Binance Helps UK Police to Stop $51 Million Phishing Fraud

Binance claims to have assisted British prosecutors in an investigation of an online fraud that resulted in over $51 million losses by victims.

Criminal is now jailed

On Sept. 26, Binance’s chief compliance officer Samuel Lim published a blog post saying that the exchange was working with the Cyber Crime Unit of the United Kingdom’s Metropolitan Police Service to investigate into Bulgarian phishing expert Svetoslav Donchev.

As officially reported by the Crown Prosecution Service (CPS), Donchev, 37, was extradited to the U.K. from Bulgaria to face the online scamming fraud charges and pleaded guilty to five offences to receive a nine-year sentence on Sept. 20.

Half a million potential victims

According to the CPS, the criminal created website scripts designed to look just like the real websites of up to 53 U.K.-based legitimate firms to help criminals steal 41.6 million British pounds ($51.3 million). By imitating legal firms, other criminals were able to use his scripts to obtain personal data about clients of those services, which was later reportedly sold on the dark web.

According to estimations, the fraud potentially targeted 500,000 victims.

Staying informed to protect against cybercrimes

In the post, Binance outlined its commitment to ensuring that its community remains secure. Binance further expressed gratitude to British authorities for cooperation in combating cybercrime: 

“We are thankful for the UK Metropolitan Police Service, as well as the many other agencies actively working with us, and other industry players, to continue our fight against cybercrime and sustain a healthy, legitimate market.”

Additionally, Lim offered Binance Academy’s Phishing Quiz for Binancians to try out, noting that the best way to protect against cyber criminals is to stay informed about potential security risks and good practices online.

In May 2019, Binance suffered a major hack that allowed hackers to steal 7,000 Bitcoin (BTC) worth around $40 million at the time of the hack. As reported by Binance, hackers deployed a range of tactics including phishing and viruses to obtain a big number of 2FA codes and API keys through the hack.

Source Cointelegraph

Fake Royal Letter Asks $2.5M in BTC to Save UK’s Economy After Brexit

Scammers asked British citizens for nearly $2.5 million in Bitcoin (BTC), claiming that the funds will be spent to maintain the local economy after Brexit.

Physical letters vs emails

Fraudsters apparently sent out physical letters to the British, posing as a private secretary of Queen Elizabeth II, according to one of the alleged copies revealed by an exec of a local tech firm.

Paul Ridden, CEO at United Kingdom-based IT firm Smarttask, posted a picture of the letter on Sept. 24 on LinkedIn, chuckling about the apparently failed phishing scam and asking if anyone else have received something similar to that.

Dated Sept. 16, the letter claims that this is the second time so far when the Queen appeals to a “certain number of people to save Great Britain’s economy.” The letter says that the Queen’s part has already accumulated 82% of the 19 billion British pounds that must be paid to the European Union to save the economy.

High rewards promises

The letter claims that the “Royal House” is looking to borrow between 450,000 to 2,000,000 British pounds (from $550,000 to $2.5 million) from British citizens, asking the recipients of the letter to send money via Bitcoin.

In exchange for participation, the letter claims to offer the potential Bitcoin donors a 30% interest rate for a period of three months as well as the opportunity to become a Member of the Royal Warrant Holders Association.

The letter sent to Paul Ridden

The letter sent to Paul Ridden

Following the news, British tech-focused publication IT Pro contacted Buckingham Palace, which did not reply to their comment request at press time. Ridden expressed confidence that nobody will send any Bitcoin to the fraudsters, calling the scam attempt poor due to the letter’s poor English, while also noting a reasonable level of financial awareness in Britain.

Source Cointelegraph

Exchange Must Cover User’s Stolen Cryptocurrency

A South Korean court ruled on Sept. 25 that the CoinOne cryptocurrency exchange must reimburse 25 million won ($20,800) to an investor after he was hacked. The attacker used the investor’s personal login and password to steal 45 million won, while a daily withdrawal limit of 20 million won was supposed to be in place.

