Posted on

US Government Tells Bitcoin Bomb Scam Victims to Inform FBI, Not Pay Ransom Money

Internet users worldwide have begun receiving emails claiming an armed “mercenary” will blow up their building.

A suspected scam which threatens to blow up buildings unless recipients pay a Bitcoin (BTC) ransom caught the attention of the United States’ government Dec. 13.

The scam, which centers on anonymous emails demanding payment of $20,000 in Bitcoin or face a “mercenary” detonating a device in “your building,” has appeared throughout the world.

Now, the U.S. National Cybersecurity and Communications Integration Center (NCCIC) opted to release dedicated advice to victims, advising the only action necessary on receipt of an email was to inform the FBI.

The NCCIC is “aware of a worldwide email campaign targeting businesses and organizations with bomb threats,” it said.

“The emails claim that a device will detonate unless a ransom in Bitcoin is paid.”

Prior to the government acknowledgment, media sources had reported on the scheme, including cybersecurity publication and research outlet Krebs On Security, which published the full text of the email.

“My mercenary keeps the building under the control. If he notices any unusual behavior or emergency he will blow up the bomb,” an excerpt reads.

“I can withdraw my mercenary if you pay. You pay me 20.000 $ in Bitcoin and the bomb will not explode, but don’t try to cheat -I warrant you that I will withdraw my mercenary only after 3 confirmations in blockchain network.”

Multiple campaigns continue to target unwitting internet users both within and outside the cryptocurrency community.

As Cointelegraph reported, 2018 has seen an almost 500 percent rise in the number of flagged hacking schemes known as “cryptojacking” — the process by which a device is commandeered to mine or steal cryptocurrency.

Phishing scams — hackers masquerading as known entities to trick users into transferring coins to a fake address — have spread from emails to social media platforms such as Twitter en masse this year.

Posted on

Russian Draft Bill Blocking Suspicious Financial Websites ‘Could’ Cover ‘Scam’ ICOs, Experts Note

Russia’s parliament will discuss a draft bill on blocking suspicious financial websites, and experts believe it might affect “scam” ICOs.

A group of Russian members of parliament (MPs) has introduced a draft bill on blocking suspicious financial websites on Tuesday, Dec. 11. Russian crypto media outlet Forklog believes it can encompass “scam” Initial Coin Offerings (ICO).

According to the document, the country’s central bank will be able to call to block websites as soon as they do not comply with the current legislation. Moreover, the state bank can apply to the court in order to block the page on the basis of pre-trial settlement.

Websites that fake existing banks’ URLs, offer financial services without having a license, or promote “financial pyramids” are mentioned among those that fall under the newly introduced restrictions.

The group of MPs working on the bill was headed by the chairman of the State Duma — a lower chamber of Russian Parliament — Vyacheslav Volodin. The document was developed in 2017 on the direct instructions from Russian president Vladimir Putin.

Alexander Zhuravlev, an author of a blockchain-related education program supported by the Duma, told Forklog that the bill is likely to encompass the crypto area, and scam ICOs in particular:

“The central bank has been struggling to to clean the market of pseudo-credit organizations and financial pyramids. If we apply this to future ICO projects that fail to comply with their obligations, then the central bank will also be entitled to request the blocking of their websites.”

Russia’s State Duma is also working on a draft bill on crypto regulation, which had been pushed back to its first reading for significant edits in early December. The document had previously been heavily criticized, partly due to the lack of core crypto terms, such as “mining” and “cryptocurrencies” themselves.

However, the deputy prime minister of Russia announced earlier this week that the authors of the draft crypto bill did not intend to make any changes.

Posted on

Report: Financial Criminal Allegedly Revealed as Figure Behind ‘Blockchain Terminal’ ICO

The man behind the “Blockchain Terminal” ICO has been ousted as a convicted financial criminal who concealed his former identity.

The man behind the “Blockchain Terminal” (BCT) Initial Coin Offering (ICO) has been ousted as a financial criminal who concealed his former identity from employees and investors alike. An investigation into the circumstances were published Dec. 11 on news outlet The Block Crypto

The BCT project and its affiliated firm, CG Blockchain, are alleged to have raised as much as $31 million in an ICO to launch a crypto-focused version of the ubiquitous “Bloomberg Terminal” — a highly-successful financial data and trading tool for the traditional financial sector.

