All posts by bitcoinwhoswho

Crypto Scam Digest – October 21, 2022

Two Men Sentenced to Prison for SIM-Swapping Crypto Scam

Two Massachusetts men were sentenced to two years in prison for stealing the social media accounts of crypto executives and using SIM-swapping to bypass 2FA protections. DOJ

$1.6M Stolen from an FTX Account

Details are unclear but it seem that hackers exploited automated trading bot API 3commas in order to take control of the user’s account and make thousands of trades. WU Blockchain

Localbitcoins User “Mustangy” Sentenced in Federal Court for Money Laundering

AKA Mustafa Goklu, Mustangy posted ads on offering to pay cash for up to $99,999 in Bitcoin. The cash he was offering came from his drug trafficking business. DOJ

Coinbase Users Sue over $21 Million in Crypto Scam Losses

Nearly 100 Coinbase users are taking the company to arbitration for failing to protect them from mining pool scams. Forbes

Three States Take Action Against Slotie NFT

Three US states have filed cease-and-desist orders against Slotie NFT for selling NFTs without proper registration and funneling the proceeds into metaverse casinos. Coindesk

OFAC Cryptocurrency Regulation


The Office of Foreign Assets Control (OFAC) recently surprised the crypto community by designating two well-known cryptocurrency mixers, and Tornado Cash, as Specially Designated Nationals (SDNs).

The sanctions come after OFAC issued Sanctions Compliance Guidance for crypto firms in September of 2021, which raised questions with crypto enthusiasts – is this the start of sensible regulation of the industry, or a threat to crypto’s decentralization and anonymity?

This article will explain everything you need to know about OFAC, its regulations, and what it means for the cryptocurrency world.

What is OFAC?

The US Treasury Department’s Office of Foreign Assets Control is a financial intelligence and enforcement organization. Their primary objective is to enact America’s national security and foreign policy goals and enforce economic and trade sanctions.

OFAC conducts its operations against foreign states and individuals, and a range of other entities such as terrorist organizations, that are deemed a threat to US national security interests.

OFAC Sanctions Procedures and Requirements

OFAC’s Sanctions Compliance Guidance provides the principles of US compliance obligations for the cryptocurrency industry.

OFAC highlights the idea that crypto firms doing business in the US will be treated the same as any other US company that transacts in traditional currencies. As a result, crypto firms must follow OFAC regulations just as any other company would.

Furthermore, the OFAC guidance explains cryptocurrency firms’ obligations to prohibit, reject, and disclose transactions involving sanctioned entities (such as SDNs).

The Guidance emphasizes that failure to follow OFAC standards may result in fines or other repercussions. It further stresses that working with OFAC and developing a robust compliance program may be mitigating factors when they are contemplating fines for alleged infractions.

OFAC Regulation of Cryptocurrency Firms

OFAC’s mounting worries about unlawful activities in the crypto space have prompted them to take these steps to regulate cryptocurrency firms. In the Sanctions Compliance Guidance, the agency lists five recommendations for firms to comply with OFAC regulations:

  • Commitment From Company Management

According to OFAC, sanctions compliance programs must receive the proper controls and resources. They highlight the significance of management buy-in in establishing an efficient compliance program.

This implies leaders must have a direct role in assessing and implementing these standards, and provide ample resources, including human and technological capital.

  • Risk Analysis for Frequently Finding Vulnerabilities

Businesses thoroughly evaluate their interactions with third parties to look for any possible noncompliance issues. In addition, crypto firms must examine potential sanctions risk from the start, depending on the services they plan to provide.

By doing this risk assessment early in the company’s life cycle (for example, before beta testing) crypto firms can create a solid sanctions compliance mechanism ahead of seeing substantial user growth, reducing the possibility of sanctions violations.

  • Internal Controls

Firms must have adequate internal controls in place to comply with OFAC’s five-pronged sanctions compliance framework, with a focus on the ability to detect and respond to problematic transactions.

Crypto firms need to regularly evaluated their risk of doing business with sanctioned entities, and users based in countries that are subject to severe sanctions, such as Iran, Venezuela and North Korea.

If these risks materialize, internal controls must be prepared to deal with them, escalate them and record them. Part of the job entails exercising due diligence to safeguard the firm, its clients and business partners.

  • Testing and Auditing

Auditing can be used to assess the success of compliance initiatives. As the threats evolve over time, firms may need to recalibrate their defenses accordingly.

Crypto firms can alert themselves of potentially fraudulent transactions, or transactions by sanctioned entities, by using tools such as Bitcoin Who’s Who. Firms can quickly and easily assess their potential risk of exposure to sanctions risk based on our unique dataset.

