In yet another fake YouTube crypto giveaway, some scammers have managed to steal over $1,680,000 from their victim’s cryptocurrency wallets after promising instant high returns on crypto investments. A Singapore-headquartered cybersecurity company, Group-IB, disclosed this occurrence on April 8 on its website.
These criminals defrauded the unsuspecting victims of the said amount between February 16 and 18, 2022, Group-IB said. The platform also reported that the exact number of victims and the cumulative amount of stolen funds remains unknown.
The criminals were said to have operated 36 fabricated crypto giveaways through YouTube streams. They used footage of Vitalik Buterin, Elon Musk, Michael Saylor, and other cryptocurrency enthusiasts from legitimate events to develop their fraudulent videos.
These YouTube channels seem to have been hacked or acquired from underground markets, according to the company. Group-IB stated:
“On average, such streams attracted between 3,000 and 18,000 viewers. One fake stream featuring footage of Vitalik Buterin drew more than 165,000 viewers who were promised that their crypto savings would be doubled in real-time.”
Scammers’ Tactics
Based on the statement by Group-IB, the scammers spread links to their sites in the description pages of their YouTube streams. These sites, the firm noted, had been designed to show the visitors “the mechanism behind a fake giveaway.”
Many domain names mostly displayed the same crypto wallet address, the firm also said, adding that its analysts discovered over 30 crypto wallets used for the scheme with a cumulative remaining balance of $933,963.
Group-IB stated that its analysis of the scammers’ domain network showed that the 29 sites were part of a major network of up to 583 interconnected resources all that are set up in the first quarter of this year. The company stated:
“Notably, there were three times as many domains registered for this scheme in less than three months of 2022 compared to the whole of last year.”
The most popular crypto used by the fraudsters as part of the scheme was Ethereum, according to the company. Moreover, the cybersecurity firm stated that its Computer Emergency Response Team (CERT-GIB) experts had originally retrieved links to 29 interlinked websites that feature the guidelines on how to double the crypto investments.
A majority of these websites were believed to have utilized a similar interesting design and top-quality images related to the crypto industry. Group-IB highlighted:
“When analyzing scam websites promoted during the fake streams, CERT-GIB experts detected an unusual technique.
“Depending on the cryptocurrency and type of crypto wallets, scammers asked visitors to their fake giveaway website to enter seed phrases to connect their wallets.
“Once a victim shares their seed phrase, fraudsters gain control over their wallet and can withdraw all funds from it. The exact number of victims and the total amount of stolen funds remains unknown, but clearly, some victims could not resist taking the bait.”
Thus, the cybersecurity company urged crypto wallet users to be most vigilant about the free giveaways and not to share any confidential data on suspicious and rogue sites. Moreover, it advised the users to double-check the legitimacy of the streams and the sites that they are visiting using just the official sources.
Group-IB insisted:
“If you cannot find any information about the promotion taking place, you are likely being deceived. Seed phrases must be kept secret and stored securely. To do so, use password management tools. To minimize the risk of leakage, prioritize desktop solutions over cloud-based ones.”
Increasing Crypto Scams
There has been a growing number of crypto scams in the last several years. In 2021, illicit crypto transactions reached a record high. A Chainalysis report showed that the illegal crypto addresses received nearly $14 billion in 2021, compared to $7.8 billion in 2021.
Social media has been a critical source for scammers using the names and pictures of celebrities and crypto enthusiasts to perpetuate their crypto scams. Steve Wozniak, the Co-Founder of Apple, in July 2021, sued YouTube for its purported inaction against bitcoin scams using many of his images and videos to dupe potential victims.
In September last year, Canada’s Vancouver Police Department (VPD) announced that residents lost over $2 million to crypto scams within a single week.
Moreover, corporate entities are not exempted from that mix. One electronic market maker, Virtu Financial, Inc., in January issued a public warning to warn against crypto scammers posing as its affiliates.
