Displaying items by tag: Investigations

Thursday, 21 January 2021 12:33

$ 400M INVESTMENT SCAM - FENITA LA COMEDY FINIKO

The illegal Finiko service started operating at the end of 2017. It was positioned as an automatic profit-making system. Currently, it is represented by Cyfron FNK LTD, registered in the state of Saint Lucia (no license is required to work with cryptocurrencies).

The site in the .ru domain zone is not available. There is a working mirror of “thefiniko” (in the .com zone). The user agreements on both sites are identical. What is noteworthy is that the platform offers gaming programs that mimic investment programs. And the internal CFR token is not an official currency and has no financial value. The company does not bear any responsibility.

This approach allows Finiko to work without loss since 2017. In November 2018, the platform launched an active advertising campaign. The scammers offered to buy an apartment or a car, pay off another loan for 35% of the cost. The peak of active use of the service occurred at the end of 2019. This was accompanied by the visibility of the accrual of funds to users. However, few users were able to withdraw real funds...

There are the main signs of a financial pyramid: lack of regulation, registration in an offshore company, short life (the cost of the CFR token is close to zero), very high profitability (promised more than 200% per year), enticing and expensive website design, a lot of good reviews.

Finiko, the only known cryptocurrency, has a huge number of wallets in Bitcoin and Ethereum. The largest crypto wallet received 12099.294 BTC (almost in 2.5 years). It may have been used for trading on the stock exchange. More than 129 thousand wallets involved in the activities of the illegal service have been identified. The main large (used for receiving / sending) wallets are monitored by the services of the SICP platform.

In the darknet, there is a forum where enthusiasts are working to identify large Finiko wallets and select private keys to them. In total, Finiko attracted more than $300 million from the population (according to SICP experts, more than $400 million)!..

Analysis of recent transactions shows that the funds are withdrawn mainly on the Asian cryptocurrency exchange, managed from Russia. If you or your loved one suffered from the activities of Finiko, please contact CryptoCERT (This email address is being protected from spambots. You need JavaScript enabled to view it.).

Source: sicp.ueba.su

Published in INVESTIGATIONS

SICP experts have identified another scammer using social media to cheat. Katrina Lucas from Los Angeles adds potential victims as friends on Facebook and starts a dialogue with them about cryptocurrencies and investments. She offers them up to 50% profit in the first week by investing her bitcoins in her services. The scammer mentions the cloud mining service Coincloudhashing, but this site is not available in the .com zone.

So, one of the scammer's wallets received 4 transactions worth 0.027 BTC. Subsequently, the funds were transferred to the consolidating wallet of the illegal service (in transit, with division into parts).

Associated with the profile is a bitcoin investment company page that leads to an inaccessible site in the domain zone in Nigeria (bitcoincom). From the information it follows that the illegal investment service allegedly charges $ 50,000 for 1 bitcoin. Here are trader Jennifer Smith's contacts and reviews of active users.

One of the wallets of the illegal service received 410 transactions in the amount of 5,669,312 BTC (over a period of about 3 months). It is linked to several other major wallets in the group in question.

The second scammer's wallet was launched a few days ago. Funds are withdrawn directly to the Huobi Global crypto exchange wallet. The wallet of the exchange user took 5 transactions for 0.034 BTC, which so far contain about 100 BTC. In total, the wallet received 14 785 129 BTC.

Katrina's Facebook page is currently unavailable, and messages from the correspondence have been deleted by the scammer (please take screenshots in advance). There are no active sites on the network.

Look before you jump!

Service: sicp.ueba.su

Published in INVESTIGATIONS
Friday, 27 November 2020 18:18

FRAUDERS USE NAME OF BIG PLAYERS

On November 2, 2020, the Polymetal international investment phishing site was launched. Its contents have been copied almost entirely from the original Polymetal International website. Most of the pages were copied and modified for the needs of the attackers. However, the link in the clone logo leads to the original site.