  • Staff Training

Training is vital since staff awareness heavily influences the effectiveness of a compliance program. Organizations should regularly provide job-specific training to their employees to ensure they’re on the same page with management. Employees should always be aware of their duties in preventing sanctions violations and current OFAC best practices.

What is the SDN List?

The Specially Designated Nationals and Blocked Persons List (SDN List) is a US government santion/embargo mechanism that targets US-designated terrorists, foreign government officials, and international criminals (for example, drug cartels).

Thousands of firms, organizations and individuals are on the SDN list because the US deems them a threat to national security. Persons and enterprises in the US are prohibited from doing business with entities on the list.

Companies on the list can suffer penalties including a prohibition on stock purchases in the company and their majority-owned subsidiaries, as well as a prohibition on issuing new debt with a maturity of more than 90 days.

Why is OFAC Sanctioning Crypto Companies?

OFAC’s sanction programs are designed to defend the US from threats to national security and to further US foreign policy goals. Since OFAC exists to impose sanctions on any entities whose financial or trade-related acts jeopardize US security, the possibility of cross-border money laundering or hacking via crypto has made these firms a target.

For example, consider the case of Tornado Cash. The service can be useful for people who genuinely need financial privacy, such as those who wish to make anonymous donations, or need their financial information kept private for legitimate reasons. However, cryptocurrency mixers like Tornado Cash are also appealing to cybercriminals looking to launder money, which is why OFAC is taking action against such companies.

Tornado Cash’s role in laundering over $455 million in cryptocurrency stolen from Axie Infinity’s Ronin Bridge protocol by the Lazarus Group (a hacking group with ties to North Korea) was cited as a reason for the OFAC ban, as was Tornado’s receipt of stolen funds from Harmony Bridge and Nomad Bridge previously.

SDN List Placement and Removal

When OFAC assigns an entity to the SDN list, it provides the rationale behind the action. Typically, the Treasury Department issues a report explaining the reasons for the blacklist, which can then be addressed by the sanctioned entity.

In order to obtain removal from the SDN list, an entity must file a petition for removal or a request for administrative consideration with OFAC. This administrative consideration requires the sanctioned person or company to argue that their behavior has changed and that it will no longer engage in the prohibited actions. Removal in some cases is possible if the entity can demonstrate that OFAC was mistaken when placing them on the blacklist.

OFAC evaluates these requests upon receipt and typically responds by asking numerous questions to obtain the complete picture. This questioning can be repeated several times, and may take months or even years to complete, depending on the complexity of the case.

OFAC Sanctions on Major Crypto Companies


Blender was the first bitcoin company to be added to the SDN list. The mixer service was blacklisted and sanctioned due to their involvement in laundering proceeds from a bitcoin heist linked to the game Axie Infinity.

  • Tornado Cash

On August 8th, 2022 OFAC sanctioned Tornado Cash for helping cybercriminals to launder $7 billion in cryptocurrency since 2019. According to an OFAC news release, the Lazarus Group used the mixer to launder about $455 million in stolen money. Tornado Cash was sanctioned following the Blender sanction and enforcement actions against mixers Bitcoin Fog and Helix.

  • Lazarus Group

The Lazarus Group is a North Korea-linked hacker group which has allegedly engaged in multiple crypto heists and then used mixers to launder the stolen funds. According to OFAC, the money is then used to support North Korea’s nuclear and ballistic missile development.

  • Iran-Linked Ransomware

On September 14, 2022 ten individuals and two companies were added to the SDN list. They are accused of taking part in and funding ransomware activities in Iran. OFAC says the gang is connected to the Islamic Revolutionary Guard, and has been exploiting software flaws to spread ransomware, steal data, and access computers without permission.

Along with the entities placed on the list, OFAC also banned several BTC addresses which allegedly belong to Ahmad Khatibi Aghada, who was born in Iran. However some of the addresses have never received a bitcoin deposit.

Mitigating OFAC Penalties

OFAC is more lenient with potential offenders who fall under what it considers mitigating conditions. This can encourage better compliance and lessen the regulatory load on well-meaning companies.

  • Companies that were unaware of the violation

Any company that deliberately engages in illegal acts would of course be subject to higher fines and stiffer penalties. Also, sanctions are likely to be higher for companies that attempt to cover up any illegal transactions. Companies that are able to prove ignorance of the illegal transactions may face lighter punishment

  • Companies that aren’t commercially sophisticated

When deciding what punishment to impose on a company, OFAC looks at several factors including how long the company has been in operation, whether it is bankrupt or solvent, the number of transactions, and any sanctions history. A newcomer with low transaction volumes would likely receive lighter penalties than a long-established financial institution with billions in questionable dealings.

