A
report
reveals
a
new
network
of
malefactors
in
the
lucrative
crypto
fraud
market
using
videos,
channels
and
web
apps.
RareStock/Adobe
Stock
Helsinki-based
security
firm
WithSecure
has
unearthed
a
kudzu-like
network
of
fraudulent
content
aimed
at
getting
people
to
invest
in
fake
cryptocurrency
investments.
Run
by
what
WithSecure
characterized
as
a
group
of
around
30
threat
actors,
the
network
encourages
participation
in
web-based
apps
posing
as
investment
schemes
using
the
cryptocurrency
Tether.
The
company
estimated
that
the
fraudulent
apps
it
discovered
were
able
to
generate
just
over
$100,000
in
revenue
from
approximately
900
victims.
Jump
to:
How
the
YouTube
cryptocurrency
scam
works
WithSecure,
which
garnered
data
for
the
report
in
the
latter
half
of
2022,
claimed
the
malefactors
disseminated
thousands
of
videos
garnering
engagements
from
viewers
across
hundreds
of
YouTube
channels.
The
group
uses
Telegram,
which
was
a
vector
used
by
the
Keona
Clipper
malware
last
June,
as
a
communications
channel
and
deploys
copy-paste
automation
to
add
comments
to
the
videos
to
camouflage
them
as
legit,
per
the
security
firm.
The
investigators
found
700
URLs
hosting
fraudulent
web
apps
associated
with
videos
and
served
by
the
network,
but
parallel
data
from
cryptocurrency
wallets
“implicated
the
possible
involvement
of
thousands
more,”
said
the
report.
SEE:
FBI
warns
of
phony
cryptocurrency
apps
aiming
to
steal
money
from
investors
(TechRepublic)
According
to
the
report,
victims
transfer
money
from
an
existing
cryptocurrency
wallet
to
one
of
the
apps
in
a
one-way
transaction.
The
researchers
said
there
was
no
movement
of
crypto
back
to
the
victims
(Figure
A).
Figure
A
WithSecure.
A
node-edge
graph
of
interactions
between
channels
captured
in
the
one
of
the
Tether
datasets,
showing
that
many
of
the
videos
received
comments
from
entirely
separate
groups
of
accounts,
with
activity
in
the
middle
of
the
graph
showing
overlap
between
commenters.
Victims
are
required
to
create
an
account
in
the
advertised
app
delivered
as
web
pages,
mobile
applications
or
even
automation
that
interacts
with
users
on
Telegram.
The
victim
must
then
deposit
a
small
amount
into
the
app
—
tens
of
dollars,
which
is
immediately
filched
by
the
scammers.
WithSecure
said
many
of
the
videos
encourage
victims
to
invite
friends
and
family
to
participate,
dangling
a
small
amount
of
money
for
each
person
invited.
The
apps
also
include
bonus
“VIP”
structures
that
unlock
better
“investment”
options
that
boast
higher
returns.
These
demand
a
larger
deposit
commitment.
SEE:
Visa
breaks
down
$9
billion
investment
in
security,
fraud
initiatives
(TechRepublic)
“This
network
seems
to
be
targeting
existing
cryptocurrency
investors
with
low-quality
videos
in
different
languages
without
localizing
them
to
reach
different
regions,
so
I’d
say
it’s
a
pretty
opportunistic
approach,”
said
WithSecure
Intelligence
Researcher
Andy
Patel.
“Typically,
this
results
in
a
large
volume
of
small
transactions.
“But
as
that
volume
increases,
so
do
the
odds
of
them
getting
lucky
and
finding
someone
able
and
willing
to
invest
more
substantial
amounts.”
(Figure
B)
Figure
B
WithSecure.
Presenter
talking
about
the
mobile
app’s
withdraw
functionality.
He
said
the
darker
picture,
the
scams’
relative
unprofitability
notwithstanding,
is
that
the
scammers
have
gamed
YouTube’s
recommendation
algorithms
and
that
description
fields
attached
to
the
videos
also
employ
a
unique
style
of
SEO
designed
to
game
YouTube’s
search
functionality.