The home page of the fake site contains information about investment packages (5 types), with a profit of 5 to 50 percent in 8 days. The same information is available in the investor's personal account after registration. Investments can only be made in bitcoins.

 

In less than a month, the scammers sold 34 packages worth about 0.19 BTC. The criminals' consolidating crypto wallet received 250 transactions at 53.44 BTC. Most of the funds are withdrawn on the Hong Kong crypto exchange Binance.

It is noteworthy that on the same hosting in Phoenix (California, USA) there is another project of Lugwise Asset Management (Lugwiseinvest). The project was launched on October 5 and is positioned as a London-based asset management firm. Although the legal address on the site is listed in San Francisco (California, USA).

Judging by the activity and the amount of funds on the associated purses of the scammers, this is not a complete list of their illegal services and projects.

If you or your loved ones have suffered at the hands of fraudsters, please send notifications to the service mailbox of the CryptoCERT service (This email address is being protected from spambots. You need JavaScript enabled to view it.).

Original: Polymetal International

Scam: Polymetal International Investment

Published in INVESTIGATIONS

All investigations and political actions of blogger Alexei Navalny begin immediately after large cash receipts come to his bitcoin wallets, the owner of Internet-Rozysk, Igor Bederov, told the Krasnaya Vesna correspondent on November 6.

He said that his company is developing unique services for the prevention and investigation of crimes intended for law enforcement and security services: “You should start the story with the fact that we are developing the first domestic service designed to trace cryptocurrency transactions - SICP | Security Intelligence Cryptocurrencies Platform."

Igor Bederov recalled that Navalny “uses several cryptocurrency bitcoin wallets to finance his activities,” and spoke about the results of monitoring the status of these wallets.

“What are these wallets? The first wallet 3QzYv * (the wallet number is at the disposal of the publisher) was used in 2691 transactions. In total, 633.28146173 Bitcoins came to this wallet, which is 378 196 391.89 rubles. at today's rate.

The second 3MQTR wallet * (wallet number is at the disposal of the publisher) was used in 666 transactions. A total of 72.80104198 Bitcoins came to this wallet, which is 43,476,863.08 rubles. at today's rate, ”the specialist shared information.

He drew particular attention to the fact that the activities of the opposition are “tied” to the proceeds of his Bitcoin wallets: “During the monitoring of these wallets, we clearly see that all his investigations or political actions take place immediately after receiving a large monetary tranche.”

Igor Bederov noted the difference between such large tranches and the receipt of money from Navalny’s supporters: “Such tranches are very specific and very different from the usual donations from FSC supporters. An ordinary supporter of Navalny can transfer him an amount of 100 rubles. and up to 15 thousand rubles. maximum. And these are direct transactions that go from wallet A to wallet B.

At the same time, large transfers that precede stocks and FSC investigations start at 3 million rubles. And these transactions are far from simple. They mix bitcoins, hide information about their real sender in a heap of parallel transactions."

In conclusion, he emphasized that after the analysis it was possible to establish that the sender of such tranches may be located in the USA: “However, we were able to analyze several chains of such transactions and determine that the probable sender of funds may be located in the United States.”

Note, on October 9, the Ministry of Justice of Russia recognized FSC as a foreign agent.

And in mid-October in 30 headquarters of the headquarters of the Anti-Corruption Fund, the Investigative Committee of the Russian Federation conducted searches. They took place in the framework of the criminal case of money laundering by FSC employees, as well as their receipt of money from abroad. FSC accounts were arrested.

On November 5, the Levada Center released data according to which a third of Russia's residents call criminal cases against the Navalny Fund protection of the country from foreign influence and the fight against money laundering.

Source: Red Spring.

Published in MEDIA ABOUT US
Tuesday, 17 September 2019 16:14

CLOUDTOKEN - 150X PROFIT OR PYRAMID SCHEME?

Since the spring of this year, a project called CloudToken is actively developing and promoting the network, positioning itself as "the first wallet in the world that integrates all crypto assets of the blockchain on one platform." Their goal is to provide project participants with a special ecosystem of public savings.

