Tag:

scams

Interpol Arrests 1,209 Involved In Illegal Crypto Mining And Investment Scams

by admin August 23, 2025

Trusted Editorial content, reviewed by leading industry experts and seasoned editors. Ad Disclosure

The International Criminal Police Organization (Interpol) has successfully conducted a continent-wide cybercrime crackdown in Africa, targeted against illegal cryptocurrency mining operations, inheritance scams, and fraudulent investments. Coordinated under the code name Serengeti 2.0, the three-month operation ran from June to August 2025, leading to more than 1,200 arrests and the recovery of close to $100 million in stolen funds and confiscated assets.

Operation Serengeti 2.0

According to Interpol’s press release on August 22, investigators from 18 African countries, working alongside the United Kingdom and supported by private-sector partners, dismantled 11,432 malicious infrastructures linked to almost 88,000 victims of targeted high-impact online crimes, including ransomware, scams, and business email compromise (BEC).

Notably, law enforcement authorities in Angola shut down 25 illegal cryptocurrency mining sites operated by 60 Chinese nationals while also commandeering 45 unauthorized power stations feeding these operations. In addition, officers also confiscated IT and mining machinery worth over $37 million.

Meanwhile, in Zambia, officials uncovered a massive crypto investment fraud with 65,000 victims and $300 million in total losses. The operation led to 15 arrests, alongside the seizure of domains, SIM cards, and bank accounts tied to the scam, which had promised investors sizable returns. Notably, another sting in Lusaka disrupted a suspected human-trafficking network, where 372 forged passports of seven countries were confiscated.

Interpol also reports that the Ivorian police dismantled a cross-border inheritance scam believed to originate in Germany. Unsuspecting victims were deceived to pay fees for fake inheritance claims, generating around $1.6 million in illicit gains. The primary suspect in this case has been detained while authorities seized cash, jewelry, and vehicles, among other valuables.

Commenting on the successful Serengeti 2.0 operation, Interpol’s Secretary General, Valdecy Urquiza, emphasized the importance of cooperation in amplifying results:

Urquiza said:

Each INTERPOL-coordinated operation builds on the last, deepening cooperation, increasing information sharing, and developing investigative skills across member countries. With more contributions and shared expertise, the results keep growing in scale and impact

Operation Serengeti 2.0 was conducted under the African Joint Operation Against Cybercrime with other participating nations, including Nigeria, Rwanda, South Africa, etc. Meanwhile, private partners of this operation are TRM Labs, Trend Micro, and Team Cypru, among others.

Crypto Market Overview

At the time of writing, the global cryptocurrency market capitalization stands at $3.95 trillion, reflecting a 3.87% increase over the past 24 hours. Daily trading volume has climbed to $157.12 billion, signaling heightened activity across major tokens. Market leader Bitcoin is currently priced at $115,811, while Ethereum trades at $4,700, both maintaining strong momentum amid broader market gains.

Total crypto market cap valued at $3.94 trillion on the daily chart | Source: TOTAL chart on Tradingview.com

Featured image from Interpol, chart from Tradingview

Editorial Process for bitcoinist is centered on delivering thoroughly researched, accurate, and unbiased content. We uphold strict sourcing standards, and each page undergoes diligent review by our team of top technology experts and seasoned editors. This process ensures the integrity, relevance, and value of our content for our readers.

Source link

August 23, 2025 0 comments

NFT Gaming

North Korea Targets Crypto Professionals With New Malware in Hiring Scams

by admin June 20, 2025

In brief

North Korean hackers are targeting crypto professionals with fake job interviews to deploy new Python-based malware, PylangGhost.
The malware steals credentials from 80+ browser extensions, including Metamask and 1Password, and enables persistent remote access.
Attackers pose as recruiters from firms like Coinbase and Uniswap, tricking victims into running malicious commands disguised as video driver installs.

North Korean hackers are luring crypto professionals into elaborate fake job interviews designed to steal their data and deploy sophisticated malware on their devices.

A new Python-based remote access trojan called “PylangGhost,” links malware to a North Korean-affiliated hacking collective called “Famous Chollima,” also known as “Wagemole,” threat intelligence research firm Cisco Talos reported on Wednesday.

“Based on the advertised positions, it is clear that the Famous Chollima is broadly targeting individuals with previous experience in cryptocurrency and blockchain technologies,” the firm wrote.

