Scams

Crypto catfishers ditch fake exchanges for approval phishing scams

According to on-chain analytics firm Chainalysis, romance scammers increasingly use this method to steal their victim’s hard-earned crypto.

Crypto romance scammers — a cohort of crypto-stealing smooth-talkers — appear to have a new trick up their sleeves: targeted approval phishing.

In a Dec. 14 report from on-chain analytics firm Chainalysis, the firm noted that the technique has seen explosive growth over the past two years, with at least $374 million in suspected stolen crypto in 2023.

Approval phishing is a crypto scam where victims are tricked into signing transactions that give scammers access to wallets, allowing them to drain funds. While this isn’t new, Chainalysis said the technique is now utilized more often by pig-butchering scammers.

IRS lists 4 crypto crimes among its top cases in 2023

The cases included investigations into the Silk Road marketplace, OneCoin, Oyster Protocol founder “Bruno Block,” and a money laundering scheme using Bitcoin kiosks.

The criminal investigation unit of the United States Internal Revenue Service (IRS) has listed four crypto-related cases among the top ten of its “most prominent and high-profile investigations” in 2023.

In a Dec. 11 notice, the IRS unit said there were four significant cases in 2023 involving the seizure of cryptocurrency, fraudulent practices, money laundering and other schemes. Coming in at its third most high-profile investigation in the past year was OneCoin co-founder Karl Sebastian Greenwood, who was sentenced to 20 years in prison in September for his role in marketing and selling a fraudulent crypto asset.

Other cases included Ian Freeman, a New Hampshire resident sentenced to 8 years in prison for operating a money laundering scheme using Bitcoin (BTC) kiosks and failing to pay taxes from 2016 to 2019. The government body was also behind an investigation of Oyster Protocol founder Amir Elmaani, also known as “Bruno Block,” for tax evasion related to minting and selling Pearl tokens.

Hong Kong regulator blocks access to two crypto entities, warning of fraud

According to the securities regulator, misleading information online could encourage individuals to invest in the HKD token issued by HongKongDAO.

The Securities and Futures Commission (SFC) of Hong Kong has issued a warning related to suspected fraud involving crypto entities Hong Kong Digital Research Institute and BitCuped.

In a Dec. 6 notice, the SFC said the Hong Kong Police Force had blocked access to the websites of BitCuped and Hong Kong Digital Research Institute — also known as HongKongDAO — claiming users could be fooled into making illegitimate investments. The regulator also issued cease-and-desist letters to the firms’ website operators.

“The SFC suspects HongKongDAO may be disseminating false and misleading information about itself and its business through online channels,” said the Dec. 6 notice. “The SFC notes that BitCuped claims on its website that ‘Laura Cha’ and ‘Nicolas Aguzin’ serve as its Chairman and Chief Executive Officer respectively, when in fact none of them has any affiliations with BitCuped.”

US senators drill into FTC’s work to track AI attacks on older citizens

The senators asked the FTC chair four questions about AI scam data collection practices to find out if the commission can identify AI-powered scams and address them accordingly.

Four United States senators have written to Federal Trade Commission (FTC) Chair Lina Khan requesting information on efforts taken by the FTC to track the use of artificial intelligence (AI) in scamming older Americans.

In the letter addressed to Khan, U.S. Senators Robert Casey, Richard Blumenthal, John Fetterman and Kirsten Gillibrand highlighted the need to respond effectively to AI-enabled fraud and deception.

Underlining the importance of understanding the extent of the threat in order to counter it, they stated:

Safe Wallet scammer steals $2M through 'address poisoning' in one week

A malicious actor behind at least $5 million in crypto theft through “address poisoning” significantly ramped up attacks against Safe Wallet users in the last week.

A crypto hacker specializing in “address poisoning attacks” has managed to steal over $2 million from Safe Wallet users alone in the past week, with its total victim count now reaching 21.

