Bitcoin scam exposes thousands to data breach
|Thousands have their personal data leaked by a crypto-based phishing scam.
Fraudulent websites successfully have stolen the personal records of a number of individuals from the U.K., Australia, South Africa, the U.S., Singapore, Malaysia, Spain, and more. The attack was executed as a targeted multi-stage Bitcoin (BTC) scam propagated by a number of fraudulent websites.
According to the Singapore-based intelligence company, Group-IB, the attack exposed personal data for thousands of people.
Impersonating recognized media outlets and personalities
Victim's phone numbers, which in most cases came with names and emails, were contained in personalized URLs used to redirect people to websites. These sites posed as local news outlets, even going so far as to include fabricated comments from prominent local personalities.
Analysis conducted on the leaked numbers allowed Group-IB to establish where the majority of the data had leaked from. They discovered that the U.K. was the most affected location with 147,610 personal records.
The report details that victims commonly received a text message, or SMS, which mentioned the name of the recipient. This was followed by a phishing message that was meant to impersonate a recognized media outlet.
Ilia Rozhnov, head of Group-IB's Brand Protection team in the Asia Pacific, told Cointelegraph:
Fraudulent schemes have become more complicated. They now involve several stages, complex distributed infrastructure, and abuse of personal and corporate brands that is hard to track down and block using traditional detection methods. Companies and celebrities whose names were hijacked by fraudsters suffer reputational damage and face diminished customer trust."
Different names for the same fraudulent investment platform
Researchers spotted six active domains featuring the same Bitcoin investment platform. Each operated under a different name. Some of these include Crypto Cash, Bitcoin Rejoin, Bitcoin Supreme and Banking on Blockchain.
Group-IB adds:
Further analysis of the URLs revealed that a short link takes a victim to another URL which already demonstrates their personal data, such as the phone number, first or/and last name, and sometimes an email address, and used for redirects to fake websites masquerading as a local media outlet. (...) The experts believe that the personal information info could have been obtained by fraudsters through a separate fraudulent scheme or simply bought from a third party.
The Group-IB team has analyzed the exposed info using a number of data breach repositories. They have also analyzed several underground marketplaces for the presence of this data. So far, they have not found any traces of the exposed info.
As of press time, the source of the leak has not been established. The team has reported the study’s findings to the proper authorities in each affected country.
Cryptocurrencies forensics experts from Xrplorer warned on June 15 that hackers were trying to steal XRP users’ secret keys by claiming that Ripple was giving away tokens.
Information on these pages contains forward-looking statements that involve risks and uncertainties. Markets and instruments profiled on this page are for informational purposes only and should not in any way come across as a recommendation to buy or sell in these assets. You should do your own thorough research before making any investment decisions. FXStreet does not in any way guarantee that this information is free from mistakes, errors, or material misstatements. It also does not guarantee that this information is of a timely nature. Investing in Open Markets involves a great deal of risk, including the loss of all or a portion of your investment, as well as emotional distress. All risks, losses and costs associated with investing, including total loss of principal, are your responsibility. The views and opinions expressed in this article are those of the authors and do not necessarily reflect the official policy or position of FXStreet nor its advertisers.