According to the report, BCT’s glossy “institutional-grade” tool for crypto “trading professionals” had at its helm a man who operated as “Shaun MacDonald,” but was in reality a convicted fraudster, Boaz Manor, who had received a four-year prison sentence in Canada in 2012 for siphoning $106 million from a Toronto-based hedge fund he co-founded.

The Canadian fund reportedly had $800 million in assets under management at its peak from 26,000 investors: Manor was also found guilty of using investors’ money to purchase $8.8 million worth of diamonds that later disappeared.

Having agreed to a lifetime ban from the securities industry, Manor-turned-MacDonald withheld his conviction and identity from his colleagues at BCT, reportedly “growing a beard and [dying] his hair red.” While formally assigning the company’s presidency to Bob Bonomo — former chief information officer at $500 billion asset management firm AllianceBernstein — MacDonald was reportedly the primary driver behind the BCT venture.

Although it marketed its $999 “Blockchain Terminal” to crypto hedge funds — a 32-inch “HD Terminal” with a hardware private key — the company is alleged to have raised most of its funds via a lucrative $31 million ICO for its native BCT token, which launched in September 2017.

One of the project’s purported investors is the high-profile crypto analyst and host of CNBC’s show Cryptotrader Ran Neuner, who tweeted his endorsement of the Blockchain Terminal in June, and is alleged to have invested as much as $1.3 million in the company’s ICO, according to two unnamed sources.

NeuNer yesterday stated he had “lost a ton” of his own cash investing in the BCT “fraud,” but accused The Block of “defamatory” misreporting, and falsely claiming to have reached out to contact him for comment on the story.

NeuNer has not responded to Cointelegraph’s request for comment by press time.

Besides MacDonald’s misrepresentations, the Block reports that Bonomo “quietly resigned” from BCT in summer, following which MacDonald revealed himself as Manor to his employees, and purportedly ceased to pay them. With Manor’s whereabouts “unclear,” BTC has now rebranded as BCT Inc., and announced in late October its Terminal would go on sale in to the public.

In June, the Bloomberg Terminal announced that it would begin listing crypto exchange Huobi’s Cryptocurrency Index, as well as nine crypto-trading pairs.

Posted on

New Zealand: Financial Authority Blacklists Another Three Crypto Platforms Marked as ‘Suspected Scams’

New Zealand’s Financial Markets Authority has updated its blacklist with three suspicious crypto-related companies.

New Zealand’s Financial Markets Authority (FMA) has added three more crypto platforms to its blacklist that warns about scams, a release by the FMA reveals Wednesday, Dec. 12.

OneLife Network Limited and its associated entity OneCoin Limited were added to the list because they “bear the characteristics of a scam” and promise unrealistic returns. Moreover, the FMA has learned that the mentioned companies are holding promo events in New Zealand and offering investments, thus breaching the country’s las by acting as unregistered financial services.

Another crypto company, Bitcoin Revolution Limited, was suspected of being involved in a scam as well. As Finance Magnates reports, the crypto trading firm made suspicious claims on its website, such as “Earn up to $1000 per hour or more, starting today.”

Moreover, the FMA recalled its October warning, reminding the public that Bitcoin Revolution Limited falsely claimed that the country’s current or former prime ministers and Treasury officials were investing in Bitcoin (BTC).

As Cointelegraph wrote before, in late 2017, former New Zealand prime minister Sir John Key was rumored on social media to hold $300 million in BTC from his initial investment of $1,000. Key later denied this information and said that the initial news was posted by a fake website pretending to be the New Zealand Herald — the largest newspaper in country.

New Zealand’s authorities are already closely following other crypto scams. In September, the country’s police warned citizens about online scams in general as an investor lost $320,000 NZD ($213,000 USD) to crypto fraudsters.

In October and November, the FMA also blacklisted several crypto-related companies, mostly for promising unrealistic returns or failing to get a required certificate of incorporation from local authorities.

Posted on

Crypto Platform Cubits Begins Insolvency Procedure After Alleged Hack, Locks Users’ Funds

The cryptocurrency platform Cubits (Dooga) has battled alleged “collusion” over the disappearance of $32.8 million last February.