On Dec. 3, Web3 scam detection platform Scam Sniffer reported that around ten Safe Wallets lost $2.05 million to address poisoning attacks since Nov.

According to Dune Analytics data compiled by Scam Sniffer, the same attacker has reportedly stolen at least $5 million from around 21 victims in the past four months.

Scam Sniffer, reported that one of the victims even held $10 million in crypto in a Safe Wallet, but “luckily” only lost $400,000 of it.

about ~10 Safe wallets have lost $2.05 million to “address poisoning” attacks in the past week.

the same attacker has stolen $5 million from ~21 victims in the past four months so far. pic.twitter.com/fu4kxaI3py

— Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) December 3, 2023

Address poisoning is when an attacker creates a similar-looking address to the one a targeted victim regularly sends funds to — usually using the same beginning and ending characters.

The hacker often sends a small amount of crypto from the newly-created wallet to the target to “poison” their transaction history.

Cointelegraph has reached out to Safe Wallet for comment on the matter.

Australia tries again to combat ‘future sectors’ crypto scams

The “Proposed Scams Code Framework” consultation paper aims to delegate clear roles and responsibilities to government and private entities when combatting scams.

A consultation paper on a new framework for addressing consumer and business scams proposed by Australia’s Department of the Treasury considers applying sector-specific codes and standards to banking and cryptocurrency scams, among others.

The paper adds to the efforts of the Australian Competition and Consumer Commission (ACCC) to combat scams via the annual Scams Awareness Week initiative.

The “Proposed Scams Code Framework” consultation paper — announced on Nov.

*Scams code framework proposed by the Australian Treasury. Source: treasury.gov.au*

The framework proposes three broad categories for assigning codes and standards, covering what they see as the areas most targeted by scammers: banks, telecommunications providers and digital communications platforms.

The Treasury highlighted that Australian consumers and businesses lost at least $3.1 billion to scams in 2022 — an 80% increase from 2021.

The new mandatory industry codes will outline the responsibilities of the private sector concerning scam activity.

Net losses from crypto theft down sharply in Q1 2023 at $322M: Report

A report from app provider De.Fi showed losses from theft down in Q1 2023 compared with 2022, along with the recovery of funds.

Crypto hackers and scammers made off with $452 million in the first quarter of 2023, according to a report released by antivirus and app provider De.Fi. But that is both good and bad news, as losses were down from $1.3 billion in the first quarter of 2022. The recovery rate was down, too, however.

According to the report, nearly half of the losses this quarter ($215 million) occurred in the first three weeks of March. The Euler Finance and Bonq DAO exploits were the quarter’s loss leaders at $196 million and $120 million, respectively. Due to those exploits, the Ethereum blockchain suffered the highest losses in dollar terms, even though Binance outnumbered it 18 incidents to 10.

The CoinDeal scheme was next, with $45 million exploited, followed by the Monkey Drainer phishing scammers, who came in fourth, with $16.5 million lost.

In the 49 cases examined in the report, six flash loan attacks accounted for the most significant losses at over $200 million, with Euler Finance representing the bulk of the total. Smart contract exploits were the most common type at 17 incidents. Decentralized finance (DeFi) accounted for only five incidents but suffered the lion’s share of losses at $336 million.

REPORT: $452 MILLION WAS LOST IN CRYPTO IN Q1 2023

• In Q1 2023, Crypto lost x3 less than in Q1 2022: $452M vs $1.3B

• Top 4 REKT Chains are: $ETH, $MATIC, $ARB, $BNB

• The Biggest REKT: Euler Finance ($196M Stolen)

⚡️ Read the Reporthttps://t.co/QxwgDWI8Jq

— De.Fi ️ Web3 Antivirus (@DeDotFiSecurity) March 31, 2023

In the first quarter, $130 million was recovered from the exploits. All of that money was recovered in March, with $129 million returned by the Euler Finance hackers. In the first quarter of 2022, $520 million had been returned out of $1.3 billion lost, amounting to 40% of the stolen funds, compared with 28.7% this year.

