When cryptocurrency value rises, we can expect a parallel rise in crypto-related crime, including phishing, fake brokers, and scams impersonating exchanges and other legitimate services. As expected, the market has made it a . recent surge in the global cryptocurrency hot target for cybercrime While the blockchain technology that protects cryptocurrency investments is robust, widespread fraud on social media and across the web circumvents those protections, targeting the general public directly to fool and ultimately rob them. As a result, keeping the pulse of the crypto-threat landscape requires an always-on, internet-wide view. At RiskIQ, we've been tracking crypto-threats to understand their prevalence and how they're evolving. Below, we've outlined the most prevalent that we see, including infrastructure analysis via our Internet Intelligence Graph to drill down into the mechanics of each threat and show how they work and why they're effective. Social Media Scams Twitter has recently been an epicenter of cryptocurrency fraud, with many incidents involving phony investment opportunities and giveaway scams that manipulate celebrity and business accounts across platforms. In , teenage fraudsters used an internal Twitter tool to bypass security measures, giving them access to dozens of high-profile, verified business and celebrity accounts. They then used these accounts to peddle their scheme, tweeting get-rich-quick Bitcoin scams from the trusted victim accounts, requesting that readers send Bitcoin to an address included in the tweet: July 2020 The scam worked, and over USD 118k in Bitcoin was stolen in the attacks. RiskIQ actively . You can also find the list of domains we identified while the attack was ongoing . tracked the infrastructure used as the situation evolved here Similar cryptocurrency scams continue to abuse verified accounts on Twitter. During a single week in February 2021, reported 48 verified accounts attempting to trick users into sending cryptocurrency to scammers. The scam works by gaining control of various verified accounts that are no longer in use or poorly secured. The accounts are then made to look like they belong to a well-known individual, such as Elon Musk. @malwrhunterteam In this , the compromised account tweets a domain, . A RiskIQ crawl captured the scam page hosted on that domain, which uses Tesla branding and promises a "5,000 BTC Giveaway!" to anyone who sends bitcoin to the wallet address listed on the page: example elon-musk[.]life Looking at the crawl more closely, we can see the scam domain loads content from several interesting hosts. One of these hosts associates with over forty other cryptocurrency scam domains, many related to Elon Musk. The scale of these social media scams targeting cryptocurrency investors shows that they continue to be successful— even after the sensational, widely reported attacks in 2020. You can see RiskIQ's full infrastructure analysis of this campaign by visiting our Threat Intelligence Portal. Scams: E.G., Initial Pips One of the most common cryptocurrency scams involves fraudulent cryptocurrency brokers, miners, and services. These scams lure victims with guarantees of impressive returns on investment, free crypto-mining hardware, or promises to recover stolen funds. The malicious actors will develop lure pages mimicking services of well-known investment firms and crypto-mining businesses to appear legitimate, safe, and helpful to victims. 'Initial Pips' is a shady service at the center of a cryptocurrency scam campaign that masquerades as a legitimate cryptocurrency broker. The platform and its connected domains appear legitimate and advertise lucrative opportunities that trick users into sending cryptocurrency as an investment. The operators behind these scams have created multiple lure pages that impersonate legitimate companies or services: A RiskIQ crawl shows associated malicious pages are being mirrored from using HTTrack, a free and open-source web crawler and offline browser that can be used to copy web pages. look almost identical, with minor changes in imagery, logo, and branding. initialpips[.]com The associated domains Other cryptocurrency scams like the Initial Pips campaign can be seen on the provided by Scam News Channel. Crypto Scam List: 2021 Cryptocurrency Phishing Phishing targeting credentials for users of cryptocurrency services is another prevalent threat. Cryptocurrency phishing pages mimic a wide range of different services, and it wasn't hard to find examples. The instance below impersonates the MyEtherWallet service: Here, we see the form on the page that steals the user's credentials: You can investigate some other recent MyEtherWallet phish domains in RiskIQ Community , , , , and . here here here here here This next example targets Ledger, a maker of hardware cryptocurrency wallets. Clicking the "Connect" button shown in the snapshot above leads to the credential-stealing page: This domain shares infrastructure with several financial scam pages on the same IP address. These include , which purports to be a crypto-mining service that promises "profit up to 56% per month!" and , which is built from a template and pretends to be a credit union or bank. mining-station[.]uk trustfundcredit[.]com Many of these sites use templates copied from other sites using HTTrack. You can investigate all the indicators used in these examples and more by visiting our full analysis in RiskIQ’s Threat Intelligence Portal. Be Crypto-Vigilant Even before the recent boom, the COVID-19 pandemic invited its own , and RiskIQ has been for several years. These threats continuously evolve as the market evolves and matures, requiring constant vigilance and analysis. crypto-related cybercrime tracking crypto-scams and threats

Target

Tesla

Twitter

Too Long; Didn't Read

Discover Saakuru: Web3 Mass-Adoption with 0-FEES

Cryptocurrency: A Boom in Value Begets a Boom in Crime

Too Long; Didn't Read

Companies Mentioned

RiskIQ

About Author

TOPICS

THIS ARTICLE WAS FEATURED IN...

Cryptocurrency: A Boom in Value Begets a Boom in Crime

Too Long; Didn't Read

Companies Mentioned

RiskIQ

About Author

TOPICS

THIS ARTICLE WAS FEATURED IN...

RELATED STORIES