Two Alleged Ethereum ‘Scam Forks’ Appropriating Users’ Private Keys, Report Finds

Ethereum Nowa and Ethereum Classic Vision are reportedly appropriating the private keys of users trying to redeem the allegedly forked coins.

Altcoins Ethereum Nowa (ETN) and Ethereum Classic Vision (ETCV) are reportedly appropriating the private keys of users trying to redeem their allegedly forked coins. The suspected scam was covered in a report sent to Cointelegraph by the Guarda Wallet development team on Jan. 11.

The official website of the Ethereum Nowa project — which doesn’t contain a white paper — describes the process that users are supposed to engage in to obtain ETN. According to the website, the user should first send ETH to an address, and then export the private key and redeem the cryptocurrency using the dedicated online tool.

A user on Ethereum block explorer Etherscan has commented on the aforementioned address, asserting that the address is engaging in a “scam [hard] fork/airdrop” after warning “Don’t send anything here.” The tool to claim the coins appears to be a clone of the well-known online Ethereum (ETH) wallet MyEtherWallet (MEW), featuring the original logo, website title and page under a different domain.

The main difference compared to the original MEW interface is that all the options that let the user chose how to access the wallet are greyed out, other than the one allowing the user to paste in their private key. Furthermore, some browsers flag the tool as a “Deceptive Site.”

The Guarda Wallet team wrote that, analyzing the code, they found out that the private key is not only being processed by the tool, but also being sent to a remote server. According to the Guarda report, Ethereum Nowa “is a way for the thieves to get your private information and gain access to your wallet.”

Ethereum Classic Vision’s hard fork, according to the project’s white paper, is happening today (Jan. 11) at 20:00 GMT. The website contains links to a downloadable Windows and Linux wallet alongside a web tool. Near the “Claim fork” button, the website states:

“Regardless of which authorized wallet you use to hold your ETH, your free ETCV will be initially sent to the official Ethereum Classic Vision wallet. While we are currently in negotiations with a number of popular wallets, at the moment of the fork we will not be able to send ETCV to those wallets due to certain differences in the algorithms used.”

The Guarda Wallet team noted that while this project looked more solid than ETN, after closer examination, they reportedly found that the ETCV team also appropriated the private keys of the users:

“The analysis on the code performed by our team has shown that the piece of code provided actually sends your private key data on the Ethereum Classic Vision servers, masking it as an API token.”

As Cointelegraph recently reported, a Maltese actor and two hosts of a local TV show have notified the police after a fake news piece indicated that they are involved in a Bitcoin investment scheme called Bitcoin Revolution.

Furthermore, the same day, news broke that the Twitter account of a Belgian non-profit was evidently hacked and made into a fake affiliate account of United States crypto exchange Coinbase.

Continue Reading

Maltese Celebrities Notify Police After False Report of Involvement in Crypto Investment Scheme

A Maltese actor and two TV show hosts notify the police following a fake news article about their involvement in a crypto investment scheme.

A Maltese actor and two hosts of a local TV show have notified the police after a false report that they are involved in a Bitcoin investment scheme called “Bitcoin Revolution.” The story was reported by the Malta Independent and Malta Today on Thursday, Jan. 10.

As per the Malta Independent, an article with a fake endorsement of Bitcoin Revolution was initially published on a website called Major News. It depicted two hosts of the One Breakfast show, Wayne Sammut and Elaine Degiorgio, and falsely claimed that Davide Tucci, a Maltese actor and TV star, was a guest on their show.

Major News continued its false report by claiming that Tucci convinced Degiorgio — as they were “on air” — to make a 250 euro deposit to a trading platform called Bitcoin Revolution, which supposedly had helped himself out of bankruptcy. The money invested during the fake “show” has increased to 483.18 euro “within three minutes,” Major News added.

The media outlet’s fake report also provided detailed instructions on how to use the platform and instructed potential customers on how to sign up.

Tucci quickly reacted to the fake news article, posting a video statement on his Facebook page. He claimed that he has never promoted or engaged in any activities related to Bitcoin or other cryptocurrencies, describing any reports to the contrary as a scam: “This is clearly a scam and click-bait, please don’t buy into this.”

Furthermore, Tucci declared that he has reported the case to the Malta Police Force’s Cybercrime unit.

The One Breakfast hosts Sammut and Degiorgio have told the Malta Independent that Tucci had never been their guest and no investments had ever been made live on their show. They have similarly notified the Maltese police of the incident.

Another local news outlet Newsbook asked the Malta Financial Services Authority (MFSA) to clarify the legal status of Bitcoin Revolution. The MFSA responded, stating that the company of that name had never been authorized by the Maltese government. In addition to that, the regulator has informed Newsbook that it is conducting its own investigation into the case.

Continue Reading

Hackers Turn Twitter of Belgian Non-Profit Into Fake Coinbase Promo Account

The Twitter account of a Belgian non-profit was evidently breached and made to imitate Coinbase and advertise a Bitcoin giveaway scam.

