Two Men Sentenced to Prison for SIM-Swapping Crypto Scam
Two Massachusetts men were sentenced to two years in prison for stealing the social media accounts of crypto executives and using SIM-swapping to bypass 2FA protections. DOJ
$1.6M Stolen from an FTX Account
Details are unclear but it seem that hackers exploited automated trading bot API 3commas in order to take control of the user’s account and make thousands of trades. WU Blockchain
Localbitcoins User “Mustangy” Sentenced in Federal Court for Money Laundering
AKA Mustafa Goklu, Mustangy posted ads on localbitcoins.com offering to pay cash for up to $99,999 in Bitcoin. The cash he was offering came from his drug trafficking business. DOJ
Coinbase Users Sue over $21 Million in Crypto Scam Losses
Nearly 100 Coinbase users are taking the company to arbitration for failing to protect them from mining pool scams. Forbes
Three States Take Action Against Slotie NFT
Three US states have filed cease-and-desist orders against Slotie NFT for selling NFTs without proper registration and funneling the proceeds into metaverse casinos. Coindesk
A Pennsylvania man received a briefcase which supposedly held cash from his crypto profits, but it turned out to contain toilet paper. And he paid an extra $9K for the code to open the briefcase. PA Homepage
WhatsApp Scam Impersonating Scary Spice
A scammer sent WhatsApp messages to stars and friends of Mel B (aka Scary Spice) asking for crypto donations to “help African children dying of thirst”. Yahoo!
Binance Hacked for Two Million BNB
An exploit of weaknesses in cross-chain bridges allowed a scammer to steal 2M Binance Coin worth about $580M. Yahoo!
French Police Charge Bored Ape NFT Thieves
Bored Ape NFT owners fell for a phishing scam that claimed it would animate the valuable NFTs. $2.5M in NFTs were stolen in all. Decrypt
Indian Police Target Scam Cloud Mining App
31 people fell victim to scam cloud mining app “CCH Cloud Miner” and police have filed a case against 3 of the scammers involved. Inc42
“Pig Butchering” Scams Increasing on Tinder
Scammers are using Tinder to meet victims, then dating them for weeks in order to set them up for a crypto theft. NY Post
Kim Kardashian Settles Charges for Illegal Crypto Promotion Kardashian paid $1.26 million in penalties for promoting EthereumMax on social media without disclosing how much she was paid to do so. SEC.gov
Class Action Lawsuit Filed Against Just A Bit of Coin Plaintiffs claim that Just A Bit of Coin promised to build bitcoin mining rigs for customers but never delivered, blaming supply chain issues. ClassAction.com
Brazilian Police, US Homeland Security Bust Crypto Fraud Ring A multi-year investigation has ended with the execution of 20 search and seizure warrants against a crypto scam ring based in Curitaba, Brazil. ICE.gov
Malicious DApp Is Stealing Crypto from Other Crypto Scammers “Water Labbu” is inserting malicious code into crypto scam websites and emptying the wallets of visitors of those sites before they even have a chance to get scammed the usual way. Trend Micro
Ransomware is malware (malicious software) that utilizes encryption to hold a victim’s data ransom. Important data is encrypted to block the owner’s access to files, databases, or software. To gain access, a ransom is then demanded. The most dangerous aspect of ransomware is how rapidly it can spread across a network and affect all of an organization’s databases and servers.
Cybercriminals make billions of dollars from ransomware, and businesses and governments pay a high cost in ransom, expenses and lost data.
Recent Ransomware Attacks
Companies like the Colonial Pipeline, Steamship Authority of Massachusetts, JBS (the world’s largest meatpacker), and the Metropolitan Police Department of Washington, DC were attacked in 2021. The ransom payments to the hackers caused the shutdown of critical infrastructure and subsequent deficiencies, enhanced costs of goods/services, the shutdown of operations and financial losses.
Attacks on the healthcare sector
In 2020, ransomware attacks cost the economy $20 billion in impacted revenue, lawsuits, and ransom paid, according to a new report. A total of 92 ransomware attacks hit more than 600 healthcare facilities in 2020.
Colonial Pipeline Attack
In April 2021, due to the pipeline’s critical role in the national infrastructure system, this attack had a significant impact on the US. Major disruption in gas supplies caused an uproar on America’s east coast after system failures halted the flow of gas.
