Bitcoin Forum
September 19, 2018, 06:00:27 PM *
News: ♦♦ Bitcoin Core users must update to 0.16.3 [Torrent]. More info.
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: [2018-02-14] Cisco And Ukrainian Cyber Police Uncover $50 Mln Bitcoin Phishing..  (Read 40 times)
Diced90
Hero Member
*****
Offline Offline

Activity: 686
Merit: 501


dApps Development Automation Platform


View Profile
February 15, 2018, 01:23:23 PM
 #1

Cisco And Ukrainian Cyber Police Uncover $50 Mln Bitcoin Phishing Scam

Technology conglomerate Cisco and the Cyber Police of Ukraine have revealed a Ukrainian Bitcoin (BTC) phishing ring that has stole over $50 mln over a three year period, Cisco’s threat intelligence team Talos reports.

Talos was first alerted to the phishing threat on Feb. 24, 2017, when a Ukrainian-based phishing scheme, COINHOARDER, targeted the blockchain.info wallet service through Google Ads that contained “gateway phishing links” and generating over 200,000 client search queries.

The Google Ads would appear to represent the real blockchain.info Bitcoin wallet by using domain names that closely resembled that of the official wallet, like blockchein.info. The phishing sites themselves are also designed to match the real site in every way except for the domain name.

Talos reports that COINHOARDER began making their phishing site look more legitimate over time by using rogue SSL certificates in combination with their “typosquatting,” “brand spoofing,” and “homograph attacks.”

Talos found that the phishing targeted geographic areas where local currencies were unstable and English was not the first language of the region, like Nigeria and Ghana, for victims were more likely to miss the slight differences in the domain and SSL names.

Cisco’s collaboration with the Cyber Police of Ukraine helped them identify the attackers’ BTC wallet address. Talos writes that “around $10 mln” alone was stolen while tracking the wallet’s activity from Sept. through Dec. 2017.

After the discovery of this large-scale phishing scheme, Cisco began flagging the associated domains as suspicious, and used DNS requests to find and block other domains opened by the same registrant of the initial site.

Talos ends their report with the list of the IP addresses associated with the phishing scam, as well as ways for Cisco customers to protect themselves against similar threats.

Crypto phishing scams on Twitter have recently become much more prevalent, with users creating fake accounts that closely mimic those of crypto elites like Charlie Lee or Vitalik Buterin and then promoting fake crypto giveaways.

source https://cointelegraph.com/news/cisco-and-ukrainian-cyber-police-uncover-50-mln-bitcoin-phishing-scam


            ▄▄▄▄
        ▄▄████████▄▄
    ▄▄████████████████▄▄
 ▄████████████████████████▄
██████████▀▀███████████████
██████████▄   ▀█████████████
████████████▄   ▀███████████
██████████████▄   ▀█████████
█████████████▀   ▄██████████
███████████▀   ▄████████████
██████████▄  ▄██████████████
███████████████████████████
 ▀████████████████████████▀
    ▀▀████████████████▀▀
        ▀▀████████▀▀
            ▀▀▀

⬢⬢

⬢⬢



       ▄▄▄▄
   ▄▄████████▄▄
▄██████████▀▀▀█▀█▄
██ ▀█████▀     ▀██
██▌   ▀▀▀      ███
███▄           ███
████▀         ████
▀████▄     ▄▄████▀
   ▀▀▄▄▄▄████▀▀
       ▀▀▀▀


██████████████████



       ▄▄▄▄
   ▄▄████████▄▄
▄████████████████▄
██████████▀▀  ▐███
██████▀▀  ▄   ████
███▀   ▄█▀   ▐████
████▄▄█▀     █████
▀█████▌ ▄▄▄ ▐████▀
   ▀▀████████▀▀
       ▀▀▀▀


██████████████████



       ▄▄▄▄
   ▄▄████████▄▄
▄███████▀   ▐████▄
████████  ▄███████
██████      ██████
████████  ████████
████████  ████████
▀███████  ███████▀
   ▀▀████████▀▀
       ▀▀▀▀


██████████████████



       ▄▄▄▄
   ▄▄██▀█▀███▄▄
▄███▀▀▀ ▀ ▀▀█████▄
██████ ████▄ █████
██████ ▀▀▀▀ ▄█████
██████ ▄▄▄▄ ▀█████
██████ ████▀ █████
▀███▄▄▄ ▄ ▄▄█████▀
   ▀▀██▄█▄███▀▀
       ▀▀▀▀