The campaign primarily targets crypto and blockchain professionals in India, using fraudulent job sites that impersonate legitimate companies, including Coinbase, Robinhood, and Uniswap.

The scheme begins with fake recruiters directing job seekers to skill-testing websites where victims enter personal details and answer technical questions.

After completing the assessments, candidates are instructed to enable camera access for a video interview and then prompted to copy and execute malicious commands disguised as video driver installations.

Dileep Kumar H V, director at Digital South Trust, told Decrypt that to counter these scams, “India must mandate cybersecurity audits for blockchain firms and monitor fake job portals.”

A vital need for awareness

“CERT-In should issue red alerts, while MEITY and NCIIPC must strengthen global coordination on cross-border cybercrime,” he said, calling for “stronger legal provisions” under the IT Act and “digital awareness campaigns.”

The newly discovered PylangGhost malware can steal credentials and session cookies from over 80 browser extensions, including popular password managers and crypto wallets such as Metamask, 1Password, NordPass, and Phantom.

The Trojan establishes persistent access to infected systems and executes remote commands from command-and-control servers.

This latest operation aligns with North Korea’s broader pattern of crypto-focused cybercrime, which includes the notorious Lazarus Group, responsible for some of the industry’s largest heists.

Apart from stealing funds directly from exchanges, the regime is now targeting individual professionals to gather intelligence and potentially infiltrate crypto companies from within.

The group has been conducting hiring-based attacks since at least 2023 through campaigns like “Contagious Interview” and “DeceptiveDevelopment,” which have targeted crypto developers on platforms including GitHub, Upwork, and CryptoJobsList.

Mounting cases

Earlier this year, North Korean hackers established fake U.S. companies—BlockNovas LLC and SoftGlide LLC—to distribute malware through fraudulent job interviews before the FBI seized the BlockNovas domain.

The PylangGhost malware is functionally equivalent to the previously documented GolangGhost RAT, sharing many of the same capabilities.

The Python-based variant specifically targets Windows systems, while the Golang version continues to target macOS users. Linux systems are notably excluded from these latest campaigns.

The attackers maintain dozens of fake job sites and download servers, with domains designed to appear legitimate, such as “quickcamfix.online” and “autodriverfix online,” according to the report.

A joint statement from Japan, South Korea, and the U.S. confirmed that North Korean-backed groups, including Lazarus, stole at least $659 million through multiple cryptocurrency heists in 2024.

In December 2024, the $50 million Radiant Capital hack began when North Korean operatives posed as former contractors and sent malware-laden PDFs to engineers.

Similarly, crypto exchange Kraken revealed in May that it successfully identified and thwarted a North Korean operative who applied for an IT position, catching the applicant when they failed basic identity verification tests during interviews.

Edited by Sebastian Sinclair

Daily Debrief Newsletter

Start every day with the top news stories right now, plus original features, a podcast, videos and more.

Source link

June 20, 2025 0 comments

GameFi Guides

DOJ seeks forfeiture of $225m tied to crypto ‘pig butchering’ scams

by admin June 19, 2025

The United States Department of Justice has filed an enforcement action as it moves to seize more than $225 million in cryptocurrency tied to massive pig butchering scams.

On June 18, the U.S. Attorney’s Office said it had filed a civil complaint in the U.S. District Court for the District of Columbia, seeking the forfeiture of approximately $225.3 million in crypto linked to large-scale cryptocurrency confidence fraud schemes.

Tether helped freeze $225 million

Most of the seized funds, according to the DOJ, were in the Tether (USDT).

Tether, the issuer of the U.S. dollar-backed stablecoin, acknowledged its collaboration with authorities as it helped to seize the assets. An investigation by the U.S. Secret Service and the Federal Bureau of Investigation had deemed the millions of dollars in USDT to have been from proceeds of crypto scams.

The DOJ said the funds were tied to an extensive pig butchering scheme that targeted victims around the world. The wallet addresses holding the seized assets were part of what officials described as “a sophisticated blockchain-based money laundering network.”

Blockchain tools unearth extensive scheme

The perpetrators of the crypto investment fraud used a complex web of transactions in an attempt to obfuscate the flow of illicit funds.

However, authorities leveraged blockchain analytics tools to trace the transactions and link them to the fraudulent operation. According to the DOJ, the scammers defrauded more than 400 victims globally.