While DeFi dominated the losses reported, losses on decentralized exchanges and from crypto tokens and nonfungible tokens likely hit retail users as well. Theft is not uncommon for retail users, with scams constantly evolving .

Magazine: US enforcement agencies are turning up the heat on crypto-related crime

A third of US crypto holders have experienced theft: Report

10% of crypto holders surveyed made no attempt at protecting their assets; victimization varied strongly by age.

Cybersecurity services provider Kaspersky has released a report on risks associated with cryptocurrency use. The report titled “Crypto Threats 2023” focused on the United States and uncovered some surprisingly poor user security habits.

Kaspersky surveyed 2,000 American adults in October 2022 and found that 24% of respondents overall owned cryptocurrency or digital assets. Ownership ranged from 36% in the 25–44 age category to 10% among those aged 55 or older.

A third of the crypto owners surveyed reported having crypto stolen, and an equal portion reported being victims of scams. Identity theft, theft of payment details and loss of account access led the list of scam consequences.

Those that not even if you explain it to them… pic.twitter.com/0MSvjZh00U

— Kaspersky (@kaspersky) March 19, 2023

The average value of assets stolen was $97,583. The median figure would be much lower, however, since only 29% of thefts were valued above $10,000, and 39% were valued at $1,000 or less. Here, too, there was a sharp differentiation by age, with 47% of those ages 18–24 reporting thefts of crypto, compared to 8% of those over 55. The report did not specify the average value of crypto holdings.

Lax security might account for many of the losses experienced by respondents. The survey found that crypto owners last checked on their crypto six weeks ago, and their accounts have minimal protection:

“27% of users keep their crypto stored in an exchange account with no added protection, while only 34% use multi-factor authentication to protect their account.”

10% of respondents reported making no effort to protect their crypto, and 14% claimed not to store seed phrases or private keys. The report concluded:

“Without any regulation or established common knowledge, people need to take care to protect themselves.”

Kaspersky said in an earlier report that users were becoming more sophisticated in spotting scams and that the use of Bitcoin (BTC) in ransomware attacks would fall as regulation and tracking methods improved. It warned in a previous report that exploitation risks are rising in the metaverse.

NatWest bank puts $6K monthly limit on crypto exchange payments

NatWest’s head of fraud protection emphasized the importance of self-custody in crypto amid the bank imposing new crypto restrictions.

NatWest, a retail and commercial bank in the United Kingdom, is taking measures to protect customers from potential crypto losses amid Bitcoin (BTC) hitting multi-month highs.

On March 14, NatWest introduced major restrictions on payments to cryptocurrency exchanges, imposing daily and monthly caps for such transactions.

According to an announcement shared with Cointelegraph, NatWest has set a 1,000 British pound ($1,216) limit for daily transactions involving crypto exchanges. The bank has also imposed a 30-day payment limit of 5,000 GBP ($6,080).

The latest restrictions by NatWest aim to help protect customers from losing “life changing sums of money,” the bank said, adding that crypto investments are risky due to a significant amount of scams in the industry.

“We have seen an increase in the number of scams using cryptocurrency exchanges and we are acting to protect our customers,” NatWest’s head of fraud protection, Stuart Skinner, said. The executive emphasized the importance of self-custody in crypto and cautioned crypto investors against delegating storage of their assets to a third party, stating:

“You should always have sole control of your cryptocurrency wallet and nobody else should have access. If you didn’t set the wallet up yourself or can’t access the money then this is likely to be a scam.”

According to NatWest, crypto scammers have been increasingly capitalizing on the ongoing cost-of-living crisis due to promises of high returns.

“Criminals play on a lack of understanding of how cryptocurrency markets work and their unpredictability to encourage investors to transfer money to exchanges, which are often set up in the customer’s own name by the criminal or by the victim, under duress from the criminal,” the bank said. Men over 35 are most at risk due to them being more willing to take the risk on their investments, the announcement noted.