  • Collaboration with OFAC

OFAC is more likely to take a lenient stance toward companies that voluntarily report violations than it is toward companies with violations uncovered independently by OFAC.

Companies can take these mitigating factors into consideration when dealing with OFAC requirements by building a risk-based compliance program appropriate for the size of the organization, and self-reporting when a breach is discovered.

The Bottom Line

Given the growing importance of virtual money in the global economy and the implications of non-compliance with sanctions, participants in the cryptocurrency markets should pay close attention to the regulatory environment going forward.

State and Federal crypto enforcement has accelerated more quickly after President Biden’s Cryptocurrency Executive Order in September 2022. This development suggests that cryptocurrency organizations should prepare for a storm of regulations in the years ahead.

Crypto Scam Digest – October 14, 2022

Scam Victim Withdraws BTC, Gets Toilet Paper

A Pennsylvania man received a briefcase which supposedly held cash from his crypto profits, but it turned out to contain toilet paper. And he paid an extra $9K for the code to open the briefcase. PA Homepage

WhatsApp Scam Impersonating Scary Spice

A scammer sent WhatsApp messages to stars and friends of Mel B (aka Scary Spice) asking for crypto donations to “help African children dying of thirst”. Yahoo!

Binance Hacked for Two Million BNB

An exploit of weaknesses in cross-chain bridges allowed a scammer to steal 2M Binance Coin worth about $580M. Yahoo!

French Police Charge Bored Ape NFT Thieves

Bored Ape NFT owners fell for a phishing scam that claimed it would animate the valuable NFTs. $2.5M in NFTs were stolen in all. Decrypt

Indian Police Target Scam Cloud Mining App

31 people fell victim to scam cloud mining app “CCH Cloud Miner” and police have filed a case against 3 of the scammers involved. Inc42

“Pig Butchering” Scams Increasing on Tinder

Scammers are using Tinder to meet victims, then dating them for weeks in order to set them up for a crypto theft. NY Post

Crypto Scam Digest – October 7th, 2022

Kim Kardashian Settles Charges for Illegal Crypto Promotion
Kardashian paid $1.26 million in penalties for promoting EthereumMax on social media without disclosing how much she was paid to do so.

Class Action Lawsuit Filed Against Just A Bit of Coin
Plaintiffs claim that Just A Bit of Coin promised to build bitcoin mining rigs for customers but never delivered, blaming supply chain issues.

Brazilian Police, US Homeland Security Bust Crypto Fraud Ring
A multi-year investigation has ended with the execution of 20 search and seizure warrants against a crypto scam ring based in Curitaba, Brazil.

Malicious DApp Is Stealing Crypto from Other Crypto Scammers “Water Labbu” is inserting malicious code into crypto scam websites and emptying the wallets of visitors of those sites before they even have a chance to get scammed the usual way. Trend Micro

Is Bitcoin A Safe Investment?

Bitcoin can be a wise investment, but it’s also a volatile one. When it comes to “safe” investments, bitcoin and other cryptocurrencies are a good bet—but only if you’re willing to take a lot of risks. Yes, crypto is here to stay and the price of bitcoin is not going to “go to zero” as many early skeptics predicted. But the price of a Bitcoin has swung from $30,000 to $60,000 in the last three months alone. Other, lesser cryptocurrencies are even more volatile than Bitcoin.

As a result, investment experts generally advise limiting any cryptocurrency purchases to under 5% of your portfolio—and ensuring you have a good conventional retirement investment strategy in place first. Before investing in bitcoin or any other cryptocurrency, you should establish an emergency fund and pay off any high-interest loans.

Many individuals are concerned about hacking and fraud when it comes to bitcoin investing, as with any other digital investment. According to data from the Federal Trade Commission, crimes involving cryptocurrency resulted in a median loss of $1,900 in the last two years.

While bitcoin and many other cryptocurrencies are established and legitimate, many new initial coin offerings (ICOs) are bogus.  An ICO is when a cryptocurrency is first offered to investors before it goes public. However, new coin offerings can often be faked, leading investors to place their money in a cryptocurrency that doesn’t exist in reality.

Before investing in any cryptocurrency, do your homework. What appears to be an unbelievably high return can very likely be a scam. The project’s white paper is a good place to begin your investigation.

