Crypto scams

Dingo crypto token flagged as scam over 99% transaction fee backdoor

Cybersecurity firm Check Point said it discovered a smart contract function called “setTaxFeePercent” that can reportedly change the contract’s buy and sell fees.

The research arm of cybersecurity software firm Check Point has flagged the Dingo Token (DINGO) as a “potential scam” after reportedly discovering a smart contract function that has been used to manipulate transaction fees.

In a Feb. 3 blog post, Check Point Research (CPR) said that after looking into the code behind the Dingo Smart Contract it had discovered a backdoor function, “setTaxFeePercent,” that can change the contract’s buy and sell fee by up to 99%.

This is despite the project’s whitepaper stating that there is only a 10% fee per transaction.

An example of the smart contract function being used to manipulate transaction fees. Source: Check Point Research

According to CPR, this essentially allows the project’s owner to withdraw up to 99% of the transaction amount whenever a user buys or sells the token.

In one case, the cyber security software firm observed a user who spent $26.89 to purchase 427 million Dingo Tokens but instead received 4.27 million, or $0.27 worth of Dingo Tokens.

An example of a user only receiving 1% of the transaction’s value. Source: Check Point Research

The firm said it decided to investigate the Dingo Token project after seeing the token rise 8,400% this year, and found at least 47 instances of the function being used to allegedly scam token investors.

“We all know that 2022 was a hard year in the crypto market. However, when we saw a token raised by 8400% this year, we had to investigate the project and understand what was unique about it. We examined the Dingo Smart Contract and quickly found it seemed like a scam,” it wrote.

Check Point Research (CPR) has found at least 47 instances of the smart contract function being used. Source: Check Point Research

The firm also pointed to the Dingo Tokens website, saying that it has “no real information about the owners of the projects,” other than a four-page white paper.

“If you’ve incorporated crypto into your investment portfolio or are interested in investing in crypto in the future, you should make sure to only use known exchanges and buy from a known token with several transactions behind it,” the research firm wrote.

At time of writing, Dingo Token was ranked 298 on CoinMarketCap with a live market cap of $82,555,168.

Related: Sneaky fake Google Translate app installs crypto miner on 112,000 PCs

Cointelegraph reached out to the creators of Dingo Token for a response to the allegations but did not receive a reply before publication.

Users of Twitter and CoinMarketCap have also recently reported issues with the Dingo Token. Crypto trader IncredibleJoker said they could not sell their holdings in a Feb. 5 post.

A Dingo Token moderator responded to the user’s Twitter post, asking the user to message them privately, but no further updates have been made public.

Meanwhile, on CoinMarketCap, user mraff1579 appeared to reference the backdoor function raised by CPR.

“Wow dont lislisten to send to new wallet they took 30 billion coins and only received 300 mil because of fraudulent tax wow ppieces of Shit. . I was going to send to deployed for coin but got screwed , pretty sure anything you do will result in lost of 99%,” the post said.

No ‘respite’ for exploits, flash loans or exit scams in 2023: Cybersecurity firm

The industry is likely to see “further attempts from hackers targeting bridges in 2023,” while users are urged to be warier of their private keys.

The new year is a fresh start for malicious actors in the crypto space and 2023 won’t likely see a slowdown in scams, exploits and hacks, according to CertiK.

The blockchain security company told Cointelegraph its expectations for the year ahead regarding bad actors in the space, saying:

“We saw a large number of incidents last year despite the crypto bear market, so we do not anticipate a respite in exploits, flash loans or exit scams.”

Regarding other ill-natured incidents the crypto community might face, the company pointed to the “devastating” exploits that took place on cross-chain bridges in 2022. Of the 10 largest exploits during the year, six were bridge exploits, which stole a total of around $1.4 billion.

Due to these historically high returns, CertiK noted the likelihood of “further attempts from hackers targeting bridges in 2023.”

Protect your keys

On the other hand, CertiK said there will likely be “fewer brute force attacks” on crypto wallets, given that the Profanity tool vulnerability — which has been used to attack a number of crypto wallets in the past — is now widely known.

The Profanity tool allows users to generate customized “vanity” crypto addresses. A vulnerability in the tool was used to exploit $160 million worth of crypto in the September hack of algorithmic crypto market maker Wintermute, according to CertiK.