“Under my leadership, with the support of President Trump and Attorney General Bondi, the U.S. Attorney’s office for the District of Columbia is taking a leading role in the fight against crypto-confidence scams, partnering with law enforcement throughout the country to seize and forfeit stolen funds and rip them from the hands of foreign criminals, all with the eye toward making victims whole,” U.S. Attorney Pirro said in a statement.

A report from the FBI’s Internet Crime Complaint Center previously noted that crypto-related investment fraud schemes saw unsuspecting victims lose over $5.8 billion in 2024.

A more recent FBI report from April 2025 put total crypto scam-related losses at over $9 billion for 2024—with pig butchering schemes accounting for more than half of that figure.

In May 2025, the U.S. Department of the Treasury’s Office of Foreign Assets Control sanctioned Myanmar warlord and his militia over a range of crimes, including money laundering, human trafficking, and crypto fraud connected to pig butchering operations.

Source link

June 19, 2025 0 comments

GameFi Guides

Ripple’s Top Lawyer Explains How to Fight Crypto Scams

by admin June 13, 2025

Stuart Alderoty, chief legal officer at enterprise blockchain firm Ripple, recently came up with a crypto scam survival guide.

Ripple’s top lawyer has outlined some common cryptocurrency scams that cryptocurrency market participants have to watch out for. These include pig butchering scams, pump-and-dump scams, fake giveaways, phishing, and impersonation.

In his op-ed, Alderoty also shared six pieces of advice on how cryptocurrency holders can remain safe. He has urged them to never share their private keys or recovery phrases. Those who want to protect their holdings short should refrain from clicking substantial links or random texts. Cryptocurrency holders should do their own research before investing, while verifying various details.

How to Avoid Scams and Shoddy Wares on Amazon (2025)

by admin June 12, 2025

Step 2: Amazon’s search should choose the right Department automatically, but if needed, you can navigate to the top of the left rail and click on a Department that fits.

Step 3: Once the page refreshes, scroll to the bottom of the left rail and choose “Amazon.com” as your Seller.

Step 4: Now you will only see “Pixel 8A” products sold directly by Amazon.com.

If you still don’t see “Amazon.com” as a seller, try hitting the “See More” button. It will bring up a dense but readable alphabetical page of sellers. If Amazon is one of those sellers, it will show up in the list. You can use CTRL+F (Command+F on Mac) to search for the word “Amazon.com.” Sometimes you’ll see “Amazon Warehouse,” but that only sells used and refurbished items.

Avoid Fake Discounts

When people see that a product they like is on sale, a little wave of excitement washes over them. Instead of thinking about how much we’re spending, we start to think about how much we’re saving. Coupons and discounts exist because they create a sense of urgency that causes many people to buy things they normally wouldn’t. Some sellers abuse that pricing power. There are a lot of products on Amazon that are endlessly on “sale” and that makes it hard to know if you’re getting an actual bargain.

Luckily, there’s an easy way to check. Just copy the URL and paste it into CamelCamelCamel. You’ll get a page with a graph on it showing every price fluctuation in the past year. A lot of products have deceptive sale prices like this, to varying degrees. Knowing what the actual going rate is for a product puts you in charge.

Alternatively, the Keepa extension for Chrome will add a similar box right into Amazon.com pages for you, though it does try and get you to register for free, and it might slow your browsing down.

Photograph: Louryn Strampe

Tools like Keepa and CamelCamelCamel may also help you determine the best time to buy an item. Amazon’s Fire TV Stick 4K Max, for instance, consistently fluctuates between its normal $60 price down to $40, like it is now. And that all-time-low includes special sales like Black Friday and Cyber Monday, meaning you (probably) don’t need to wait to score a good deal. The tools can help you spot similar trends in other products, like televisions, which tend to get a lot cheaper when Christmas draws near.

Don’t Trust Every Review

Amazon’s 5-star review system is supposed to make choosing products simpler, but it’s easily gamed. If you’re looking at an expensive product from a company you’ve never heard of, or if there are hundreds or thousands of very positive reviews, do a little sleuthing. Many sellers try to manipulate reviews to get their products listed more prominently on Amazon.