United Kingdom-based cryptocurrency payment platform Cubits has filed for administration following a sudden outage that locked customer funds, a company press release revealed Dec. 11.

The act of filing for administration means that an insolvent company has appointed an external administrator in order to act of behalf of its creditors.

Cubits, the trading name of legal entity Dooga Ltd., claimed it had lost funds worth €29 million ($32.8 million) to “fraudsters” in February 2018 that it was unable to reclaim.

Now, Dooga has brought in administrators “to work with those who are owed money by the Company and to collect monies that are owed.”

“Our goal is to achieve the best outcome for creditors generally at the earliest possible date,” one of the two newly appointed administrators Steve Parker commented in the press release, continuing:

“Dooga’s current position is secure, investigations are proceeding and we will be writing to creditors, formally, this week.”

Both of Opus Restructuring & Insolvency (a part of Opus Business Services Group), Parker is joined by Trevor Binyon to work as “Joint Administrators” for Dooga.

Cubits users had raised the alarm Monday after the platform’s website went offline. At the time, the company’s Twitter account claimed the reason for the downtime was “maintenance.”

The website subsequently went from claiming services would “be right back” to a generic error message Dec. 12. The website now shows a copy of their press release explaining the administration procedure.

Some users reacted coldly, claiming they had already been waiting several weeks to withdraw funds.

Opus Business, now in charge of Cubits’ administration, has not responded to a request for comment on users’ locked funds by press time.

The February episode focuses on three Chinese traders who allegedly purchased Bitcoin (BTC) on Cubits via Malta-based payment processor Pay Secure Online Ltd, regularly known as PaySec.

The company allegedly never paid Dooga the fiat due, leaving the company with debts totalling €35 million ($39.7 million). In August, a Maltese court upheld a garnishee order (third party order) filed against PaySec, which Dooga openly claims “colluded” with the traders.

“Since February, Dooga has made every possible effort to recover these funds,” the release continued:

“Unfortunately — contrary to expectations — these efforts have been unsuccessful up until now.”

In a separate controversy, an analysis of Dooga’s activity on LinkedIn revealed its payments coordinator Eloise Debono is an endorser of infamous alleged ponzi scheme OneCoin.

Its head of crypto business, Max Krupyshev, left the company in November before its financial woes became public.

Posted on

Ex-Mt. Gox CEO Karpeles Denies Embezzlement as Prosecutors Call For Ten Year Jail Term

Mark Karpeles has repeatedly denied criminal activity related to either the Mt. Gox hack or the alleged embezzlement of funds.

The former CEO of defunct Japanese Bitcoin exchange Mt. Gox, Mark Karpeles, could spend ten years in jail over alleged embezzlement, Japanese daily news outlet Nikkei reported Dec. 12.

Karpeles, who presided over the major hack of Mt. Gox in 2014 that resulted in the loss of 850,000 BTC ($2.87 billion), has repeated denied any wrongdoing.

In a Tokyo court on Wednesday, prosecutors read out an indictment against the embattled executive, who is currently confined to Japan as a condition of his bail, claiming he stole funds worth 340 million yen ($3 million). The prosecution has asked for a ten-year prison sentence for Karpeles’ alleged embezzlement.

While not connected to the hack itself, Karpeles has attracted the attention of authorities as part of the investigation into how Mt. Gox lost so much money.

He has often protested his innocence and publicly appealed to affected traders, speaking to his regret at the events.

The exchange continues to conduct civil rehabilitation proceedings, which should see victims compensated for their losses.

According to Nikkei, Karpeles today denied he “hacked and stole” money on his own, as well as manipulated Mt. Gox ledgers and used the embezzled funds to pay for property rent, furniture and business acquisitions.

It remains unknown when the trail will conclude, the publication added.

Japan continues to safeguard its local exchange sector after another major hack this January saw crypto exchange Coincheck lose over half a billion dollars of altcoins to malicious parties.

Posted on

Malta, Italy Issue Joint Warning Over Potential Unlicensed Cryptocurrency Exchange

A statement from Maltese regulators requires site OriginalCrypto to stop serving the Italian and Maltese markets.