Instead, wallet compromises this year will likely come because of poor user security, CertiK said, stating:

“It’s possible that funds lost to private key compromises in 2023 will be due to poor management of private keys, bar any future vulnerability found in wallet generators.”

The firm said it will also be monitoring phishing techniques that could proliferate in the new year. It noted the slew of Discord group hacks in mid-2022 that tricked participants into clicking phishing links such as the Bored Ape Yacht Club (BAYC) Discord hack in June, which resulted in 145 Ether (ETH) being stolen.

Related: Revoke your smart contract approvals ASAP, warns crypto investor

Last year, $2.1 billion worth of crypto was stolen through just the 10 biggest incidents alone, while 2021 saw $10.2 billion total stolen from Decentralized Finance (DeFi) protocols, according to peer security firm Immunefi.

The biggest incident in 2022 — and of all time — was the Ronin bridge exploit, which saw attackers making off with around $612 million. The largest flash loan attack was the $76 million Beanstalk Farms exploit and the largest DeFi protocol exploit was the $79.3 million stolen from Rari Capital.

$62M crypto stolen in Dec was the ‘lowest monthly figure’ in 2022: CertiK

December proved to be the month with the least crypto stolen in 2022, although there were still 23 major incidents, according to CertiK.

Cryptocurrency hackers and exploiters seemingly slowed down for the 2022 holidays as December saw $62.2 million worth of cryptocurrencies stolen, the “lowest monthly figure” of the year, according to CertiK.

The blockchain security company on Dec. 31 tweeted a list of the month’s most significant attacks. It highlighted the $15.5 million worth of exit scams as the method that stole the most value over the month, followed by the $7.6 million worth of flash loan-based exploits.

A later tweet on Jan. 1 confirmed that the 23 largest exploits were responsible for around 98.5% of the $62.2 million figure, with the $15 million Helio Protocol incident on Dec. 2 the largest of the month.

The protocol, which manages the stablecoin HAY (HAY), suffered a loss when a trader took advantage of a price discrepancy in Ankr Reward Bearing Staked BNB (aBNBc) to borrow millions worth of HAY.

At the time, the decentralized finance (DeFi) protocol Ankr suffered a separate exploit where an attacker minted 20 trillion aBNBc, causing its price to plummet. The Helio trader quickly deposited aBNBc tokens to borrow 16 million HAY, causing the loan to be significantly undercollateralized, leading to the protocol’s loss and a depeg of its stablecoin.

The second largest incident of the month was the $12.9 million exploits of Defrost Finance’s v1 and v2 protocols on Dec. 23, where an attacker carried out a flash loan attack by adding a fake collateral token and a malicious price oracle to liquidate the protocol.

Days after the exploit, the hacker returned the funds stolen from the v1 protocol to an address controlled by Defrost, though funds are yet to have been returned for the v2 hack.

CertiK labeled the exploit an “exit scam” due to the fact an admin key was required to conduct the attack. Defrost denied the allegations to Cointelegraph, claiming the key was compromised.

Related: Crypto’s recovery requires more aggressive solutions to fraud

The December figure is much lower than the month prior, seeing an 89.5% decrease from the $595 million worth of exploits across 36 major incidents CertiK recorded in November, a figure largely skewed by the $477 million hack of crypto exchange FTX.

Overall for 2022, just the largest 10 exploits of the year funneled around $2.1 billion to bad actors, largely on cross-blockchain bridges and DeFi protocols.

California regulator warns of 17 crypto websites suspected of fraud

The last time the DFPI sent out such a large batch of crypto scam alerts was in June when it sounded the alarm over 26 dubious crypto platforms.

The California Department of Financial Protection and Innovation (DFPI) has fired off 17 separate warnings over two days against crypto brokers and websites it suspects of being fraudulent.

The list includes Tahoe Digital Exchange, TeleTrade Options, Tony Alin Trading Firm, Hekamenltd/Tosal Markets Limited, Trade 1960, Yong Ying Global Investment Company Limited, Unison FX, VoyanX.com, and ZC Exchange, to name a few.

