Category: Case Studies
TECHFORING UNRAVELS THE BIGGEST CRYPTO SCAM IN CYBERSPACE
TABLE OF CONTENT :
The cryptocurrency market has exploded in recent years, making many individuals millionaires overnight. This gave many people the impression that putting their hard-earned money into crypto is the next get-rich-quick scheme.
However, cybercriminals and fraudsters also took notice of the recent boom in the cryptocurrency market; and came up with schemes to deceive people into investing their money in fake crypto projects, as well as other scams. We investigated one such incident recently, and here’s a full rundown of our findings.
The Case
In May 2021, someone named Bob (alias) approached TechForing. He had invested over 3.6767 Bitcoin (BTC), which was equivalent to $128k in BinanceUS at the time. One day he suspected that someone was compromised, or at least someone was trying to hack his account. He temporarily deactivated the account to protect his crypto investment.
A few days later, he found out that the cryptocurrency he had invested in, had gone up in price. He thought it was the perfect opportunity for him to withdraw his Bitcoin. He tried to activate his account but failed to do so.
He tried to re-activate his account a few times but didn’t have any luck. As a last resort, Bob contacted the support of BinanceUS to reactivate his account, but there was no response.
Then he started looking for more information on Twitter about BinanceUS. He found the CEO of BinanceUS, named Catherine (@crypt0Coley). Unfortunately, Bob contacted someone impersonating Catherine, who was using the same name, details, and pictures as the real CEO of BinanceUS, Catherine (@cryptocoley).
Bob asked the imposter to help him, and the imposter grabbed the opportunity and started asking for Bob’s account information. They assured him that the matter would be forwarded to the respective team.
The imposter also gave Bob a tempting, sped-up investment offer on another platform named "nitrodex.co.”. The platform was offering 200% investment growth for any amount in just a few weeks.
Bob tried to verify whether he was communicating with the real CEO of BinanceUS or someone else pretending to be the CEO and asked for proof. The imposter provided the driving license of the real CEO. Bob was convinced and decided to proceed with the offer.
After a lengthy discussion, the imposter suddenly requested to take the communication from Twitter to Telegram. The imposter also referred Bob to Tad Wilton, who pretended to be a technical guy related to accounts and finances, and also a member of Nitrodex.
Wilton gathered all the ticket IDs between Bob and the BinanceUS support team and advised him to transfer 3.24785749 BTC ($112,602.31) and 0.42886322 BTC ($14,868.57) to the following wallet addresses so Wilton could continue investing on behalf of Bob:
- 1NYgbCWK3BGFEKdystj7K5LcstpAxiKEW3
- 18bZoEom8rjcmBmGgRZxbPQsDEmXG48CmQ
And after each trade, Wilton shared the results with Bob as proof of investment. Bob thought his money was in expert hands and the amount would grow as planned.
After two transactions, Bob invested more BTC through Wilton. Unfortunately, from that point forward, Bob didn’t hear a word from Wilton. Finding no other way of communicating with Wilton, Bob decided to contact the fake CEO again.
Bob asked the fake CEO to return his investment, but the imposer declined to have any kind of involvement with the issue. The imposter also threatened Bob that if he tries to do anything about it then his life, as well as his family’s safety will be endangered.
The Solution:
Bob contacted various cybersecurity firms, but couldn’t find any solutions. Then he contacted the TechForing team. We stepped in to investigate the matter and quickly found out the whereabouts of Nitrodex.
We found out that Nitrodex is a scam website. They have been scamming people with lucrative investment offers for more than a year. We used our state-of-the-art digital forensic analysis on the blockchain and the wallet addresses and quickly identified the culprits.
Our entire Crypto Scam Investigation followed these steps:
- Digital asset transaction analysis
We start the investigation by examining the narrative of the events and the timeline of the scheme. Then we traced the assets and identified the wallet address. Once we found out who was holding the cryptocurrency, we went after the scammers.
- Digital forensic
We analyzed the blockchain and used OSINT to pinpoint the criminal.
- Scammer identification
We attacked the scammer directly. Using zero-day attacks, we traced their IP, location, and true identity.
- Lost crypto recovery
We hunted down the scammers and notified the local authorities, forcing them to return the cryptocurrency.
- Documentation
We summarized everything and reported it to our client and the appropriate authorities.
TechForing also tried to contact the actual CEO of BinanceUS to confirm if BinanceUS had taken any steps to secure their C-Suite executive’s identity. However, BinanceUS hasn’t responded to our inquiries.
Conclusion
TechForing was able to retrieve Bob’s crypto assets. Also, with his permission, we contacted the law enforcement agency to ensure legal justice for the scammer.
The scam platform Nitrodex has later been taken down as well. We highly recommend avoiding such platforms.
Prevention is Better Than Cure: A Message from Our CEO:
TechForing’s CEO & Managing Director, Rabiul Islam warns all crypto traders out there,
“Cryptocurrency might have opened new doors to become rich quickly but there is no company that can double your investment overnight. Please be careful with your investment and stay away from such lucrative offers”.
Need help to recover or secure your crypto assets? Feel free to schedule a call here