Brenntag Attack
Brenntag, a chemical marketing firm, was targeted by DarkSide in May 2021. The hackers stole 150GB of data, for which Brenntag paid $4.4 million (of the $7.5 million demanded).
Quanta Attack
In April 2021, the REvil gang demanded a $50 million ransom from computer manufacturer Quanta. Apple product blueprints obtained from Quanta were leaked, and the hackers threatened to expose more sensitive information and files.
Acer Attack
The REvil hacker group, which also targeted Travelex, a London-based foreign exchange firm, attacked Acer in May 2021. To date, the $50 million ransom is the largest ever recorded.
CNA Attack
A ransomware attack on a large insurance firm occurred in March 2021. The hacker group targeted CNA’s network, encrypting 15,000 devices, many of which belonged to remote workers.
Rockets Attack
In April 2021, the hacker group Babuk was alleged to have compromised 500GB of private documents about the Houston Rockets from the National Basketball Association (NBA).
AXA Attack.
The Avaddon gang struck European insurance company AXA in May, shortly after major alterations to their insurance policy were made public.
How to Avoid Ransomware Attacks
Be prepared to lessen the chances of an attack. Ensure you have anti-ransomware software installed on all of your computers. If a link is not safe, do not click on it.
As a result of malicious websites, software downloads, and spam mail, ransomware infections can spread. To avoid phishing, do not give out personal information. Never open an attachment from an unknown email. Keep your software and operating system current.
Not only should you avoid downloading files from untrusted sources, but avoid using USB drives. When using public WiFi networks, be cautious. Use only a VPN.
What to Do When You Are Attacked?
To begin, never pay a ransom to decrypt your files when you have no way to be sure you’ll get them back. Your Wi-Fi should be turned off and the network disconnected. Investigate the attack online using a different device to find out the type of ransomware and any other info displayed on your screen. Take a picture as a record. Consult an expert about your system and notify the appropriate authorities about the attack. And to protect others from the attack, please report it to Bitcoin Who’s Who here: Report Bitcoin Ransomware
The Top 25 Most Frequently Reported Bitcoin Scam Addresses to BitcoinWhosWho.com in 2020* received 9.5994793 total BTC.
Every single address is associated with the “sextortion” email scam first reported here in March 2018. There are many variations of the scam, but basically claims to have webcam footage of the email recipient visiting adult websites and demands payment in bitcoin or else the video will be sent to their contacts.
The average amount scammed was .092 BTC.
Top 25 Most Frequently Reported Bitcoin Scam Addresses of 2020
The Financial Crimes Enforcement Network (FinCEN) fined the founder of cryptocurrency “mixers” Helix and Coin Ninja this week for violations of the Bank Secrecy Act, an action that may signal more serious enforcement actions against bitcoin scams in the future.
Scammer will provide a QR code and the location of the closest bitcoin ATM.
If you have been caught up in this scam, you have a better than average chance of recovering funds.
The first “CRA scam” was reported to BitcoinWhosWho.com in August 2018. Since then, there have been dozens of reports of this particular tactic and it continues to fool a lot of people.
The most frequently reported CRA scam, aka “SIN scam”, bitcoin address has received 567BTC (as of Sept 9), worth almost CAD$8M.
Based on input transactions to this address alone, it appears to be scamming 2 or 3 people a day out of ~.33 BTC a pop.
The fraud starts with a caller ID spoofing Service Canada, Canada Revenue Agency (CRA), Royal Canadian Mounted Police (RCMP) or even sometimes reportedly the FBI. The caller claims there was fraudulent use of your Social Insurance Number (SIN) and only by visiting the closest crypto ATM and depositing BTC into their wallet (which they will conveniently text you a QR code for!) will they be able to “assist”. Don’t fall for it!
The first “Elon Musk/Tesla” #Bitcoin scam reported to BitcoinWhosWho.com in June 2018 involved a hijacked high-profile verified Twitter account pretending to giveaway our beloved valuable crypto asset. Since then, the volume of Elon Musk (& Tesla) related bitcoin scams reported has increased dramatically, especially from Japan.
Elon Musk & Telsa Bitcoin Scam Report Volume
Almost 45% of Elon Musk/Tesla bitcoin scam reports come from Japan. 16% are unknown, 15% are US and the rest;