Additionally, there are two copycat sites posing as two big names in the crypto sector: eth-Wintermute.net and UniSwap LLC.

At the time of writing, the DFPI’s consumer alert page has posted 17 warnings over Dec. 27 and Dec. 28 stating that these companies “appear to be engaged in fraud against California consumers.”

It is not common for the DFPI to post so many alerts in one go, suggesting that the number of crypto scam reports may have ramped up in the latter stages of the year. The DFPI usually posts sporadic warnings about investigations into companies, or alerts of certain incidents.

The last time the DFPI sent out such a large batch of crypto scam alerts was on June 15, when it sounded the alarm bells over 26 dubious crypto platforms.

The warnings came in response to complaints from citizens against the brokers and websites, with the DFPI stating the individuals have reported having lost anywhere from $2,000 to as much as $1.2 million in certain cases. The DFPI however only goes as far as to say that these websites “appears to be engaged in fraud.”

A key theme alleged in most of these warnings relates to pig-slaughtering scams, which involve an individual or group creating a fake identity online to build fake relationships or friendships via social media, messaging and dating apps.

In a pig slaughtering or romance scam, a fraudster would generally put weeks or months into building the fake kinship to gain the victim’s trust, before gradually shifting the conversation toward investments and enticing them with investment “opportunities” that are often too good to be true.

Ultimately the end goal is to get the victim to invest in crypto via a copycat version of a legitimate website — such as UniSwap LLC and eth-Wintermute.net in this instance — or by transferring funds to a dodgy wallet address.

Accompanying pig slaughtering, the alleged scammers are said to have deployed another tactic described as the “Advance Fee Scheme,” where the bad actors will request large amounts of money to process the fake withdrawals from their scam sites.

If the victim falls for it, the scammer not only pockets the initial investment but an extra slice on top, before promptly cutting off all forms of contact.

Related: Scammers impersonate US State Department, claiming to help affected FTX users

“The DFPI urges consumers to exercise extreme caution before responding to any solicitation offering investment or financial services. To check whether an investment or financial service provider is licensed in California,” the DFPI stated.

Executives from $1.5B South Korean crypto exchange fraud jailed

The latest court action now takes the number of V Global execs behind bars up to seven, as the CEO was previously sentenced to a 22-year prison term.

Six executives involved in the $1.5 billion (2 trillion won) South Korean crypto exchange fraud V Global have received prison sentences of up to eight years — but three were not detained so they could fight certain charges in court.

V Global operated between July 2020 and April 2021, roping in around 50,000 investors by promising 300% returns alongside sizable payments for referring new customers.

According to a translation of Dec. 26 reports from South Korean media outlets such as Economist.co.kr, two high-ranking execs, named Mr.Yang and Mr. Oh, got eight years and three years apiece for their role in defrauding investors.

Another four unnamed execs received three-year sentences and five years of probation.

Three of the total six have not yet been detained, however, as they have claimed innocence to certain charges and have the right to defend themselves in court.

“The defendants only trusted the VGlobal management team, evaded responsibility, and once the investigation began, they destroyed evidence and interfered with the investigation,” said the judge from the 12th Criminal Division of the Suwon District Court.

The judge however, was reported to have given the defendants some leniency, as the actual amount of fraud and number of investors impacted was lower than initially thought last year.

According to Kyeongin’s reporting from February, this was due to later evidence showing that around 10,000 investors had actually made returns from V Global via payments from multilevel marketing incentives such as customer recruitment bonuses. Many are said to have then reinvested those profits back into the platform before it was shut down.

Related: $4B OneCoin scam co-founder pleads guilty, faces 60 years jail

It was alleged back in June last year that the firm had paid out its customer referral bonuses, reportedly worth $1,000 a pop, to existing investors via the influx of capital from new users, in a Ponzi-like fashion.

The latest court action now takes the number of V Global execs behind bars up to seven, as the CEO, known as Mr. Lee, was sentenced to a 22-year prison term back in February.

Front-running scams rampant on YouTube with 500% surge in 2022: CertiK

The scam lures victims to download fake front-running bot software that swipes their assets once they try to initiate a transaction.