Stolen login details

The theft occurred in late December 2018, when the investor’s CoinOne exchange login details were stolen. An attacker, who had hidden their IP address using a VPN in the Netherlands, converted all of the investor’s cryptocurrency holdings into Bitcoin (BTC), which was then withdrawn from the exchange.

The total value of the cryptocurrencies stolen had been around 47.7 million won in late November 2018. However, there was a 20 million won daily withdrawal limit on the account, which should have prevented the full amount from being taken

Safeguards not effective in preventing crypto theft

The investor argued that the exchange should have blocked access from foreign IP addresses that were different than the user’s normal access point. However, the court ruled that this was not a necessary safeguard that the exchange should reasonably have employed.

On the failure of the withdrawal limit though, the court ruled that the exchange was responsible, and, therefore, must pay the investor to cover the additional losses over this limit.

In August Cointelegraph reported on CoinOne’s partnerships to improve safety measures.

Source Cointelegraph

Users of Nigeria-Based Crypto Wallet Lose $1M in Alleged Exit Scam

Nigerian crypto wallet Satowallet has allegedly pulled off a $1 million exit scam, while the firm cites an unexplained OVH data server error that has kept user funds in limbo.

Multiple versions to delay withdrawals

After users first reported withdrawal issues in April 2019, Satowallet has been citing different versions of events to account for their failure to withdraw over $1 million in crypto, according to a report by the Financial Times (FT) on Sept. 25.

Following the first complaints, Satowallet reportedly cited technical reasons as the source of a temporary problem, which came amid the firm’s plans to launch a new crypto exchange dubbed SatowalletEX. While users were unable to access their crypto, Satowallet reportedly claimed that a group of scammers on Telegram took advantage of the maintenance period and stole user funds.

Wallet goes offline in August

Satowallet then claimed to have fixed the vulnerability, only further face another problem that delayed withdrawals, citing newly introduced know-your-customer (KYC) measures in June 2019. After KYC verifications were completed, the company announced it will be practicing manual withdrawals. Eventually, the platform went completely offline in August, with Satowallet’s CEO subsequently restoring the website to discover that user funds were gone. The FT report reads:

“After installation, however, coins were no longer there from the backups and private keys. OVH data couldn’t provide any specific explanation, only saying their server was gone for abuse which they cannot explain.”

According to the FT, Satowallet claimed to be based in Dubai, while its parent company Blockchain Tech Hub was operating in Nigeria. Founded in 2017, the wallet reportedly supported hot storage for more than 60 coins including major cryptocurrencies such as Bitcoin (BTC), Ether (ETH), Bitcoin Cash (BCH) and Litecoin (LTC).

As reported, Bitconnect and OneCoin are two of the most famous altcoin exit scams to date.

Source Cointelegraph

Fake Bitcoin Investment Platform From ‘Elon Musk’ Promises 4,000% ROI

Scammers are using fake mainstream news articles to advertise a nonexistent and potentially dangerous Bitcoin investment platform. 

“Bitcoin Profit” features fake celebrity interviews

According to the dedicated website used to lure would-be clients, the so-called “Bitcoin Profit” uses celebrity endorsements as part of its marketing strategy. 

The site, economicsworld[dot]info, includes testimony from the likes of actress Kate Winslet and Australian businessman Andrew Forrest, also known as Twiggy. 

With alleged backing from Richard Branson, Elon Musk and Bill Gates, Bitcoin Profit is one of the more brazen scams to emerge from the cryptocurrency underworld. 

Each celebrity has a feature with their photograph, along with a balance sheet of alleged investments in Bitcoin and associated returns. 

The balance sheet appears identical for each star, with only the currency symbol changing. In one week alone, perpetrators claim, buying $10,394 worth of BTC netted a return of $421,226 — or 4,110%.

“Categorically false”

Winslet, whom United Kingdom-based daily news outlet the Mirror informed about the scam, subsequently hit back, complaining about the use of her image without permission along with the false statements.

“This misleading promotion is completely disingenuous and categorically false. We are dealing with this through the appropriate channels,” the publication quoted a spokesperson as saying. 