In the statement, NatWest also shared a few steps to help avoid falling victim to cryptocurrency scams, including the recommendation to never share one’s private keys with others. The bank also advised crypto investors to read all information at a slow pace to avoid rushed investments and fake websites. NatWest also recommended that investors beware of giveaways, as they are one of the most widespread scams in crypto.

NatWest is known for cutting all credit and debit card payments to the Binance crypto exchange in 2021. At the time, the company referred to a high level of crypto investment scams as well.

The news comes amid Bitcoin surging above $26,000 as the United States Consumer Price Index data indicated that inflation climbed 6% year-on-year and 0.4% month-on-month. BTC price growth is also likely to be attributed to the ongoing uncertainty around the failures of major banks in the United States, including Silicon Valley Bank, Silvergate and Signature Bank.

17 biggest crypto heists of all time

Crypto exchanges are hacked surprisingly often. A few of the biggest crypto heists that occurred in the past few years are discussed in this article.

How to avoid cryptocurrency scams?

One of the best ways to protect your crypto investment is to secure a wallet and do your own research about the projects in the market.

All Bitcoin exchange security measures have been proactive, intending to prevent a robbery. According to the above discussion, proactive security measures have decreased the impact of heists, but they cannot, sadly, prevent a theft. Fundamentally, because of the blockchain’s irreversible nature, there is little an exchange can do to stop a robbery once the appropriate private keys have been stolen.

You should always examine any claims made about crypto investment, especially if they appear too good to be true. Also, do not trust the party who personally contacts you for any investment in BTC or other cryptocurrencies.

Furthermore, enable two-factor authentication on your cryptocurrency wallet and exchange and never share your crypto wallet’s private key or seed phrase, and keep that information offline in a cold wallet.

Check the URLs of websites two or three times and only proceed ahead when you are satisfied with the authenticity of the crypto project. Additionally, any offer that requires an upfront cost should be rejected, regardless of the amount, especially if the price must be paid in cryptocurrencies.

What are the biggest cryptocurrency heists in history?

The biggest crypto heists to date are MT Gox, Linode, BitFloor, Bitfinex, Bitgrail, Coincheck, KuCoin, PancakeBunny, Poly Network, Cream Finance, BadgerDAO, Bitmart, Wormhole, Ronin network, Beanstalk, Harmony Bridge, and FTX.

MT Gox

Mt. Gox remains the greatest cryptocurrency robbery in history, with over 850k Bitcoin stolen between 2011 and 2014. Mt. Gox claimed that a fault that caused the loss is due to an underlying bug in Bitcoin, known as transaction malleability. Transaction malleability is the process of altering a transaction’s unique identifier by altering the digital signature that was used to produce it.

In September 2011, it was discovered that MtGox’s private keys were compromised, and the firm did not use any auditing techniques to discover the breach. Furthermore, because MtGox re-used Bitcoin addresses regularly, the stolen set of keys was used to steal new deposits constantly, and by mid-2013, over 630k BTC had been taken from the exchange. Surprisingly, WizSec (a group of Bitcoin security specialists) claims that proof of ongoing theft may be gleaned from blockchain transactions to support this assertion.

Many companies use cold and hot wallets to minimize large losses, as shown with Mt. Gox. All coins are transmitted to the exchange’s cold wallet, which is manually transferred to the hot wallet as necessary. If an exchange’s server is hacked, the thief can only steal money from the hot wallet, allowing the exchange to decide how many coins it is prepared to risk.

Linode

Linode, a web hosting firm, was utilized by Bitcoin exchanges and whales of the community to store their hot wallets. Linode was hacked in June 2011, and the virtual services that stored the hot wallets were targeted.

Unfortunately, this resulted in the theft of at least 46k BTC, the actual number of which is still unknown. Bitcoinia, which lost over 43k BTC, and Bitcoin.cx, which lost 3k BTC, were among the casualties, as was Gavin Andresen (Bitcoin developer), who also lost 5k BTC.