Front-running scam bots are significantly gaining traction on YouTube, with the number of dubious videos increasing six-fold in 2022 according to a new report from blockchain security firm CertiK.

In the firm’s Dec. 1 report, CertiK explores how a wave of front-running bot scams are promising free returns as high as 10X a day but ultimately end up swiping people’s funds.

Notably, CertiK’s analysis found 84% of videos on YouTube mentioning “front running bot” were scams, with the number increasing 500% from 28 videos in 2021 to 168 videos in 2022:

“There are common themes in all of these videos: free code and huge returns. Successful runners won’t give away free code on a social media site, they will sell it for a large amount on underground forums.”

The scam itself generally sees victims being guided to downloaded fake bot software, which is designed to swipe their assets once they try to initiate a front-running transaction.

Even when they are not scams, front-running bots cause problems as they can give the deployer a distinct advantage over other crypto traders in certain circumstances.

The bots generally scan blockchains for unconfirmed transactions and then pay a greater gas fee to squeeze in ahead of said transactions, “essentially beating it to the punch and taking all the profit on offer” from a trade.

The report identified videos using dubious titles such as “$15,000 Front Running Crypto Bot Leak! – 50X HUGE RETURNS!” and “Uniswap Front Running Bot 2022 – EASY TUTORIAL (Huge profits)” in which scammers give fake tutorials on downloading and using the bots.

The videos’ comment sections are, of course, swarmed with countless bot comments praising the content so that real comments sounding alarm bells are buried under the noise.

An example of the typical comments found on front-running bot scam videos. Source: CertiK

Scam reports have been rife of late, as Cointelegraph reported on Nov. 22 that deepfake videos using Sam Bankman-Fried’s likeness were circulating online aiming to dupe people impacted by FTX’s bankruptcy.

Related: Metaverse exploitation and abuse to rise in 2023: Kaspersky

CertiK released a separate report on Nov. 17 outlining that crypto scammers have been using identities bought on the black market to put their names and faces on fraudulent projects. Described as “Professional KYC actors,” CertiK found that their identities could be purchased for as low as $8.00.

On Reddit on Dec. 1, members of the r/Metallica community were also sending out warnings over fake Metallica live streams featuring all the band members that linked to crypto giveaway scams.

Some members even claimed that the YouTube algorithm had been recommending the videos to them in their top recommendations.

Comment on r/Metallica: Reddit

Aussies warned to avoid crypto paper wallets they find on the street

Fraudsters have reportedly been leaving fake crypto paper wallets in public places as part of a scam to dupe Australians out of their crypto.

Australians have been warned to stay away from suspicious-looking fake Bitcoin (BTC) paper wallets, which work by luring victims into accessing a lucrative crypto wallet but will ultimately drain them of their own crypto holdings.

According to a Nov. 22 post on the Facebook page of the NSW Police Force, the scam starts as a paper cryptocurrency wallet with a QR code, which is made to appear like a legitimate Bitcoin paper wallet.

These are strewn by scammers in public locations such as streets or parks.

An example of the scam crypto paper wallets. Source: NSW Police Force 

An individual that locates the paper wallet and scans the QR code is directed to click on a link to access a crypto wallet with up to $16,000 Australian dollars ($10,000).

The person is then asked to pay a withdrawal fee and provide their own wallet credentials that will purportedly allow them to transfer the balance into their own crypto wallet.

“Once the withdrawal fee is paid and person’s crypto wallet details provided, the person’s cryptocurrency is stolen from their crypto wallets,” explained the NSW police.

The authorities have advised the public to stay vigilant, and that anybody who finds a paper crypto wallet similar to this should not attempt to scan the QR code, access the account, or supply their private information.

Instead, they should surrender the wallet to their local police station.

This is not Australia’s first instance of a paper crypto wallet scam. Over three months ago, a user on Reddit created a thread reporting they had found a paper crypto wallet and flagged it as a possible scam.

Dozens of other people from all over the country responded with their own stories of finding paper crypto wallets in the street, on the beach and at parks.

One user, Pinnymc, commented they almost fell for it because they could see the wallet address and the transactions on-chain. They said the website also appeared genuine.

However, Pinnymc says they became suspicious because of the 0.5% transaction fee.

