Coinfirm documents interesting or high profile frauds and hacks that have recently happened and been reported into our networks to show how the Coinfirm can help track and prevent it in the future. Today we conduct an investigation into the Fake Exchanges and SVPool.
Big changes and conflicts are always a great opportunity for creative scammers to capitalize on. We can see this with pretty much every major hard fork happening to bigger cryptocurrencies – fake wallets, fake splitters, etc.
Original SVPool Site
Amidst the latest Bitcoin Cash “hash war” controversies many new entities have surfaced. That includes mining pools, wallets and dedicated payment applications. This, of course, has brought in many fake ones.
Fake SVPool Site
One of the more notorious, yet very uninspired attempts at such phishing is a site posing as the new Bitcoin SV pool. By changing the domain name from “.com” to “.co” and cloning most of the assets, the scammers have created a pretty convincing copy. To add to the hype, they’ve also included a fake announcement about SVpool creating a decentralized exchange.
Unfortunately, the whole illusion falls apart when we take a look at the fake site’s “business model”. Instead of stealing some unsuspecting miners’ hash power (which, to be fair, would be highly unlikely to succeed), the site acts as a cloud mining provider. The poorly designed “client area” of the site claims to offer hash power “packages” with different pricings that, ironically, come in BTC.
The subscription option then leads us to a dashboard, where we’re asked to provide payment for our chosen program so that our mining can begin.
As visible above, the scam is pretty obvious and didn’t have that much effort put into it. Adding to it the fact, that the mining pool sites are already pretty obscure, it isn’t surprising that this phishing attempt is a complete fiasco – the payment addresses that have been provided at the site are pretty much empty.
At Coinfirm, we believe in setting the highest standards for the industry. If anyone notices such an attack, they can report the attacker through the AML Platform. The submitted data is then analyzed and processed by our data science team for validation of submitted data. Once flagged entities using the Coinfirm AML Platform such as exchanges can see the source and potentially freeze the funds and prevent further risk spreading through the ecosystem. This helps the crypto economy become safer and more transparent while fighting malicious actors.
You can see how the below in the Coinfirm AML Risk Report created for the fake SVPool payment address:
Sincerely,
The Coinfirm Team