Malta has warned citizens about an unlicensed cryptocurrency exchange serving its domestic market. Regulators ordered the platform to stop operating in a notice Dec. 5.

The offending platform, OriginalCrypto, had first come to the attention of Italian officials concerned it may not have the required license to offer authorized “investment services and activities.”

The platform’s owner, SolutionsCM Ltd., has now come under scrutiny from both countries, with Malta’s Financial Services Authority (MFSA) sharing the warning from Italy:

“The Commissione Nazionale per le Società e la Borsa (CONSOB) has ordered the following companies to cease infringement of art. 18 of the Italian Legislative Decree No. 58/1998, consisting of the provision of unauthorised investment services and activities to the Italian public performed by SolutionsCM Ltd. via the www.originalcrypto.com website.”

As Cointelegraph frequently reports, Malta has sought to become one of the world’s most permissive jurisdictions regarding both cryptocurrencies and blockchain technology.

As part of its bid to transform into a so-called “Blockchain Island,” various regulatory overhauls have accompanied MFSA-endorsed deals with industry businesses, including major exchanges such as Binance and Huobi.

OriginalCrypto remains far from those legitimate activities, however, sources warning about the likely “scam” scheme earlier this year.

“Portraying their platform as a cryptocurrency financial brokerage, OriginalCrypto.com has engineered a clever marketing approach to promote their illicit investment services to consumers across the world,” monitoring site ScamBitcoin wrote in February.

According to the site’s investigations, OriginalCrypto had made dubious claims about its setup, including being operated by a Bulgarian-based parent company “Bali Limited Ltd.”

“We could find no evidence to support that Bali Limited Ltd was an actual corporation,” the site warned:

“Furthermore, the alleged corporate address provided for Bali Limited Ltd does not appear to be a factual physical address and computes to a variance of their disclosed address.”

Last week, the U.S. state of Ohio’s decision to accept cryptocurrency for tax payments drew the ire of the mainstream press after it emerged officials involved were unaware of the scams that had affected previous such efforts elsewhere.

Posted on

Study: Pump and Dump Schemes Account for 7$ Million of Monthly Trade Volume

A recent study by Imperial College London analysts claims that crypto pump and dump scams account for $7 million in trade volume each month.

A recent study has found that pump and dump schemes account for about $7 million worth of trading volume per month, MIT Technology Review reported Dec. 4. The analysis was performed by researchers Jiahua Xu and Benjamin Livshits at Imperial College London.

A pump and dump scheme is a form of securities fraud that has also become common in the cryptocurrency space. The organizers of the scheme choose a coin, boost its price and then “dump” sell their overvalued currency, which further leads to the price falls and losses among the investors.

In the course of their research, the analysts reportedly focused on a pump and dump scam with a coin called BVB, that happened on Nov. 14, 2018. They collected details by following announcements on several Telegram channels, including Official McAfee Pump Signals, and recorded the price changes and trading volumes of the selected coin.

McAfee Pump Signals reportedly revealed BVB, which had been dormant for over a year by that time, with little trading activity and a value of about 35 satoshi ($0.00132202). 1 satoshi is equal to 10-8 Bitcoin (BTC).

The first buy order was placed and completed within one second after the first announcement, according to Xu and Livshits. The coin’s price reportedly surged to its peak after just 18 seconds, reaching 115 satoshi ($0.00434378).

It took the participants “three and half minutes after the start of the pump and dump” to take their profits, after which “the coin price had dropped below its open price,” the researchers said. The analysis revealed that those who joined the activity more than 18 seconds after its beginning could hardly make any profit.

Additionally, Xu and Livshits investigated 236 other pump and dump scams that were performed between July 21 and Nov. 18, concluding that “many of them were preceded by unusual buying activity in the target currency.” The researchers stated:

“The study reveals that pump and dump organizers can easily use their insider information to take extra gain at the sacrifice of fellow pumpers.”

The researchers suggests that it is possible to spot target currencies before they are revealed by looking for unexpected trades in shadowy coins. Xu and Livshits appealed to the historical data from known pump and dump schemes to train a machine learning algorithm to trace telltale signs that a scam will soon occur.