BitFloor

While these thefts are less severe, high-impact Bitcoin burglaries have continued, with 24k BTC stolen from BitFloor in May 2012. An attacker gained access to an unprotected (i.e., unencrypted) backup of wallet keys and stole the virtual currency worth roughly a quarter-million dollars in the crime. As a result, BitFloor creator Roman Shtylman decided to shut down the exchange.

Bitfinex

The usage of multisig (the requirement of multiple keys to authorize a BTC transaction) is not a silver bullet in and of itself, as evidenced by another huge heist at Bitfinex, which resulted in the theft of 119,756 BTC.

Bitfinex exchange had teamed up with BitGo to act as a third-party escrow for customer withdrawals. Bitfinex also appears to have chosen not to use cold wallets in order to obtain a statutory exemption from the Commodities and Exchange Act. While the idea of employing threshold signatures is appealing, it does not guarantee that the authority to authorize transactions is spread.

Bitgrail

Bitgrail was a small Italian exchange that traded in obscure cryptos like Nano (XNO), previously known as RaiBlocks. Nano was worth as little as 20 cents in November 2017; however, when prices lingered around $10, the exchange was hacked in February 2018, putting BitGrail’s losses at $146 million.

The cyber theft of a cryptocurrency deceived more than 230,000 people. Unfortunately, small exchanges do not implement basic protection, such as a cold storage wallet, putting a lot of money at risk. According to the director of the national center for cyber crimes, Ivano Gabrielli, it became evident that the BitGrail CEO was implicated in the BitGrail scandal.

Coincheck

Coincheck, based in Japan, had $530 million worth of NEM (XEM) tokens stolen in January 2018. The identity of the Japanese hackers who broke into the security system is still a mystery.

Following the investigation, Coincheck revealed that hackers were able to gain access to their system due to a staffing deficit at the time. The hackers were able to comprise the system successfully due to funds being kept in hot wallets and insufficient security measures in place.

KuCoin

KuCoin announced in September 2020 that hackers had obtained private keys to their hot wallets before withdrawing substantial quantities of Ethereum (ETH), BTC, Litecoin (LTC), Ripple (XRP), Stellar Lumens (XLM), Tron (TRX) and Tether (USDT). Lazarus Group, a North Korean hacker group, has been accused of committing a robbery on cryptocurrency exchange KuCoin, resulting in a $275 million loss of funds. However, the exchange was able to recoup approximately $240 million in payments later.

PancakeBunny

The flash loan attack, in which hackers were able to siphon $200 million from the platform, occurred in May 2021 and is among the more severe cases of cryptocurrency theft. The hacker loaned a big sum of Binance Coin (BNB) before manipulating its price and selling it on PancakeBunny’s BUNNY/BNB market to carry out the attack.

A flash loan must be borrowed out before repaying the amount all at once. The hacker obtained a large number of BUNNY via a flash loan, then dumped all of the BUNNY on the market to lower the price, and then repaid the BNB using PancakeSwap.

Poly Network

In August 2021, a hacker stole approximately 600 million USD worth of digital tokens in one of the greatest cryptocurrency thefts ever. A hacker known as “Mr. White Hat” exploited a weakness in the network of Poly Network, a DeFi platform.

The narrative has gotten stranger by the day since the initial theft. Mr. White Hat not only maintained a public and consistent dialogue with Poly Network, but they also returned everything that had been stolen a week later, except $33 million in Tether (USDT) that had been frozen by the issuers.

Mr. White Hat was once given a 500,000 USD prize for returning all stolen cash, as well as a job offer to become Poly Network’s senior security officer.

Cream Finance

The hackers stole $130 million in Cream Finance’s October 2021 incident. It was Cream Finance’s third cryptocurrency robbery of the year in which hackers took $37 million in February 2021 and $19 million in August 2021.

The monies appear to have been obtained through a flash loan in a highly complicated transaction costing over 9 ETH in gas and involving 68 different assets. The attacker used MakerDAO’s DAI to produce a huge number of yUSD tokens while also taking advantage of the yUSD price oracle computation.