Avoid “Pump and Dump” Schemes

Some small groups of investors may artificially inflate a coin price and convince smaller investors to invest in the coin. The initial investors then sell their shares at a profit before the price falls. Traditional investments like stocks are also susceptible to this type of strategy. If a coin’s ROI sounds too good to be true, it probably is. Be wary of cryptocurrencies whose value has skyrocketed for no apparent reason. They fall as they rise.

How to Keep Your Bitcoin Safe

Even hot wallets offered by cryptocurrency exchanges and third parties to store your funds are still susceptible to hacking. The Federal Deposit Insurance Corporation (FDIC) does not guarantee cryptocurrency held on an exchange or in a wallet. Ensure the  cryptocurrency trading platforms you are using offer rigorous security measures, including two-factor authentication for customers, and are retaining a considerable portion of their holdings in cold storage. In the event of theft or hacking, certain exchanges may even offer private insurance policies.

Generally, look before you leap – and invest in offline cold storage that is not connected to the internet, comparable to a USB drive, to keep your assets safe. Your password should be kept in a place where you won’t lose it. Investing in bitcoin will be more secure if you meet all of these criteria.

Ransomware Attacks

Ransomware is malware (malicious software) that utilizes encryption to hold a victim’s data ransom. Important data is encrypted to block the owner’s access to files, databases, or software. To gain access, a ransom is then demanded. The most dangerous aspect of ransomware is how rapidly it can spread across a network and affect all of an organization’s databases and servers.

Cybercriminals make billions of dollars from ransomware, and businesses and governments pay a high cost in ransom, expenses and lost data.

Recent Ransomware Attacks

Companies like the Colonial Pipeline, Steamship Authority of Massachusetts, JBS (the world’s largest meatpacker), and the Metropolitan Police Department of Washington, DC were attacked in 2021. The ransom payments to the hackers caused the shutdown of critical infrastructure and subsequent deficiencies, enhanced costs of goods/services, the shutdown of operations and financial losses.

Attacks on the healthcare sector

In 2020, ransomware attacks cost the economy $20 billion in impacted revenue, lawsuits, and ransom paid, according to a new report. A total of 92 ransomware attacks hit more than 600 healthcare facilities in 2020.

Colonial Pipeline Attack

In April 2021, due to the pipeline’s critical role in the national infrastructure system, this attack had a significant impact on the US. Major disruption in gas supplies caused an uproar on America’s east coast after system failures halted the flow of gas.

Brenntag Attack  

Brenntag,  a chemical marketing firm, was targeted by DarkSide in May 2021. The hackers stole 150GB of data, for which Brenntag paid $4.4 million (of the $7.5 million demanded).

Quanta Attack

In April 2021, the REvil gang demanded a $50 million ransom from computer manufacturer Quanta. Apple product blueprints obtained from Quanta were leaked, and the hackers threatened to expose more sensitive information and files.

Acer Attack

The REvil hacker group, which also targeted Travelex, a London-based foreign exchange firm, attacked Acer in May 2021. To date, the $50 million ransom is the largest ever recorded.

CNA Attack

A ransomware attack on a large insurance firm occurred in March 2021. The hacker group targeted CNA’s network, encrypting 15,000 devices, many of which belonged to remote workers.

Rockets Attack

In April 2021, the hacker group Babuk was alleged to have compromised 500GB of private documents about the Houston Rockets from the National Basketball Association (NBA).

AXA Attack.

The Avaddon gang struck European insurance company AXA in May, shortly after major alterations to their insurance policy were made public.

How to Avoid Ransomware Attacks

Be prepared to lessen the chances of an attack. Ensure you have anti-ransomware software installed on all of your computers. If a link is not safe, do not click on it.

As a result of malicious websites, software downloads, and spam mail, ransomware infections can spread. To avoid phishing, do not give out personal information. Never open an attachment from an unknown email. Keep your software and operating system current.

Not only should you avoid downloading files from untrusted sources, but avoid using USB drives. When using public WiFi networks, be cautious. Use only a VPN.

What to Do When You Are Attacked?

To begin, never pay a ransom to decrypt your files when you have no way to be sure you’ll get them back. Your Wi-Fi should be turned off and the network disconnected.  Investigate the attack online using a different device to find out the type of ransomware and any other info displayed on your screen. Take a picture as a record. Consult an expert about your system and notify the appropriate authorities about the attack. And to protect others from the attack, please report it to Bitcoin Who’s Who here: Report Bitcoin Ransomware

What Is A Bitcoin Address And How Do You Use It?

Bitcoin Wallet

A Bitcoin wallet is a software program that helps to keep track of your Bitcoins. To be technical, Bitcoins are not stored anywhere; a private key (secret number) for each Bitcoin address is kept inside the Bitcoin wallet of the person who bought that amount. Users can transfer and receive Bitcoins via Bitcoin wallets, which also give them ownership of their Bitcoin balance.