In August, the Wall Street Journal claimed in a study that cryptocurrency price manipulation was largely conducted by organized “trading groups” using services such as Telegram. The WSJ suggested that coordinated “pump and dump” schemes had seen traders inflate and crash the prices of various cryptocurrencies this year.

Posted on

Celebs and ICOs: The Makings of a Dangerous Duo

The U.S. SEC’s move to fine celebrities for fraudulent ICO advertising tells a cautionary tale to investors and would-be advertisers.

Like many different industries, Hollywood’s involvement with cryptocurrencies and Initial Coin Offerings (ICO) has become a reality and a number of celebrities have looked to capitalize on the surge in interest and potential money to be made.

As Cointelegraph has previously explored, some celebrities have gone on to achieve success in their crypto-related ventures, while others have been embroiled in the ensuing mess of failed and fraudulent projects.

Caught up in Centra Tech

Two major names in the entertainment industry fell victim to the fallout associated with a fraudulent ICO of crypto financial services startup Centra Tech.

In 2018, the three co-founders of the project were indicted and charged with securities and wire fraud by the United States Securities and Exchange Commission (SEC). Centra Tech had raised $32 million during its ICO.

Centra Card was advertised as a debit card reportedly backed by Visa and Mastercard, which allowed users to convert crypto into fiat currencies. Investigations revealed no actual partnership existed.

Before any of this came to light, the founders of the project managed to get the backing of none other than boxing superstar Floyd ‘Money’ Mayweather. The boxer had posted a photo on Twitter with a Centra debit card in hand in September last year.

Mayweather wasn’t the only high-profile celebrity to be tainted by association to the fraudulent project.

American music producer DJ Khaled had also endorsed the project on social media, touting the Centra debit card on Instagram. Nevertheless, the post has since been deleted from his social media profiles.

Last week, both celebrities had to face the music for their involvement with Centra Tech. The SEC formally charged both Mayweather and Khaled for unlawfully advertising the fraudulent ICO.

Mayweather copped a heavy judgement from the regulator for not disclosing promotional payments from three ICO issuers, including $100,000 from Centra Tech. Khaled also failed to disclose a $50,000 payment from Centra Tech.

Both celebrities refrained from admitting or denying the charges against them and agreed to pay penalties and restrictions to the SEC. Mayweather will pay $300,000 in disgorgement, a $300,000 penalty, as well as $14,775 in prejudgement interest.

Khaled is set to pay $50,000 in disgorgement, $100,000 as a penalty, and $2,725 in prejudgement interest.

The ramifications of their involvement goes further than financial penalties. Mayweather has agreed to collaborate with the ongoing investigation into Centra Tech and has been barred from promoting securities for three years. Khaled cannot promote any securities for two years.

Pyramid schemes and dodgy CEOs

During the past 10 years since Bitcoin’s inception in Satoshi Nakamoto’s white paper, we’ve seen more than a few spin-offs and hard forks riding on the name of the preeminent cryptocurrency.

In January 2018, a project named Bitcoiin2Gen was launched and was widely labelled as a pyramid scheme and MLM company. Its dodgy project prompted a warning  to consumers from the Tennessee Department of Commerce & Insurance (TDCI) Securities Division.

What made things even more perplexing was that American actor Steven Seagal was revealed as the brand ambassador for the project’s ICO. The project claimed to be a peer-to-peer (p2p) payment system in the mould of Bitcoin, running on the Ethereum blockchain.

Seagal’s involvement with the ICO didn’t go unnoticed by the SEC, which issued a statement directed at celebrities that warned of possible legal ramifications should they not be abiding by securities regulations:

“Celebrities and others are using social media networks to encourage the public to purchase stocks and other investments. These endorsements may be unlawful if they do not disclose the nature, source, and amount of any compensation paid, directly or indirectly, by the company in exchange for the endorsement.”

Just two months after its launch, the founders — along with Seagal — announced their departure from the project after the completion of its ICO in March.

American actress, businesswoman, and socialite Paris Hilton also fell prey to a not-so-innocent ICO in 2017.

Hilton had expressed her interest in the LydianCoin ICO in a series of now-deleted Tweets on Twitter. A few months laters, when the CEO of LudianCoin’s parent company was embroiled in serious legal trouble, Hilton publically distanced herself from the project.