Consequently, on the Ethereum network, they were able to take all of Cream Finance’s tokens and assets, totaling $130 million.

BadgerDAO

A hacker succeeded in stealing assets from multiple cryptocurrency wallets on the DeFi network, BadgerDAO, in December 2021. The incident is related to phishing when a malicious script was injected into the website’s user interface via Cloudflare.

The hacker exploited an application programming interface (API) key to steal $130 million funds. The API key was created without the knowledge or permission of Badger engineers to inject malicious code into a fraction of its clients regularly. However, about $9 million was recovered as the hackers were yet to withdraw funds from Badger’s vaults.

Bitmart

In December 2021, a hack of Bitmart’s hot wallet resulted in the theft of about $200 million. At first, it was thought that $100 million had been stolen via the Ethereum blockchain, but additional research found that another $96 million had been stolen via the Binance Smart Chain blockchain.

Over 20 tokens were taken, including altcoins such as BSC-USD, Binance Coin (BNB), BNBBPay (BPay), and Safemoon, as well as substantial quantities of Moonshot (MOONSHOT), Floki Inu (FLOKI) and BabyDoge (BabyDoge).

Wormhole

An attack on Wormhole, the Ethereum and Solana bridge, defrauded users of an estimated $328 million, ranking as the fourth-largest breach in the history of DeFi. The attacker used minted tokens to claim ETH that was held on the Ethereum side of the bridge by exploiting a mint function on the Solana side of the Wormhole bridge to create 120,000 wrapped Ethereum (wETH) for themselves, according to CertiK’s (blockchain security and smart-auditing company) preliminary investigation.

Ronin Network (Axie Infinity)

Ronin Network, a cryptocurrency network focused on gaming, revealed on March 29, 2022, that it had been hacked and that a staggering $620 million had been lost. According to Etherscan, an attacker “used hacked private keys to generate bogus withdrawals” from the Ronin bridge over two transactions. The popular Axie Infinity game’s publishers, Sky Mavis, and the Axie DAO were impacted by the exploit on Ronin validator nodes.

Beanstalk

The governance protocol of Beanstalk, an Ethereum-based stablecoin platform, was the target of an attack in April 2022. The value kept in the Beanstalk protocol was given to the Ukraine fund after the fraudulent proposal was implemented, and the attacker(s) utilized it to repay their flash loan. Out of the $181 million that was stolen in the end, the assailant made a profit of $76 million.

Horizon Bridge (Harmony)

In June 2022, hackers broke into Harmony Protocol, which allows transactions between Ethereum, Binance, and Bitcoin blockchains. They stole $100 million worth of cryptocurrencies, including ETH, Binance Coin (BNB), USDT, USD Coin (USDC), and Dai.

FTX

Hackers stole $323 million from the Bahamas-based parent business FTX.com, $2 million from Alameda Research, and $90 million from its US platform in November 2022. However, FTX claimed to have recovered $1.7 billion in cash, $3.5 billion in purportedly liquid cryptocurrencies, and $300 million in liquid equities.

Why is cryptocurrency theft increasing?

Crypto fraudsters, especially scammers, prey on naive buyers in the physical world by reading the fine print in contracts.

Bitcoin (BTC) came into the picture after the Global Financial Crisis of 2008-09 to prevent the world from financial crises in the future. However, as evidenced by various cryptocurrency scams since their introduction to the world, cryptocurrencies also do not provide enough security to the users’ funds.

Due to the funds being placed digitally (most of the time), hackers find it easier to steal virtual currencies than physical cash. Also, cryptocurrencies stored in huge sums can be transferred anonymously, leading to major heists in the crypto industry.

Let’s take a look at the biggest crypto thefts of all time in this article. Also, the article will outline why crypto exchanges keep getting hacked; why are crypto heists getting larger and what we can do to protect ourselves from crypto heists.