Bitcoin Profit is reminiscent of the ongoing scam operations which plague cryptocurrency accounts on Twitter. Fake entities impersonating well-known figures from the industry are attempting to fool novices into participating in fake giveaways.

Scammers continue to exploit the lack of technical understanding around cryptocurrency, with regulators frequently warning about the emergence of new schemes.

Source Cointelegraph

FCA Warns Public About Clone Firm Offering Crypto Investment

The British Financial Conduct Authority (FCA) has warned the public about First BTC FX, a supposed clone firm offering fraudulent crypto investments.

Using details of an FCA-authorized firm

According to an FCA warning published on Sept. 20, First BTC FX is posing as authorized firm First Global Limited. First Global is a trade name for nonprofit organization International First Committee Association. First BTC FX also claims to represent a trade name of First Global on its website

Clone firms posing as legal entities

The scam entity claims to provide premium-quality trading services for commodities, forex, indices, shares and cryptocurrencies. In its crypto trading section, First BTC FX describes an investment scheme, stating that a minimum investment amount of $100 can “gain the effect” of $3,000.

In its “Risk Disclosure” section, the clone firm again uses the details of First Global, adding that the company does not provide services for residents of the United States, Canada, Israel and Iran.

In its statement, the FCA warned the public against clone firms — fraudulent entities that copy details of legal firms, such as their name, website, address or firm reference numbers in order to mislead investors to think that they do represent the actual firm. The regulator wrote:

“Be aware that the scammers may give out other false details or mix these with some correct details of the registered firm.”

The recent warning adds another crypto-related scam entity to a wide list of fraudulent firms operating in the United Kingdom. On May 25, the FCA blacklisted an entity known as ICAP Crypto after previously issuing a similar warning against illegal crypto-related firm Next Coin Market.

In July, the authority issued its finalized policy statement on crypto, claiming that it will not regulate Bitcoin (BTC) and Ether (ETH) as part of its guidance on crypto assets.

Source Cointelegraph

Binance Jersey to Reward Hacker Who Compromised Its Domain Name

Cryptocurrency exchange Binance will compensate the white hat hacker who compromised Binance Jersey’s Internet domain name and Twitter account.

Binance Jersey Twitter and domain compromised

In a post published on Aug. 16, crypto exchange Binance Jersey announced that a white hat hacker was able to gain access to the @BinanceJE Twitter account (the official Binance Jersey profile) and the platform’s Internet domain name. Still, the company was able to recover the domain name within a few minutes, and the Twitter handle in some hours.

Per the announcement, the hacker obtained access “by social engineering the email domain name service provider,” and then posted a few tweets from the company’s official account, deleting them later. Furthermore, the hacker was reportedly cooperative and open during his communication with the exchange’s security team, which allowed for the quick recovery of the Twitter account. The firm notes:

“We were able to restore the domain name within a few minutes and the Twitter handle a couple of hours later. We will issue a security bug bounty to the white hat hacker, as well as investigate the incident further with our service provider. […] All funds on Binance.JE are safe. No data was compromised.”


Screenshot of one of the tweets | Telegram channel Diddycarter’s ANN Channel

In one of the tweets from another account, reportedly controlled by the same hacker, they asked Binance CEO Changpeng Zhao to contact them personally. At press time, all of the hacker’s tweets have been deleted from Binance Jersey’s Twitter profile.

As Cointelegraph recently reported, the native token of crypto exchange Binance soared around 11%, despite the fresh rumors of a possible Know Your Customer data leak affecting exchange’s users.

Source Cointelegraph

PlusToken Suspected Ponzi Moves $240M in Four Bitcoin Transactions

Over $240 million in proceeds from the alleged crypto scheme PlusToken have reportedly moved through four Bitcoin (BTC) transactions.

Whale Alert — a Twitter account dedicated to reporting large cryptocurrency transactions — posted on Aug. 17 that four transactions totaling 22,923 BTC were likely the proceeds of PlusToken.

The four transactions moved 6,000 BTC, 5,000 BTC, 7,000 BTC and 4,923 BTC. All the transactions took place on Aug. 17. The monitor admits that, while the transactions are likely associated with the purported scheme, they are unconfirmed. 

