A large-scale cryptocurrency scam has been uncovered, involving over 1,000 fraudulent websites that have deceived users since January 2021.
Trend Micro researchers have linked this scam to a Russian-speaking threat actor called “Impulse Team.” The scam operates through an advanced fee fraud scheme, where victims are tricked into believing they have won cryptocurrency rewards but must pay a small amount to open an account on a fake website to claim their prize.
The scam has resulted in thousands of people being scammed globally, generating over $5 million for the threat actors. Trend Micro discovered multiple domains associated with the fraud, with some dating back to 2016.
The operation is run as an affiliate scam crypto project, similar to ransomware-as-a-service (RaaS) operations, where affiliates pay to join the program and share earnings with the original authors. The threat actors have created a lookalike version of ScamDoc, an anti-scam tool, to give the fraudulent crypto services a semblance of legitimacy.
The scam has been promoted through private messages, online videos, and ads on social networks such as TikTok and Mastodon.
The findings come in the wake of other crypto-related cyber threats, including a Romanian cryptojacking campaign and the use of the r77 rootkit to deploy a cryptocurrency miner. It is crucial to remain vigilant and cautious while engaging in cryptocurrency-related activities to avoid falling victim to such scams.