The Twitter account of a Belgian non-profit was evidently hacked and made into a fake affiliate account of United States crypto exchange Coinbase. The impersonating account posted what what appeared to be a scam giveaway promotion, allegedly celebrating Coinbase’s user base growth in a tweet today, Jan. 9, that has since been deleted.

Scammers had targeted the account of the Federation of Enterprises in Belgium (FEB), a non-profit organization that aims to promote the interests of Belgian businesses.

After taking control of the FEB’s Twitter account, the scammers transformed the account to appear to be affiliated with Coinbase. The account’s description read “Official Coinbase Promotion Account,” and its profile and cover photos featured Coinbase branding, as well as a link to Coinbase’s official site.  

The scammers were unable to change the Twitter account’s handle, which remained @VBOFEB, a combination of the abbreviations of the organization’s name in Dutch and French.

Screenshot from the FEB’s hacked Twitter account impersonating a Coinbase promotion account, Jan. 9

By press time, Coinbase branding has been removed from the Twitter account, though retweets from Coinbase’s official account still remain in the account’s feed.

Screenshot of the FEB’s Twitter account at press time, Jan. 9

The scam giveaway tweet posted today mimics a common crypto scam model on Twitter, urging followers to send a small amount of crypto in order to receive a larger amount. The scammers’ tweet urged users to participate in a fraudulent 3,000 BTC giveaway, allegedly in honor of Coinbase’s user base growth to “over 30,000.000 [sic] users.”

Screenshot of fake Coinbase tweet promoting a scam giveaway

In addition to the Twitter account’s handle, other signs that the giveaway tweet and accounts were a scam included inconsistent number formatting and grammatical errors. Coinbase’s alleged user base, according to the tweet, was “30,000.000,” or thirty thousand, while the giveaway statement also read: “We giving [sic] away 3 000 BTC.”

In October, Ran Neuner, the host of CNBC’s Crypto Trader, revealed that the number of Coinbase user accounts had reached 25 million by that time, with 600,000 user actively trading on the platform.

At press time, the FEB has not replied to Cointelegraph’s request for comment.

Crypto-related giveaway scams on Twitter often involve scammers impersonating major industry names, such as Charlie Lee or Elon Musk, subtly changing characters in the original account’s name to dupe users.

Continue Reading

US: Financial Data Co. FactSet Sues Blockchain Terminal Affiliate

CG Blockchain, a company affiliated with trading service Blockchain Terminal, is being sued by U.S. financial research company FactSet for a breach of contract.

United States financial research company FactSet has filed a lawsuit against a company affiliated with professional trading service Blockchain Terminal (BCT), according to documents published by the Supreme Court for the State of New York County, Jan. 3.

As stated in the lawsuit, in January, 2018, FactSet and the defendant — CG Blockchain — entered into an agreement to develop an interfacing application between the two firms’ products. FactSet also granted a license to CG to use its products.

According to the documents, CG had agreed to pay a minimum licensing fee of about $3.8 million, payable in three increments.

However, FactSet claims that the amount was not payed, and insists the contract between the two companies has thus been breached. Moreover, the plaintiff states that CG retained the benefit of using the licenses provided, also filing a second part of the complaint covering CG’s “unjust enrichment.”

FactSet insists that CG owes the company $2.8 million in damages, plus interest and attorney’s fees.

According to crypto news outlet The Block — which recently published an investigation into Blockchain Terminal — this is not the first lawsuit filed against CG. As per the documents filed in the same court, New York staffing company Clarity LLC sued CG and, in particular, its managing director Edith Pardo, for about $150,000 in October, 2018. The plaintiff claims CG failed to pay for recruiting services.

In December, The Block published its investigation claiming that the person behind BCT, allegedly named Shaun MacDonald, was reportedly a convicted fraudster, whose real name is Boaz Manor.

According to Toronto news outlet The Star, Manor received a four-year prison sentence in Canada in 2012 for misappropriating $106 million from the Toronto-based hedge fund he co-founded. In April, The Globe and Mail reported that Manor agreed to repay nearly $8.8 million as compensation and agreed to a lifetime ban from the securities industry.

Later in December, the official BCT twitter account posted an interview with MacDonald, in which he admitted his real name is Boaz Manor.

BCT is alleged to have raised most of its funds via a $31 million ICO for its native BCT token in September 2017, The Block wrote in December.

Continue Reading

Prime Suspect in $24 Million Bitcoin Scam Arrested in Thailand

The main suspect in a Bitcoin fraud case in Thailand was detained at a Bangkok airport after being on the lam for 2 months.

Thai citizen Prinya Jaravijit, who allegedly defrauded a Finnish investor of $24 Million worth of Bitcoin (BTC), has recently been detained in Suvarnabhumi Airport in Bangkok, the Bangkok Post reports Friday, Oct. 12.

According to newspaper, Jaravijit arrived in Bangkok on a flight from South Korea en route from the U.S., where he allegedly spent two months after his brother’s detention in connection with the same crime.

Shortly after the arrest Jaravijit, who was wanted on charges of conspiracy to defraud and money laundering, was delivered to local police where he was questioned. His lawyers are reportedly preparing to apply for bail.