Largest reported exit scam

As Cointelegraph reported in an analysis of the biggest crypto heists, PlusToken could be the largest crypto exit scam, with an estimated loss of around $2.9 billion. PlusToken is said to have fraudulently claimed that it could deliver wallet holders a return on investment between 8% and 16% per month, after depositing $500 in crypto assets. 

Cryptocurrency and blockchain forensics company Ciphertrace states that the platform involves several Chinese nationals, the Chinese police and the company’s co-founders — a South Korean man operating under the alias of “Kim Jung Un” and a Russian known only as “Leo.”

Recently a United States District Court issued an emergency freeze to preserve $8 million in assets associated with several entities accused of a fraudulent and unregistered initial coin offering. 

New York resident Reginald Middleton and two entities under his management were initially accused by the U.S. Securities and Exchange Commission of raising approximately $14.8 million in a fraudulent ICO.

Source Cointelegraph

Saudi Arabia Warns of Crypto Scammers Posing as Gov’t Projects

Saudi Arabia’s Finance Ministry has warned against crypto tricksters using the kingdom’s official emblem to promote tokens that purport to be tied to government projects.

Arab News reported on Aug. 21 that the ministry has identified a Singapore-based company promoting two fraudulent cryptocurrencies, dubbed “CryptoRiyal” and “SmartRiyal.” 

Fraud alert: hype and pump

CryptoRiyal and SmartRiyal’s promoters are reportedly claiming that their cryptocurrency project’s ultimate goal is to finance NEOM — a smart city and tourism hub currently under construction in the north of Saudi Arabia. 

The report cites an official statement issued yesterday from the ministry, which indicated that any use of the Kingdom’s name, national fiat currency or emblem for cryptocurrencies will be subject to legal action from the authorities.

In an interview with Arab News, cryptocurrency expert Dr. Assad Rizq said that many trickster firms are unregulated, have no assets and even copy their white paper from other projects. He added:

“They hype and pump their project so the price goes up. Inexpert investors, afraid of missing out, jump in, which spikes the price even higher. Then the owners sell up and make tons of money.

Dr. Rizq also underscored that investors should thoroughly research the technology and sector before investing and familiarize themselves with their country’s rules and regulations.

Bona fide state initiatives

While scammers may be falsely representing their alleged government ties, Saudi Arabia is in fact involved in a project to develop a cryptocurrency together with the United Arab Emirates. 

The bilaterally issued digital asset will be an interbank asset dubbed Aber with restricted circulation. The two countries have said the project aims to explore the practical application of cryptocurrencies to reduce remittance costs and facilitate cross-border payments.

Source Cointelegraph

Cryptopia Liquidator Determining Pooled Wallet Crypto Ownership

Professional services firm Grant Thornton claims that it has made good progress in securing and preserving the cryptocurrencies of hacked exchange Cryptopia.

In a news release published on Aug. 21, Cryptopia’s liquidator said there were two reasons why it had taken so long to determine what the exchange’s customers had held.

Grant Thornton explained that some customers did not have individual wallets and their funds were pooled together, as Cryptopia kept details of customer holdings in its database. As a consequence of this, the firm said it is impossible to determine individual ownership by relying on wallet keys.

The liquidator added that no detailed reconciliation process between the customer holdings database and the crypto assets held in the wallets has ever been completed, which the company hopes will reveal individual user holdings. The company also claims this process is now underway, explaining:

“We are working to reconcile the accounts of over 900,000 customers, many holding multiple crypto-assets, millions of transactions and over 400 different crypto-assets. These must be reconciled one-by-one. ”

Hacked asset recovery

Lastly, Grant Thornton said it is still determining whether it can recover the crypto assets lost during the hack which affected the exchange in January 2019 — warning the complex situation requires cooperation from third parties. 

As Cointelegraph reported, Grant Thornton released an estimation of Cryptopia’s financial state at the end of May, which revealed that the embattled exchange owed $4.22 million to its creditors.

Source Cointelegraph