Fakespot is an excellent tool to help you spot deceptive reviews. Just plug in an Amazon URL and it’ll give you a report. It isn’t a flawless tool, but it will give you a hint at whether a lot of reviews are fake or suspicious, and it spits out an AI-generated summary to try and help you parse the information further. We’ve got more advice on detecting fake Amazon reviews here.

Source link

June 12, 2025 0 comments

GameFi Guides

Pi Network Cautions Pioneers on Fake Wallet Phishing Scams

by admin June 6, 2025

As the Pi Network moves deeper into its Open Mainnet phase, the Core Team has issued a fresh advisory to its global user base, urging caution against phishing scams that mimic the official Pi Wallet interface. These scams are designed to steal secret passphrases from unsuspecting users.

The official Pi Wallet is only accessible at wallet.pinet.com through the Pi Browser. It carries a distinct visual identity with a purple navigation bar and a Pi logo that includes the Core Team apps icon.

Remember to only use the Pi Wallet in the Pi Browser at exactly “https://t.co/OEifsSaA3K” in order to safeguard your Pi. Learn more: https://t.co/WFHv43Kny7

The authentic Pi Wallet is visually identified by a purple color in the navigation bar of the Pi Browser with a Pi logo…

— Pi Network (@PiCoreTeam) June 5, 2025

According to the advisory, several fake websites have emerged with interfaces almost identical to the original but hosted on misleading URLs. Users who enter their passphrases into these counterfeit sites risk losing their Pi holdings permanently.

The Pi Browser operates similarly to Chrome or Safari. This means users themselves must verify whether the sites they are visiting are legitimate. The Core Team stressed that it cannot control how the browser is used and urged users to remain vigilant.

No member of the Pi Core Team will ever ask for wallet passphrases, passwords, or verification codes. The team also clarified that it does not reach out to users through phone calls or unsolicited messages. Any such interaction should be treated as a scam attempt.

Scammers are stepping up efforts to target Pi Network users by sending fake emails, running misleading ads, cloning websites, and pretending to be official accounts on social media. Their goal is to trick users into giving away their wallet passphrases. Many of these fake pages closely resemble the real Pi Wallet, but use slightly altered web addresses or hide malicious links behind ads.

To avoid falling victim, users are being told to trust only emails from official Pi domains like noreply@pi.email, especially when it comes to two-factor authentication or anything involving wallet migration. Any message that doesn’t come from Pi’s verified sources should raise concern.

According to the Core Team, while scammers can copy the look of the wallet, they can’t fake the actual app URL or the layout seen inside the Pi Browser. These are key signs users should look for before entering any sensitive information.

Because blockchain transactions can’t be undone, entering your passphrase on a fake site could lead to losing everything in your wallet. And with more users now moving to the Open Network, the chances of getting targeted by these scams are only going up.

For updated security guidelines and a list of verified Pi apps and products, users are advised to check the Pi Safety Center. This remains the most reliable resource for identifying fake platforms and reporting suspicious activity.

Also Read: Pi Network Binance Listing Talks Spark Outrage, Pioneers Say ‘No’

Source link

June 6, 2025 0 comments

NFT Gaming

US Sanctions Filipino Tech Company for Aiding $200M in Crypto Scams

by admin May 31, 2025

In brief

The Treasury’s Office of Foreign Assets Control sanctioned Funnull Technology Inc., and its administrator, Liu Lizhi.
The company is charged with supplying infrastructure to pig-butchering scams.
The scheme involved IP address resales, phishing, and code injection on legitimate sites.
.

In a crackdown targeting the infrastructure behind so-called “pig butchering”, the U.S. Treasury has sanctioned a Philippine-based tech company and its administrator for aiding the cryptocurrency scams that defrauded Americans of more than $200 million.

Lawmakers on Thursday accused Funnull Technology Inc. of facilitating several of these schemes by providing cybercriminals with infrastructure to host fraudulent websites.

The Treasury Department also said Liu Lizhi, a Chinese national and administrator of Funnull Technology, kept records that tracked the performance and tasks of Funnull employees, including the assignment of domain names used in cryptocurrency fraud and phishing schemes.

“Today’s action underscores our focus on disrupting the criminal enterprises, like Funnull, that enable these cyber scams and deprive Americans of their hard-earned savings,” Deputy Secretary of the Treasury Michael Faulkender said in a statement.

The scams did not stop at defrauding consumers. Cybercriminals allegedly also used Funnull’s technology to target legitimate websites by injecting malicious code that redirected unsuspecting users to fraudulent websites.