The project supports 7 major cryptocurrencies and stablecoins, 21 referral levels, has a mobile application (wallets in leading marketplaces) and offers its participants a yield of 6 to 12% per month, as well as 150-fold profit (!) For 2019. At the same time, the first participants (top of the pyramid?) Are promised support for the issuance of payment cards.

The project attracts its participants (the number of which, according to some estimates, has already exceeded 800,000 people) with the help of the so-called "network leaders" from around the world. For example, in Russia and neighboring countries, Pavel Chernyshev is engaged in resource promotion.

Information on the project website is presented in English and Chinese, the legal entity Cloud Technology and Investment Pty., LTD is registered in Australia, and the United States is indicated as the geolocation of the site. Currently, 145 countries are involved in the scheme.

The process of making a profit is described on the resource as follows:

1. Participants send funds to ETH / BTC in the Jarvis bot asset management pool.

2. A tool called Varoom collects data from over 38 cryptocurrency exchanges.

3. Varoom transfers assets to the Jarvis AI BOT.

4. Varoom instructs Jarvis.

5. Jarvis trades on exchanges.

6. Information is collected on the latest prices at CoinMarketCap.com.

7. Members receive rewards in CTO tokens.

8. The rest of the earned funds are transferred to the Jarvis Asset Reserve.

9. Jarvis Asset Reserve supports the rate in the conversion wallet.

10. Participants can convert CTO to ETH, BCH or other cryptocurrency at any time.

The mobile application offered for download is positioned as a cryptocurrency multi-wallet with passive income (while funds can be sent in only one direction), as well as a trading bot (without confirming trading volumes). Nevertheless, judging by the volumes, the funds received from participants (victims?) Are immediately transferred to controlled sites and cold wallets.

According to an investigation conducted by the experts of the cybersecurity resource SICP (sicp.ueba.su), the total amount of funds that have passed through only one wallet currently exceeds 6 billion rubles, and this figure is constantly growing.

In particular, as a result of the investigation, it was found that all the main assets of the CloudToken project are transferred to the South Korean crypto exchange Upbit, and also are withdrawn through wallets in Thailand (in some cases they are frozen).

Below is some more evidence that the CloudToken project is just another pyramid scheme.

1. Despite the fact that the organizers of the project position it as a “completely decentralized cryptocurrency wallet”, in fact it’s hard to even call it a wallet. In fact, users only get access to the server, where they see their tokens. Judging by the CloudToken tracker on Etherscan, all it can boast of is 4 addresses and 5 transactions, with 99.9999% of the funds held at one address. Thus, buyers give their money, but do not become owners of the coveted tokens.

2. In the promotion of the service involved people who have repeatedly advertised fraudulent schemes.

3. Lack of evidence of trading using the Jarvis bot. Although representatives of the project claim that they generate profit using the Jarvis AI Bot bot, which is used for arbitrage trading on exchanges, there is no evidence of such trading on the resource.

4. Cryptocurrency pyramid based on the Ponzi scheme. Project participants on the referral side need to replenish their account by at least $ 500, after which they will be able to receive commissions for attracted people. In this case, commissions are paid up to level 21. It is unlikely that such a scheme can last long.

5. Lack of use cases. CloudToken does not have application scenarios in the real world, it can only be purchased from developers, and no token exchanges accept. The price of the token is not supported by anything, the demand for it is artificial. The company can change the value of the token at any time.

6. Lack of access to CTO wallet private keys. Users do not receive secret keys from the "wallet", instead they are given a password or PIN code.

7. The promise of high return on investment. Most projects that promise high investment returns actually turn out to be scams, unless the program has official registration and regulation.

8. Invalid information. The White Paper of the project mentions the names of people who have nothing to do with the project.

From the foregoing, we can conclude that CloudToken does not have a secure cryptocurrency wallet, its founders do not trade on the exchange and deceive investors. In addition, the project is advertised by well-known network scammers, and the CloudToken address is involved in the services of doubling bitcoins and the distribution of paid prohibited content.