American rapper The Game also got involved in the world of ICOs in August 2017, posting a video on Twitter in which he promoted a blockchain-based platform focused on the marijuana industry.

According to reports, the founders of the project did not register the ICO with the relevant regulators, which led to legal battles with initial investors.

U.S. rapper T.I. faced a lawsuit from investors after his FLiK token seemingly failed in November. A group of 25 investors are reportedly suing the rapper and his business partner, Ryan Felton.

The group had invested over $1,3 million in the token sale. It is claimed that T.I. and Felton used the money raised during the token sale to pump the price of the coin before dumping their FLiK tokens. The plaintiffs are looking for $5 million in damages from the duo.

In Russia, TV personality and singer Olga Buzova went as far as launching her own ICO in June 2018 for a multipurpose platform that is touting a messaging app and online store for starters.

SEC setting a precedent

The SEC’s decision to charge both Mayweather and Khaled has made the consequences of unlawful promotions of ICOs clear for all to see.

As the SEC enforcement division co-director, Stephanie Avakian, explained in the aftermath of the Mayweather and Khaled settlements, celebrity endorsements of ICOs can have far-reaching consequences for unassuming investors:

“These cases highlight the importance of full disclosure to investors. With no disclosure about the payments, Mayweather and Khaled’s ICO promotions may have appeared to be unbiased, rather than paid endorsements.”

The SEC enforcement division co-director, Steven Peikin, urged investors to be wary of so-called investment advice on social media platforms:

“Investors should be skeptical of investment advice posted to social media platforms, and should not make decisions based on celebrity endorsements. Social media influencers are often paid promoters, not investment professionals, and the securities they’re touting, regardless of whether they are issued using traditional certificates or on the blockchain, could be frauds.”

The SEC’s stance has been given a significant clout by the sheer sum of money both Mayweather and Khaled have had to pay for their indiscretions. If anything, it sends a strong message to other celebrities that are being paid to tout projects.

Posted on

Cyber Security Firm Check Point Research Reports of ‘Evolving’ Monero Cryptojacker

Cyber security firm Check Point Research has found that the cryptojacking malware KingMiner is “evolving” as it targets XMR and attacks Windows Servers.

Cyber security firm Check Point Research has found that the KingMiner cryptojacker targeting cryptocurrency Monero (XMR) is “evolving,” according to a company’s blog post published Nov. 30.

KingMiner was purportedly firstly detected in mid-June, subsequently evolving in two improved versions. The malware attacks Windows Servers by deploying various evasion methods to skirt its detection. Per Check Point data, several detection engines have registered significantly decreased detection rates, while sensor logs have shown a growing number of KingMiner attacks.

The firm has been monitoring KingMiner activity over the past six months and concluded that the malware has evolved in two new versions. The blog post further explains:

“The malware continuously adds new features and bypass methods to avoid emulation. Mainly, it manipulates the needed files and creates a dependency which is critical during emulation. In addition, as part of the malware’s ongoing evolution, we have found many placeholders for future operations or upcoming updates which will make this malware even harder to detect.”

Check Point has determined that KingMiner uses a private mining pool to bypass any detection of their activities, wherein the pool’s (API) is turned off and the wallet is not used in any public mining pools. The attacks are reportedly widely spread around the world.

According to the company’s findings, the malicious software attempts to guess passwords of the servers it attacks. Once a user downloads and executes the Windows Scriptlet file, it reportedly identifies the relevant Central Processing Unit (CPU) architecture of the device and downloads a payload ZIP file based on the detected CPU architecture.

The malware eventually destroys the relevant .exe file process and deletes the files themselves, if older versions of the attack files exist. Check Point also notes that the file is not an actual ZIP file, but rather an XML file, which will circumvent emulation attempts.

As Cointelegraph reported yesterday, Russian internet security company Kaspersky Labs has found that crypto mining malware became increasingly popular among botnets in 2018. During the Q1 2018 cryptojacking “boom,” the share of cryptojacking malware downloaded by botnets, out of total files, hit 4.6 percent — as compared with 2.9 percent in Q2 2017.

Botnets are reportedly therefore becoming increasingly viewed as a means of spreading crypto mining malware, with cybercriminals increasingly viewing cryptojacking as more favorable than other attack vectors.