“If this was a legit wallet I should be able to withdraw and the transaction fee comes out of the balance. It’s such a shame because this looks so legit,” said the user. 

Related: ‘Do not delay’ — ASIC warns Aussies to look for 10 signs of a crypto scam

Australians have already proven to be particularly susceptible to investment and crypto-related scams this year, losing 242.5 million Australian dollars to scammers so far in 2022, according to data from the Australian consumer watchdog’s Scamwatch website. 

The country’s federal law enforcement agency has also highlighted the criminal use of crypto as an “emerging threat” but says it’s a challenge to keep pace with criminals who are constantly changing tactics and methods.

Crypto scammers are using black market identities to avoid detection: CertiK

The blockchain security firm has uncovered a new tactic used by crypto scammers as the industry continues to improve its fraud detection capabilities.

Crypto scammers have been accessing a “cheap and easy” black market of individuals willing to put their name and face on fraudulent projects — all for the low price of $8.00, blockchain security firm CertiK has uncovered. 

These individuals, described by CertiK as “Professional KYC actors,” would, in some cases, voluntarily become the verified face of a crypto project, gaining trust in the crypto community prior to an “insider hack or exit scam.”

Other uses of these Know Your Customers (KYC) actors include using their identities to open up bank or exchange accounts on behalf of the bad actors.

According to a Nov. 17 blog post, CertiK analysts were able to find over 20 underground marketplaces hosted on Telegram, Discord, mobile apps and gig websites to recruit KYC actors for as low as $8.00 for simple “gigs” like passing the KYC requirements “to open a bank or exchange account from a developing country.”

Pricier jobs involve the KYC actor putting their face and name on a fraudulent project. CertiK noted that most actors are seemingly exploited as they are based in developing countries “with an above-average concentration in South-East Asia” and paid around $20 or $30 per role.

Meanwhile, more complex requirements or verification processes could fetch an even higher asking price, particularly if the KYC actors are residents of countries considered a low money laundering risk.

Some roles paid up to $500 a week if an actor was to play the role of CEO for a malicious project but the KYC actor market was “marginal” compared to the market for already KYCed bank and crypto exchange accounts, according to CertiK.

Crypto to fiat — or vice-versa — conversions were also cited as a significant percentage of the transactions seen on these marketplaces with CertiK calculating that more than 500,000 members in marketplace sizes ranging from 4,000 to 300,000 were buyers and sellers on these black markets.

Related: Scary stats: $3B stolen in 2022 as of ‘Hacktober,’ doubling 2021

CertiK warned that over 40 websites claiming to vet crypto projects and offer “KYC badges” are “worthless,” as the services are “too superficial to detect fraud or simply too amateur to detect insider threats.”

They added the teams behind these websites are “missing the needed “investigation methodology, training, and experience,” meaning these badges are then leveraged by scammers to mislead the community and investors.

That being said, the industry has been working hard and is gaining ground in its fight against crypto scammers. A tool released in October by traditional finance giant Mastercard combines artificial intelligence and blockchain data to help find and prevent fraud.

Contrary to popular belief, the open nature of blockchain transactions means it’s harder for fraudsters to hide the movement of funds. Another recent example has been the work of French authorities using on-chain analysis to find and charge five people who stole nonfungible tokens (NFT) through a phishing scam.

Crypto ATMs emerging as popular method for crypto scam payments — FBI

The FBI says alongside regular methods of payment such as wire transfers and prepaid cards, crypto ATMs are also becoming a prominent tool for crypto investment scammers.

The United States Federal Bureau of Investigation’s (FBI) Miami Field Office has warned that crypto ATMs are emerging as a popular method that scammers use to receive funds from defrauded victims.

The information was revealed as part of an Oct. 3 public warning about “pig butchering scams,” where scammers pose as long-lost friends or potential romantic partners to swipe money from victims.

 The scammers “fatten up” their victims by showing a supposedly genuine interest in them to win their trust, and then gradually introduce investment discussions into the relationship.

In the public service announcement in cooperation with the Internet Crime Complaint Center, the FBI warned that victims of these pig-butchering crypto scams generally have no chance of getting their funds back.

