Bitcoin Scam Exposes Thousands to Data Breach

Published at: June 30, 2020

Fraudulent websites successfully have stolen the personal records of a number of individuals from the United Kingdom, Australia, South Africa, the United States, Singapore, Malaysia, Spain and more. The attack was executed as a targeted multistage Bitcoin (BTC) scam propagated by a number of fraudulent websites.

According to the Singapore-based intelligence company Group-IB, the attack exposed personal data for thousands of people.

Impersonating recognized media outlets and personalities

Victim's phone numbers, which in most cases came with names and emails, were contained in personalized URLs used to redirect people to websites. These sites posed as local news outlets, even going so far as to include fabricated comments from prominent local personalities.

Analysis conducted on the leaked numbers allowed Group-IB to establish where the majority of the data had leaked from. They discovered that the U.K. was the most affected location with 147,610 personal records.

The report details that victims commonly received a text message, or SMS, which mentioned the name of the recipient. This was followed by a phishing message that was meant to impersonate a recognized media outlet.

Ilia Rozhnov, the head of Group-IB's brand protection team in the Asia Pacific, told Cointelegraph:

"Fraudulent schemes have become more complicated. They now involve several stages, complex distributed infrastructure, and abuse of personal and corporate brands that is hard to track down and block using traditional detection methods. Companies and celebrities whose names were hijacked by fraudsters suffer reputational damage and face diminished customer trust."

Different names for the same fraudulent investment platform

Researchers spotted six active domains featuring the same Bitcoin investment platform. Each operated under a different name. Some of these include Crypto Cash, Bitcoin Rejoin, Bitcoin Supreme and Banking on Blockchain.

Group-IB added:

"Further analysis of the URLs revealed that a short link takes a victim to another URL which already demonstrates their personal data, such as the phone number, first or/and last name, and sometimes an email address, and used for redirects to fake websites masquerading as a local media outlet. [...] The experts believe that the personal information info could have been obtained by fraudsters through a separate fraudulent scheme or simply bought from a third party."

The Group-IB team has analyzed the exposed info using a number of data breach repositories. They have also analyzed several underground marketplaces for the presence of this data. So far, they have not found any traces of the exposed info.

As of press time, the source of the leak has not been established. The team has reported the study’s findings to the proper authorities in each affected country.

Cryptocurrency forensics experts from Xrplorer warned on June 15 that hackers were trying to steal XRP users’ secret keys by claiming that Ripple was giving away tokens.

Tags
Related Posts
Crypto Scams Reach New Heights in 2020 With $24M Stolen So Far
Blockchain tracking and analytics platform, Whale Alert, revealed that over the past four years, scammers have stolen over $38 million worth of Bitcoin (BTC). New heights could be reached at the end of 2020 Whale Alert’s study, which relies on data from the crypto scam tracking site, Scam Alert, suggests that the popularity of dozens of different types of scams have been on the rise. Some of these include giveaways, sextortion, fake exchanges, fake ICO’s, Bitcoin recovery, video scams, fake tumblers, and malware. In 2017, scammers stole roughly $5M in Bitcoin from unsuspecting victims. In the first quarter of 2020, …
Bitcoin / July 13, 2020
Cybersecurity analyst reveals 8 sneaky crypto scams on Twitter right now
Cybersecurity analyst Serpent has revealed his picks for the most dastardly crypto and non-fungible token (NFT) scams currently active on Twitter. The analyst, who has 253,400 followers on Twitter, is the founder of artificial intelligence and community-powered crypto threat mitigation system, Sentinel. In a 19-part thread posted on Aug. 21, Serpent outlined how scammers target inexperienced crypto users through the use of copycat websites, URLs, accounts, hacked verified accounts, fake projects, fake airdrops, and plenty of malware. One of the more worrisome strategies comes amid a recent spate of crypto phishing scams and protocol hacks. Serpent explains that the “Crypto …
Blockchain / Aug. 22, 2022
Crypto hacks are set to hit all-time highs in 2022, analyst explains
Reducing the amount of hacking by improving cybersecurity should be considered a top priority for the crypto industry, said Kim Grauer, director of research of blockchain intelligence firm Chainalysis. As pointed out by the firm, this year could outpace 2021 in terms of crypto stolen through hacks. The vast majority of these exploits have been targeting the field of decentralized finance. “This can't go on in the industry because people are going to lose faith in investing in DeFi platforms”, Grauer said in an interview with Cointelegraph. Unlike centralized exchanges, which have improved their resiliency to crypto hacks, decentralized protocols …
Blockchain / Oct. 19, 2022
Crypto’s recovery requires more aggressive solutions to fraud
It’s hardly an exaggeration to say that our industry is facing tough times. We’ve been in the midst of a “crypto winter” for some time now, with the prices of mainstays, including Bitcoin (BTC) and Ether (ETH), tumbling. Likewise, monthly nonfungible token (NFT) trading volumes have fallen more than 90% since their multibillion dollar peak back in January of this year. Of course, these declines have only been exacerbated by the numerous black swan events rocking the crypto world, such as the FTX and Three Arrows Capital meltdowns. Taken together, it shouldn’t be a surprise that crypto is facing a …
Cryptocurrencies / Dec. 30, 2022
Social media blamed for $1B in crypto scam losses in 2021
The United States Federal Trade Commission has labeled social media and crypto a “combustible combination for fraud,” with nearly half of all crypto-related scams originating from social media platforms in 2021. Published on Friday, the report found that as much as $1 billion in crypto has been lost to scammers throughout the year, which was more than a five-fold increase from 2020, and nearly sixty times up from 2018. New analysis finds consumers reported losing more than $1 billion in #cryptocurrency to scams since 2021. Most of the losses consumers reported were to bogus cryptocurrency investment scams: https://t.co/MYGTcaw1aS #DataSpotlight /1 …
Bitcoin / June 6, 2022