The company reportedly bought IP addresses from global cloud providers and resold them to scammers who would then start investment fraud, phishing, and online gambling websites.

“Funnull is linked to the majority of virtual currency investment scam websites reported to the FBI,” the Treasury Department said. “U.S.-based victims of these scam websites have reported over $200 million in losses, with average losses of over $150,000 per individual.”

Treasury officials said the amount of losses is likely higher, but noted that many victims of scams do not report the crime.

Pig-butchering scams—named for the practice of fattening a pig before slaughter—typically begin on social media or dating apps, where scammers build trust with a target over time before striking.

The scammers then coax the victim into either sending digital assets to a scammer’s account or connecting their crypto wallets to fake crypto platforms where the scammers drain their funds.

The sanctions freeze all U.S.-based assets belonging to Funnull Technology Inc. and Liu Lizhi. They also prohibit individuals and businesses based in the U.S. from doing any business with entities that Funnull or Lizhzi own 50 percent or more stake.

The Treasury Department and OFAC did not immediately respond to Decrypt’s requests for comment.

It’s the latest in a series of actions by the Treasury’s Office of Foreign Assets Control targeting the infrastructure behind financial cybercrimes.

In October, OFAC sanctioned the Russia-based cybercrime syndicate Evil Corp, accusing the organization of orchestrating financial thefts and ransomware attacks. In March, OFAC sanctioned Behrouz Parsarad, who operated the dark web platform Nemesis.

According to OFAC, Parsarad took a cut of each transaction on the platform, which was used to facilitate the sale of millions of dollars’ worth of narcotics. In April, the Treasury Department sanctioned Tron Wallets linked to Iran-backed Houthi rebels.

Edited by James Rubin and Sebastian Sinclair

Daily Debrief Newsletter

Start every day with the top news stories right now, plus original features, a podcast, videos and more.

Source link

May 31, 2025 0 comments

Crypto Trends

US sanctions Philippines tech firm accused of aiding crypto scams

by admin May 30, 2025

The US Treasury has sanctioned a Philippines-based technology firm and its alleged administrator, accusing it of providing services to thousands of crypto scam websites.

Funnull Technology is linked to most crypto scam websites reported to the FBI, with victims’ losses surpassing $200 million, the Treasury’s Office of Foreign Assets Control (OFAC) said on May 29.

Funnull purchases IP addresses in bulk from cloud service providers and sells them to scammers, allowing them to host and operate clones of legitimate investment platforms, to deceive victims and steal their crypto, according to OFAC.

In one instance in 2024, OFAC said Funnell purchased a repository of code used by web developers and altered the code to redirect visitors of legitimate websites to scam websites and online gambling sites.

Source: Treasury Department

“These services not only make it easier for cybercriminals to impersonate trusted brands when creating scam websites but also allow them to quickly change to different domain names and IP addresses when legitimate providers attempt to take the websites down,” OFAC said.

Crypto wallets, Funnull admin sanctioned

The accused administrator of Funnull, Liu Lizhi — a Chinese national who managed the firm’s employees — was also added to OFAC’s Specially Designated Nationals and Blocked Persons (SDN) list as part of the sanctions.

Generally, being on the SDN list means any assets the individual has in the US are frozen, and it’s illegal for people in the US to conduct any financial transactions or have business dealings with them; violators can face civil and criminal penalties.

Related: US Treasury’s OFAC can’t restore Tornado Cash sanctions, judge rules

OFAC also sanctioned two wallet addresses it said are associated with Funnull, which blockchain analytics firm Chainalysis said in a May 29 report were likely “used to receive payment from cyber criminals.”

Funnull offers bulk IP addresses to scammers looking to operate scam websites. Source: Chainalysis

“Additionally, the addresses show indirect exposure to various types of scams and domain management infrastructure vendors,” Chainalysis said.

Chainalysis claimed Funnell is a central player in a network known as the Triad Nexus, which includes over 200,000 unique hostnames associated with investment scams and fake trading apps.

As a result of the sanctions, everyone in the US is now forbidden from interacting with all property and business interests where Lizhi and Funnull have a more than 50% stake, with violators possibly facing civil or criminal penalties.

Magazine: Coinbase hack shows the law probably won’t protect you: Here’s why

Source link

May 30, 2025 0 comments