Scam

An Australian crypto fund manager has pleaded guilty in a US court for the theft of almost $90 million of investor’s money.

Stefan He Qin was charged with defrauding clients over a three year period between 2017 and 2021 through two cryptocurrency hedge funds that he founded. The US Securities and Exchange Commission (SEC) began investigating one of the 24-year old entrepreneur’s businesses, Virgil Capital LLC, in December last year.

It was discovered that Qin had attempted to funnel money from his second fund, VQR Multistrategy, to pay investors of the Virgil Sigma Fund. However, after years of risky investments and frivolous spending, much of the funds were gone, leaving investors empty-handed.

Judge Valerie Caproni found Qin guilty of the charges on 4 February 2021 brought forward by the United States Attorney’s Office for the Southern District of New York. US Attorney Audrey Strauss said Qin is now awaiting sentencing after being found guilty of draining “almost all of the assets from the $90 million cryptocurrency fund he owned, stealing investors’ money, spending it on indulgences and speculative personal investments, and lying to investors about the performance of the fund.”

Special Agent Peter C. Fitzhugh who had been investigating the case reiterated the charges, stating that Qin had been using investor’s funds to “live his extravagant lifestyle.”

“Qin orchestrated this reprehensible criminal scheme for many years, making misrepresentations and false promises that coaxed investors into pouring millions of dollars into fraudulent cryptocurrency firms, all the while stealing the hard-earned money of his investors,” he said.

Crypto Scams on the Rise

The case is reminiscent of the recent Mirror Trading International (MTI) scam perpetrated by South African Johann Steynberg. In December last year, Steynberg reportedly fled South Africa after the country’s financial regulator began investigating his company. The Financial Sector Conduct Authority (FSCA) found evidence suggesting that MTI’s broker, Trade 300, was owned and operated by Steynberg.

Despite several warnings issued during 2020, clients continued to invest money into the firm, which promised unrealistic returns of up to 10 percent monthly. The unlicensed firm has now gone into liquidation, with assets worth approximately $863 million unaccounted for.

“There were no proper accounting records and Bitcoin was transferred in and out,” FSCA executive Brandon Topham told Bloomberg. “Thus no definitive answer currently exists as to how much Bitcoin was actually invested but is in the region of 23,000 plus.”

Due to fraudsters taking advantage of the panic and uncertainty brought about by the ongoing pandemic, law enforcement agencies around the world reported a rise in financial scams in 2020. Scams such as these are likely to continue throughout 2021.

Buying and holding Bitcoin (BTC) or any other cryptocurrency might be an easy thing to do, but it does require a great level of vigilance to ensure you don’t lose them to cyber-scams. Hackers are becoming a big threat to the growth and development of the crypto industry. Today, a Bitcoin investor reportedly lost about US$50,000 life saving to hackers in a recent Ledger wallet attack.

Hey @Ledger you need to keep sending phishing warnings to all of your customers!

People are losing their savings because of the hack!

Get in front of it, continually send out purposeful emails to your customers *just* about the hack!

Be a good steward! You need to do better. pic.twitter.com/AlNCMbIBST
— Brad Mills ✍️🔑 (@bradmillscan) December 9, 2020

Ledger Phishing Scam

Ledger is one of the biggest hardware wallet providers for storing cryptocurrencies offline. About a month ago, the company’s marketing/sales database was breached by hackers, exposing the customers’ contact information to the bad actors. This allowed the attackers to unauthorizedly send false and malicious messages to the wallets users’ who gave Ledger their contact details before the database was breached.

Part of the phishing message sent to Ledger users reads: “Our forensics team has found several of the Ledger Live administrative servers to be infected with malware.” While the message looked professional, the content was false. A few customers were able to spot the attack and raised an alarm. However, the attackers recently changed the content of the message, telling customers that their wallet has been disabled due to know-your-customer (KYC) regulation.

US$50,000 in Bitcoin Gone!

As Brad Mills tweeted on Tuesday, the recent message tricked the Bitcoin investor into sending his life savings to the Ledger phishing scammers. According to Mills, Bitcoin investors must be extra vigilant to overcome social engineering hacks, not just being your own bank. One other proven approach all crypto investors must know is not to input their wallet key phrase in any link or website if they must avoid losing their funds in crypto.

Those key phrases are to be directly entered on the wallets, in this case, the Ledger device.