Welcome to week 18 of the Crypto Alert of the Week series, dedicated to documenting interesting or high profile frauds/hacks, etc that recently happened and have been reported into the AMLT Network and show how the AMLT Network can help track and prevent it in the future. Big changes and conflicts are always a great opportunity for creative scammers to capitalize on. We can see this with pretty much every major hard fork happening to bigger cryptocurrencies – fake wallets, fake splitters, etc.
Amidst the latest Bitcoin Cash “hash war” controversies many new entities have surfaced. That includes mining pools, wallets and dedicated payment applications. This, of course, has brought in many fake ones.
One of the more notorious, yet very uninspired attempts at such phishing is a site posing as the new Bitcoin SV pool. By changing the domain name from “.com” to “.co” and cloning most of the assets, the scammers have created a pretty convincing copy. To add to the hype, they’ve also included a fake announcement about SVpool creating a decentralized exchange.
Unfortunately, the whole illusion falls apart when we take a look at the fake site’s “business model”. Instead of stealing some unsuspecting miners’ hash power (which, to be fair, would be highly unlikely to succeed), the site acts as a cloud mining provider. The poorly designed “client area” of the site claims to offer hash power “packages” with different pricings that, ironically, come in BTC.
The subscription option then leads us to a dashboard, where we’re asked to provide payment for our chosen program so that our mining can begin.
As visible above, the scam is pretty obvious and didn’t have that much effort put into it. Adding to it the fact, that the mining pool sites are already pretty obscure, it isn’t surprising that this phishing attempt is a complete fiasco – the payment addresses that have been provided at the site are pretty much empty.
At Coinfirm and the AMLT Network, we believe in setting the highest standards for the industry. If anyone notices such an attack, they can report the attacker through the AMLT panel or widget. The submitted data is then analyzed and processed by our data science team for validation of submitted data. Once flagged entities using the Coinfirm AML Platform such as exchanges can see the source and potentially freeze the funds and prevent further risk spreading through the ecosystem. This helps the crypto economy become safer and more transparent while fighting malicious actors.
You can see how the below in the Coinfirm AML Risk Report created for the fake SVPool payment address:
If you’re interested in partnering with Coinfirm or becoming an AMLT Network Member then contact us!
The Coinfirm Team