Source: CryptoRussia.ru

Published in MEDIA ABOUT US

PlusToken could be the largest scam in the history of financial pyramids. This project has already raised almost $ 3 billion in cryptocurrencies.

At the end of June of this year, six PlusToken project fraud suspects were arrested in China, while another part of the executives is still at large.

According to Elementus researchers, PlusToken collected 10 million ETH from over 800 thousand contributors. In addition to ETH, funds were invested in the project in other digital assets - in bitcoins, XRP and EOS. The total amount of funds raised is impressive - almost $ 3 billion in terms of the exchange rate. Investors live in almost all Asian countries, as well as in Russia, Ukraine, Germany and Canada.

According to preliminary estimates of other researchers, the PlusToken pyramid attracted about 200 thousand bitcoins, 789 thousand ETH and 26 million EOS. All of these funds went to wallets controlled by the PlusToken team. It was possible to track the funds of defrauded investors thanks to the cryptocurrency transaction analysis service created in the Special elaborations department of the Technopark of St. Petersburg. It is known that some of the bitcoins were already cashed by criminals through the Huobi Global and Bittrex crypto exchanges, while the other part settled on one of the crypto wallets.

In particular, PlusToken organizers transferred almost half of the funds raised to the Singapore Huobi crypto exchange - at least 4.3 million ETH of the total ETH.

The PlusToken project was launched in 2018 as an international cryptocurrency project and a decentralized solution (crypto wallet), supported by a team from South Korea. Project promotion was supposed mainly in Asian countries - China, Japan, Myanmar, Vietnam, as well as in Russia and Europe. The project immediately had obvious signs of a financial pyramid - a referral system was offered to investors and a monthly profit of 6% to 19% was promised. According to experts, the PlusToken fraudulent scheme is organized on the principle of the already closed BitConnect platform - with tokens and dividends. The capitalization of BitConnect tokens at the top of trading was a little over $ 121 million, and the capitalization of PlusToken was already $ 17 billion.

Although the PlusToken pyramid has ceased to exist, "a holy place does not exist empty." Similar projects Cloud Token and VDS (Vollar) appear on the market with a market capitalization of $ 1 billion and are already becoming popular, including among Russian-speaking users.

Earlier we reported what a financial pyramid is. Often, pyramids are often understood as MLM - a method of marketing promotion and sales that has been used for many years. Nevertheless, there are different nuances. A synonym for the “evil” pyramid is a scheme named after Ponzi, an Italian-American scammer who created a scam, massively promising investors profit from the contributions of new participants, forming a pyramid until the collapse that inevitably occurs, according to the nature of speculation and any financial bubbles. In our country, Mavrodi distinguished himself with such a fraud with the MMM pyramid. The concept of a financial pyramid is fixed at the legislative level and you can pay for it, including imprisonment for up to six years. So far, the practice of applying this criminal article is not very common.

The Central Bank of Russia gives several main signs of the financial pyramid in its recommendations: paying money to participants from funds contributed by other participants, lack of licenses for this type of activity, promise of high profitability, lack of information about the financial position of the organization, lack of own fixed assets or assets, lack of certain type of activity of the company.

Source: CryptoRussia.ru

Published in LIVE

О КОСАтка

Корпоративная система аналитики Транзакция Криптовалюта Актив - кибербезопасность инфраструктуры блокчейнов и антифрод в криптовалютной сфере (антискам, прозрачность, комплаенс).

Связаться

Российская Федерация, Москва

Тел.: +7 (911) 999 9868

Факс: 

Почта: cosatca@ueba.su

Сайт: www.ueba.su

Наше сообщество

Зарегистрируйтесь, чтобы получать по почте самую свежую информацию
© 2023 КОСАтка. Все права защищены.                                                                                                                        Грант BTC 1CdD6Xk9RDZ9wyeRqq1uXkktgdaPpGpt8f

Search