“Moderating
social
media
content
is
a
huge
challenge
for
platforms,
but
the
successful
amplification
of
this
content
using
pretty
simple,
well-known
techniques
makes
me
think
that
more
could
be
done
to
protect
people
from
these
scams,”
Patel
said
in
the
report
(Figure
C).
Figure
C
WithSecure.
Node-edge
graph
of
interactions
in
another
dataset
tracked
by
WithSecure.
Nodes
are
labeled
by
weighted
out
degree:
the
higher
the
number,
the
more
comments
the
account
published.
FTC:
Crypto
scams
posted
small
numbers
but
lucrative
in
aggregate
In
a
June
2022
note,
the
U.S.
Federal
Trade
Commission
said
that
crypto
is
proving
a
lucrative
scam
channel,
with
more
than
46,000
people
reportedly
having
lost
a
total
of
over
$1
billion
in
crypto
to
scams
since
2021.
The
note
said
cryptocurrency
was
identified
as
the
payment
method
for
24%
of
reported
dollar
losses
in
fraud
reports
to
the
FTC,
and
that
the
median
individual
reported
loss
was
$2,600.
The
top
cryptocurrencies
that
people
reported
using
to
pay
scammers
were
Bitcoin
(70%),
Tether
(10%)
and
Ether
(9%).
Crypto
scams
to
watch
for
in
2023
Financial
software
firm
Abrigo,
in
a
2023
report,
reiterated
FTC
warnings
about
an
additional
nine
crypto
scams
that
institutions
and
individuals
should
watch
for
this
year:
-
Romance
scams:
Preying
on
relationships
and
can
have
both
an
investment
and
payment
angle.
In
a
recent
note,
the
FTC
reported
that
last
year
nearly
70,000
people
reported
a
romance
scam,
and
reported
losses
hit
$1.3
billion,
with
a
median
loss
of
$4,400. -
Business,
government
or
job
impersonation
scams:
Threat
actors
present
themselves
as
trustworthy
online
sources
and
convince
users
to
send
them
funds
by
buying
crypto. -
Rug
pull
scams:
Investment
scammers
propose
a
new
crypto
opportunity
or
NFT
that
requires
funding. -
Phishing
scams:
Emails
(or
“smishing”
text
messages)
carry
malicious
links
that
gather
details
like
a
user’s
crypto
wallet
and
other
key
information
allowing
access
to
the
victim’s
crypto. -
Social
media
scams:
These
begin
with
an
ad,
post
or
message
on
social
media,
particularly
Instagram,
Facebook,
WhatsApp
and
Telegram. -
Ponzi
schemes:
Scammers
collect
funds
from
new
investors
via
cryptocurrencies. -
Upgrade
scams:
Consumers,
accustomed
to
upgrades,
can
easily
be
scammed
into
giving
up
their
private
keys
as
part
of
an
“upgrade.” -
SIM-Swap
scams:
Theft
of
a
cell
phone’s
SIM
card
can
allow
access
via
DFA
to
the
victim’s
crypto
wallets. -
Fake
crypto
exchanges
and
crypto
wallets:
Inexperienced
crypto
users
may
be
lured
into
investing
in
a
new
high-value
cryptocurrency
exchange
opportunity
or
a
“cheap”
Bitcoin
that
doesn’t
exist.
Patel
of
WithSecure
told
TechRepublic
that
while
there
are
no
obvious
business
implications
that
relate
to
this
particular
scam,
“both
individuals
and
businesses
should
always
be
wary
of
investment
schemes
that
look
too
good
to
be
true.
This
is
especially
the
case
when
considering
anything
related
to
crypto
currencies.”
Blockchain,
for
better
or
worse,
is
here
to
stay.
If
you
are
interested
in
learning
more
about
the
fundamentals
of
the
technology
behind
cryptocurrency,
check
out
these
blockchain
development
fundamentals.
About Author