██████████████████
1537380027
Hero Member
*
Offline Offline

Posts: 1537380027

View Profile Personal Message (Offline)

Ignore
1537380027
Reply with quote  #2

1537380027
Report to moderator
1537380027
Hero Member
*
Offline Offline

Posts: 1537380027

View Profile Personal Message (Offline)

Ignore
1537380027
Reply with quote  #2

1537380027
Report to moderator
1537380027
Hero Member
*
Offline Offline

Posts: 1537380027

View Profile Personal Message (Offline)

Ignore
1537380027
Reply with quote  #2

1537380027
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1537380027
Hero Member
*
Offline Offline

Posts: 1537380027

View Profile Personal Message (Offline)

Ignore
1537380027
Reply with quote  #2

1537380027
Report to moderator
1537380027
Hero Member
*
Offline Offline

Posts: 1537380027

View Profile Personal Message (Offline)

Ignore
1537380027
Reply with quote  #2

1537380027
Report to moderator
Lucius
Legendary
*
Offline Offline

Activity: 1176
Merit: 1064


Fortis Fortuna Adiuvat


View Profile WWW
March 28, 2018, 01:31:54 PM
 #2

When I see this kind of news then it is quite clear why Google,Facebook,Twitter and some others have decided to ban any advertising which is related to cryptocurrency.Just imagine what is the total damage world-wide if only one organization managed to steal 50$ million in three years.These things inflict enormous damage to cryptocurrency,and most of users who are victim of phishing will just blame BTC and mark it as SCAM.

The only way that advertising can be re-enabled is to check every advertisement before being approved.I think this is nothing complicated at least in the case of phishing site who want to imitate online/desktop wallets.It seems that the only problem is in ignorance of these big companies,they simply do not know how to do it for now.

▄▄▄▄▄▄▄▄
██▀▀▀▀██
██▀▀▀▀██
██▀▀▀▀██
██▀▀▀▀██
██▀▀▀▀██
██▀▀▀▀██
██▀▀▀▀██
██▀▀▀▀██
██▀▀▀▀██
██▀▀▀▀██
▀▀▀▀▀▀▀▀
          ▄▄▄▄       
     ▄▄█▀▀▀▄▄▀▀▀█▄▄   
   ▄█▀▄▄████████▄▄▀█▄
 ▄█▀▄██████████████▄▀█▄
▐█ ██████████████████ █▌
█▌▐██████████████████▌▐█
█▌▐██████████████████▌▐█
▐█ ██████████████████ █▌
 ▀█▄▀██████████████▀▄█▀
   ▀█▄▀▀████████▀▀▄█▀   
     ▀▀█▄▄▄▀▀▄▄▄█▀▀     
          ▀▀▀▀         
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
███▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀███
██▌                 ▐██
██▌                 ▐██
██▌                 ▐██
██▌                 ▐██
██▌                 ▐██
▐██                 ██▌
 ███▄             ▄███
  ▀███▄         ▄███▀ 
    ▀▀███▄▄▄▄▄███▀▀   
        ▀▀▀▀▀▀▀       
 
██ ████  ██████  ██████ ███ ████ ██████████████████████

..WHITEPAPER..





             ▄████▄▄   ▄
█▄          ██████████▀▄
███        ███████████▀
▐████▄     ██████████▌
▄▄██████▄▄▄▄█████████▌
▀████████████████████
  ▀█████████████████
  ▄▄███████████████
   ▀█████████████▀
    ▄▄█████████▀
▀▀██████████▀
    ▀▀▀▀▀





▄█████████████████████████▄
███████████████████████████
███████████████▀       ████
██████████████      ▄▄▄████
██████████████    ▐████████
██████████████    ▐████████
██████████            ▐████
██████████            █████
██████████████    ▐████████
██████████████    ▐████████
██████████████    ▐████████
▀█████████████    ▐███████▀





