank contract.

There has been an exploit in the Rari Capital ETH Pool related to our @AlphaFinanceLab integration.

The rebalancer has removed all funds from Alpha in response.

We are currently investigating the situation and a full report will be shared once everything is assessed.
— Rari Capital (@RariCapital) May 8, 2021

However, Alpha Finance Lab itself seems to not have been affected.

Funds are SAFE on #AlphaHomora.

We are notified that @RariCapital has suffered from an exploit that was due to the incorrect assumption when using HomoraBank contract, as they were setting up an ibETH pool on their platform.#Alpha team is here to help.
— Alpha Finance Lab (@AlphaFinanceLab) May 8, 2021

The hacker’s message

Currently in possession of an ETH wallet recently emptied into Tornado.Cash Proxy transactions, the hacker took the time to leave a tongue-in-cheek message to the recently attacked DeFi firm.

The hacker has left a base64-encoded message saying

rari=REKT
alpha=ok # saved rari 6mhttps://t.co/WQpiPksDOX pic.twitter.com/ruMH8Wam5s
— banteg (@bantg) May 8, 2021

However, the message also seems to indicate that Alpha Homora’s security prevented Rari from taking yet another $6 million in losses.

In an update by the founder of Rari Jai Bhavnani, holders of the DeFi firms tRGT token will be able to claim reimbursement in RGT – up to a total sum off all reimbursed losses of $26 million.

While it was indeed initially meant to scale the team, all of the protocol contributors have elected to give that 2M $RGT back to the DAO with the ask of using the newly acquired $RGT to reimburse lost funds and reward those that helped in the war room.
Jai Bhavnani, founder of Rari Capital

The price of RGT dropped steeply after the attack, losing nearly half of its value. Reportedly it has been proposed that the reimbursement funds will be taken from the developer incentive stash held by the DeFi company, in possession of 1% of all RGT.