However, the FBI noted that they’ve noticed scammers have been increasingly directing their victims to transfer funds via crypto ATMs, alongside more well-known methods such as wire transfers and prepaid cards, noting:

“Many victims report being directed to make wire transfers to overseas accounts or purchase large amounts of prepaid cards. The use of cryptocurrency and cryptocurrency ATMs is also an emerging method of payment. Individual losses related to these schemes ranged from tens of thousands to millions of dollars.”

The FBI noted that in “pig butchering” scams, victims are “coached through an investment process” and “encouraged to make continuous deposits by the fraudsters.”

“When the victims attempt to cash out their investments, they are told they need to pay income taxes or additional fees, causing them to lose additional funds.”

Crypto ATMs have long been utilized by scammers who pose as public officials, law enforcement agents or employees of local utility companies, and coerce victims to send them payments under the guise of paying off bills or unpaid taxes to avoid further penalties.

There are nearly 33,500 cryptocurrency ATMs in the United States, according to data from Coin ATM Radar, with the U.S. accounting for 87.4% of the global crypto ATM distribution.

The U.S. Federal Trade Commission sent out a warning regarding crypto ATM scams in January, while also noting that the scammers do sometimes pose as potential romantic partners.

The FBI urged people to “verify the validity of any investment opportunity” introduced by these types of people, keep an eye out for domain names impersonating legitimate exchanges and misspelled URLs, and not download any apps if the legitimacy cannot be verified.

Related: Beeple’s Discord URL ‘hijacked,’ directing users to wallet drainer

Law enforcement agencies across the U.S. have warned about pig butchering and romance scams on several occasions. While it could be assumed that the victims are not well-educated regarding technology or investing, this isn’t always the case.

In June, it was reported that tech-savvy professionals from Silicon Valley were being duped by a wave of pig butchering scams in San Francisco, with multiple people losing more than $1 million apiece to this type of financial fraud.

Illicit crypto usage as a percent of total usage has fallen: Report

A rapidly growing crypto market means that hacks and scams are accounting for less overall activity, and their percentage of total usage continues to decline.

Illicit cryptocurrency activity in 2021 and the first quarter of 2022 has declined as a percentage of overall crypto activity, according to blockchain forensics firm CipherTrace.

The cryptocurrency industry has long held a reputation in some jurisdictions as a haven for illegal activity. However, CipherTrace estimates that illicit activity was between 0.62% and 0.65% of overall cryptocurrency activity in 2020. The firm reported that it has now fallen to between 0.10% and 0.15% of overall activity in 2021.

Source: CipherTrace

In its “Cryptocurrency Crime and Anti-Money Laundering” report released Monday, CipherTrace outlined that the top ten decentralized finance (DeFi) hacks in 2021 and Q1 2022 netted attackers $2.4 billion.

Over half of that figure came from just two events, the largest being the late March 2022 Ronin Network exploit worth about $650 million and the $610 million August 2021 hack of the Poly Network, most of which was returned by the anonymous hacker.

Within a similar time period, Anti-Money Laundering (AML) related fines in the banking sector increased dramatically, with 80 institutions fined in 2021, up from just 24 in 2020, according to Kyckr.

While the total dollar amount of the fines fell from 2020, last year saw the banks pay $2.7 billion worth of fines for AML or Know Your Customer (KYC) related violations, the largest single fine totaling around $700 million.

While significant sums have been exploited in crypto, CipherTrace detailed the rapidly expanding crypto ecosystem, noting that the total crypto market activity for 2020 was around $4.3 trillion, which grew to approximately $16 trillion of activity just in the first half of 2021.

CipherTrace says that the growth of the crypto market also brings with it increased scrutiny from the world’s regulators, who are “starting to take decisive action to ensure that the space isn’t just a modern-day wild west.”

Related: A life after crime: What happens to crypto seized in criminal investigations?

Some of the most significant regulatory events cited in the report include the United States President  Biden’s crypto executive order in March to study blockchain technology, Dubai establishing a virtual assets regulator and the European Union’s proposed Anti-Money Laundering laws.

CipherTrace added organizations are going to have a “very real incentive to shape up” or face “heavy losses at the hands of the government,” adding it expects the threats existing in crypto will be the focus of future regulatory efforts.