                   ▄▄████
              ▄▄████████▌
         ▄▄█████████▀███
    ▄▄██████████▀▀ ▄███▌
▄████████████▀▀  ▄█████
▀▀▀███████▀   ▄███████▌
      ██    ▄█████████
       █  ▄██████████▌
       █  ███████████
       █ ██▀ ▀██████▌
       ██▀     ▀████
                 ▀█▌
Taki
Hero Member
*****
Offline Offline

Activity: 882
Merit: 514



View Profile
March 28, 2018, 02:08:38 PM
 #3

When I see this kind of news then it is quite clear why Google,Facebook,Twitter and some others have decided to ban any advertising which is related to cryptocurrency.Just imagine what is the total damage world-wide if only one organization managed to steal 50$ million in three years.These things inflict enormous damage to cryptocurrency,and most of users who are victim of phishing will just blame BTC and mark it as SCAM.

The only way that advertising can be re-enabled is to check every advertisement before being approved.I think this is nothing complicated at least in the case of phishing site who want to imitate online/desktop wallets.It seems that the only problem is in ignorance of these big companies,they simply do not know how to do it for now.
The point is in whom a user or investor is going to judge and to sue in court in the case of cheating? People will complain on all of those corporations as Google, Twitter and Facebook, cause of they promoted such scammy projects. So, it is clear that they want to protect themselves from such unpleasant cases.

███▄                 ▄███           ▄▄███▀▀█▄▄                   ▄▄█████▄▄           ███▄               ███    ▀██▄             ▄██▀
█████               ▄████       ▄▄████▄█ ██ ████▄▄           ▄▄████▀▀▀▀▀████▄▄       █████              ███      ███           ███
██████             ██████      ▀▀██▄█████▄▄███▄█▀▀▀         ███▀▀         ▀▀███      ███▀██▄            ███       ▀██▄       ▄██▀
███▀███▄         ▄██▀ ███     ███▄▀███▀████████ ████       ███               ███     ███  ███           ███         ███     ███
███  ▀███       ███▀  ███    █████ █████████  █▄▀▀▀▄█     ███                 ███    ███   ▀██▄         ███          ▀██▄ ▄██▀
███    ███▄   ▄███    ███   ▀████▀▄██████▀█████████▀██   ███                   ███   ███     ███        ███            ▀███▀
███     ▀███▄███▀     ███   █▄▄▄▄███  ████████▀███████   ███                   ███   ███      ▀██▄      ███            █████
███       █████       ███   ██▀██████████▀████████████   ███                   ███   ███        ███     ███           ██▀ ▀██
███        ▀█▀        ███    ███████▀████████▀▀▀███▄█     ███                 ███    ███         ▀██▄   ███         ▄██▀   ▀██▄
███                   ███
     █  █▀█████████ ███ ███       ███               ███     ███           ███  ███        ██▀       ▀██
███                   ███
      █████▀▄▄▀█▄██▄▀▀▀▄██         ███▄▄         ▄▄███      ███            ▀██▄███      ▄██▀         ▀██▄
███                   ███
       ▀▀██▄▀▀▄███▀████▀▀           ▀▀████▄▄▄▄▄████▀▀       ███              █████     ███             ███
███                   ███
           ▀▀██████▀▀                   ▀▀█████▀▀           ███               ▀███   ▄██▀               ▀██▄
.
.TRADE, EARN & OWN THE EXCHANGE
.████   WHITEPAPER    FACEBOOK    TWITTER    LINKEDIN    TELEGRAM    CRUNCHBASE   ████
   FREE   TRADING &
ICO LISTING
.SUPERIOR  TO NASDAQ
AND LSE
  US$ 29M  RAISED IN
2 WEEKS
[]
Lieldoryn
Sr. Member
****
Offline Offline

Activity: 602
Merit: 272



View Profile
March 28, 2018, 02:24:13 PM
 #4

All exchanges have long warned its users that the network may be double sites. The only difference is the domain name. I'm always in front of the entrance to the site to check the name. It seemed to me that it is very difficult now to use such a primitive way of theft. The financial literacy of the population is growing every year and fraudsters will find it harder to deceive people.