Wallet Address

A Bitcoin wallet address functions similarly to a bank account number. It’s a one-of-a-kind 26–35-digit letter-and-number combination that appears like this: 1ExAmpLe0FaBiTco1NADr3sSV5tsGaMF6hd. Your Bitcoin wallet address can be shared with others.

What Is My Bitcoin Address and How Does It Work? -

Types of Wallet Addresses

Vanity Address

To put it another way, vanity addresses are Bitcoin addresses that begin with words like your name or company’s name or any other word you desire in your Bitcoin wallet address can help your wallet become distinct when receiving or transferring Bitcoin.

How To Bid Ens Myetherwallet How Tio Install The Nano Ledger S – Clinvacin

How to Create a Vanity Address

To ensure the safety of your private key and public key pair, you should create the key yourself. First method is using a processor and a CPU. It is more like mining it yourself where you compute it with a software like Vanitygen. 

The second method is using pool generator. Pool generators are Bitcoin miners. They will use software, GPU and CPU to generate the address and forward it to your email.

Multi-Signature Address

A Bitcoin address containing multiple private keys is known as a multi-signature address. To authorize a multi-signature transaction, you’ll need more than one private key. These are commonly set up as m-of-n addresses. 

A 2-of-2 multi-sig address, is associated with two keys and requires two valid signatures for the transaction to be legitimate. To produce a successful transaction, a 2-of-3 multi-sig address is paired with three keys and requires two valid signatures out three. Traditional addresses are more difficult to steal from than multi-sig addresses.

How to create a Multi-Signature Address

  • Use “get a new address” or “get account address” RPC commands to generate three bitcoin addresses. Also, you can copy and paste from the GUI.
  • Use “validate address” RPC command three times to get the public keys of those addresses.

How can one see if an address is multisig? - Bitcoin Stack Exchange

  • Add multi-sig address to generate a 2-of-3 multi-sig address; for example: bitcoin add multisig address 2 ‘[“044322868cb17d64dcc22185ae2d4493111d73244c3668f8ac79ecc79c0ba8d30a6756d0fa20157 709af3281cc721c7f53321a8cabda29b 
  • Be cautious, as the public keys are in raw hexadecimal format and do not include checksums such as bitcoin addresses. The standard send to address/send many RPC commands, as well as the GUI can then be used to send money to that 2-of-3 transaction.

SegWit Address

Transaction signatures and scripts (the so-called “witness data”) are separated from other data in a process known as “Segregated Witness,” or “SegWit.” Layer 2 Bitcoin scaling is enabled by removing non-intentional transaction malleability. Segwit has lower fees as more Segwit transactions can fit in a Bitcoin block.

How to create SegWit (Bech32) BTC wallet address? | CoinDeal - safe crypto  exchange

The Bech32 address standard is used in conjunction with SegWit. The characters “bc1” start all Bech32 addresses, which is alternatively “native SegWit” addresses, while Legacy addresses start with a “1.” SegWit (Bech32) which is receiving addresses, and are now used as the default in Wallet. Segwit fees are lower.

How to create a SegWit Address

The steps to create a SegWit address are: 

  • Log in to your Singlesig Bitcoin wallet using Blockstream Green. 
  • Select Add New Account. 
  • Choose SegWit and give your account a name. 
  • On the Accounts page, you should now see your freshly formed SegWit account. 

To use it, simply tap on it. When you pick Receive, a bech32 address will be produced. Not every service supports bech32 addresses yet.

Bitcoin Scams are the World’s Other Continuing Pandemic

2020 Scam Report Origins

Based on the origins of Scam Reports received by in 2020, bitcoin scams are the world’s other continuing pandemic.

BitcoinWhosWho received Scam Reports from 149 countries in 2020. 25 countries originated at least 100 reports.

Continue reading Bitcoin Scams are the World’s Other Continuing Pandemic

The Most Frequently Reported Bitcoin Scams Of 2020

The Top 25 Most Frequently Reported Bitcoin Scam Addresses to in 2020* received 9.5994793 total BTC.

Every single address is associated with the “sextortion” email scam first reported here in March 2018. There are many variations of the scam, but basically claims to have webcam footage of the email recipient visiting adult websites and demands payment in bitcoin or else the video will be sent to their contacts.

The average amount scammed was .092 BTC.

Top 25 Most Frequently Reported Bitcoin Scam Addresses of 2020

Continue reading The Most Frequently Reported Bitcoin Scams Of 2020