███▄                 ▄███           ▄▄███▀▀█▄▄                   ▄▄█████▄▄           ███▄               ███    ▀██▄             ▄██▀
█████               ▄████       ▄▄████▄█ ██ ████▄▄           ▄▄████▀▀▀▀▀████▄▄       █████              ███      ███           ███
██████             ██████      ▀▀██▄█████▄▄███▄█▀▀▀         ███▀▀         ▀▀███      ███▀██▄            ███       ▀██▄       ▄██▀
███▀███▄         ▄██▀ ███     ███▄▀███▀████████ ████       ███               ███     ███  ███           ███         ███     ███
███  ▀███       ███▀  ███    █████ █████████  █▄▀▀▀▄█     ███                 ███    ███   ▀██▄         ███          ▀██▄ ▄██▀
███    ███▄   ▄███    ███   ▀████▀▄██████▀█████████▀██   ███                   ███   ███     ███        ███            ▀███▀
███     ▀███▄███▀     ███   █▄▄▄▄███  ████████▀███████   ███                   ███   ███      ▀██▄      ███            █████
███       █████       ███   ██▀██████████▀████████████   ███                   ███   ███        ███     ███           ██▀ ▀██
███        ▀█▀        ███    ███████▀████████▀▀▀███▄█     ███                 ███    ███         ▀██▄   ███         ▄██▀   ▀██▄
███                   ███
     █  █▀█████████ ███ ███       ███               ███     ███           ███  ███        ██▀       ▀██
███                   ███
      █████▀▄▄▀█▄██▄▀▀▀▄██         ███▄▄         ▄▄███      ███            ▀██▄███      ▄██▀         ▀██▄
███                   ███
       ▀▀██▄▀▀▄███▀████▀▀           ▀▀████▄▄▄▄▄████▀▀       ███              █████     ███             ███
███                   ███
           ▀▀██████▀▀                   ▀▀█████▀▀           ███               ▀███   ▄██▀               ▀██▄
.
.TRADE, EARN & OWN THE EXCHANGE
████   WHITEPAPER    FACEBOOK    TWITTER    LINKEDIN    TELEGRAM    CRUNCHBASE   ████
|FREETRADING &
ICO LISTING
|SUPERIORTO NASDAQ
AND LSE
|US$ 29MRAISED IN
2 WEEKS
|
[]
CryptoBry
Sr. Member
****
Offline Offline

Activity: 518
Merit: 274


RISE WITH RAYS FOR THE FUTURE


View Profile WWW
March 28, 2018, 02:32:40 PM
 #5



I would zero in to the ads made by these phishing sites. these are the kind of ads that Google should be banning and not those legitimate ones doing business using the cryptocurrency platform. Putting a blanket decision affecting everybody is not doing justice for many who are honest in the pursuit of their enterprises. Google and Twitter should come up with a good guidelines defining what can be allowed and not allowed.

          ▗▟█████▙▖                   ▗▟█████▙▖
          █████████ ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ █████████
          █████████ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ █████████
           ▀▜███▛▀               ▄▄▀▀  ▀▜███▛▀
           ▋  ▄▖             ▄▄▀▀         ▄▖
          ▋   █▌         ▄▄▀▀             █▌  ▋
         ▋    █▌     ▄▄▀▀                 █▌   ▋
        ▋     █▌ ▄▄▀▀                     █▌    ▋
       ▋    ▄ █▌▝                         █▌     ▋
▗▟█████▙▖ ▀▀  ▀▘                          ▀▘    ▗▟█████▙▖
█████████   ▟███▙ ▆▆▆▆▆▆▆▆▆▆▆▆▆▆▆▆▆▆▆▆▆ ▟███▙   █████████
█████████   ▜███▛ ▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔ ▜███▛   █████████
▝▜█████▛▘     █▌ ▝▀█▄▖                    ▋  ▄▄ ▝▜█████▛▘
       ▋      █▌    ▝▀█▄▖               ▄ ▋ ▀    ▋
        ▋     █▌       ▝▀█▄▖        ▄▄▀▀  ▋     ▋
         ▋    █▌          ▝▀█▄▖ ▄▄▀▀      ▋    ▋
          ▋   █▌           ▄▄▝▀█▄▖        ▋   ▋
           ▋  █▌       ▄▄▀▀     ▝▀█▄▖     ▋  ▋
           ▗▄▄▄▄▄▖ ▄▄▀▀            ▝▀█ ▗▄▄▄▄▄▖
          ▟███████▙                   ▟███████▙
          █████████ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ █████████
          ▝▜█████▛▘                   ▝▜█████▛▘
.
.
.
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!