As per the Bangkok Post, in January Finnish investor Aarni Otava Saarimaa along with his Thai business partner Chonnikan Kaewkasee complained to the Thai Crime Suppression Division (CSD). They claimed that Jaravajit along with six other suspects had duped them into investing $24 million worth of BTC into a scheme involving three companies and gambling-focused crypto token Dragon Coin (DRG).

However, Saarima and Kaewkasee never received any dividends from the so-called investment, proof of investment in DRG, nor were they invited to a shareholder’s meeting. CSD states that the funds were withdrawn from their BTC wallets, converted into baht and then spent by the alleged fraudsters.

As Cointelegraph previously reported, the case came to public attention when soap-opera actor Jiratpisit “Boom” Jaravijit — Prinya’s younger brother — was detained  in August.

In October, the Thai Money Laundering Office confiscated funds worth $6.4 million from Jaravijit’s family and other people connected to the case, and is preparing to charge the suspects with fraud.

Following the detention of his brother, Prinya Jaravijit reportedly fled to the U.S. to avoid charges. He was ordered to return to Thailand by Oct. 8, but failed to do so. The Thai Foreign Ministry then revoked his passport which made his further stay in the U.S. illegal.

Continue Reading

US SEC Halts Fraudulent ICO That Claimed to Possess Regulator’s Approval

The U.S. Securities and Exchange Commission has halted an ICO that falsely claimed the support of the SEC and used a fake regulatory agency to promote their product.

The U.S. Securities and Exchange Commission (SEC) has halted a planned Initial Coin Offering (ICO) that falsely claimed have SEC approval, the agency reported in an official press release Thursday, Oct. 11.

The SEC suspended the ICO project with an emergency court order, and also halted pre-ICO sales by the company Blockvest LLC, and its founder Reginald Buddy Ringgold III.

The complaint by the SEC alleges that Blockvest falsely claimed that their ICO and affiliates had acquired approval from major financial regulators, including the SEC itself. Blockvest and Ringgold — who also goes by the name Rasool Abdul Rahim El — claimed the crypto fund was “licensed and regulated.”

The firms are accused of violating federal law by impersonating the SEC seal, as well as running an ICO promoted by a fake agency dubbed the “Blockchain Exchange Commission.” The “Commission” reportedly used a graphic similar to the SEC seal, as well as the SEC address.

According to the SEC, Blockvest and Ringgold also violated the law by continuing their fraudulent activity after receiving a cease-and-desist letter by the National Futures Association (NFA).

Following the SEC’s complaint, the U.S. District Court for the Southern District of California issued an order freezing Blockvest and Ringgold’s funds as well as suspending their securities registration provisions. The hearing is set for Oct. 18, and will consider prolonging the preliminary injunction and the asset freeze.

Other firms have attempted to defraud investors by make spurious claims about their status with federal regulators. On Sept. 28, the U.S. Commodity Futures Trading Commission (CFTC) filed a suit against two companies for alleged fraudulent solicitation of Bitcoin (BTC). The companies were also impersonating a CFTC investigator, as well as using forged official documents to pose as the the CFTC’s General Counsel with the CFTC’s official Seal.

The SEC’s Office of Investor Education and Advocacy, and the CFTC Office of Customer Education and Outreach have issued an investor warning on the use of false claims regarding SEC and CFTC endorsements.

Earlier this year, the SEC Office of Investor Education and Advocacy launched a fake ICO website, intended to increase awareness of the typical warning signs of scam ICOs and promote investor education.

Continue Reading

Crypto Exchange YoBit Starts Pump Scheme on Random Coins

Russian crypto exchange YoBit tweeted that it will pump the price of 10 random coins.

Cryptocurrency exchange YoBit is going to perform a pump scheme on random coins, according to an Oct. 10 tweet. A pump and dump scheme is a form of fraud that attempts to artificially boost the price of an asset through misleading or false recommendations.

In addition to announcing the pump scheme in a tweet, the exchange posted a countdown clock for a ‘YoBit pump’ on its website.

YoBit is a Russia-based digital currency exchange founded in 2015, which offers access to hundreds of digital currencies. The trading platform was in the headlines a number of times in multiple reports of suspicious activity and problems with users trying to withdraw funds from their wallets. At press time, YoBit’s daily trading volume is around $28 million, according to CoinMarketCap.

The community reacted quickly, with some users asking whether YoBit’s Twitter account had been hacked, and others accusing the company of fraudulent activity. User @Altcoinbuzzio wrote:

“…Looks like Yobit is serious about it, unbelievable… surprised to see an exchange do this.”

Another user @PsychedelicBart tagged the U.S. Securities and Exchange Commission (SEC) in one of his comments:

In November 2017, a Business Insider investigation revealed that traders were conducting pump and dumps on YoBit via the messaging app Telegram. However, it remained unclear whether the exchange was aware of the pump and dump activity, as Yobit reportedly did not respond to a request for comment from Business Insider.

Continue Reading

Suspect in Thai Bitcoin Scam Unable to Return to Thailand Due to Passport Revocation

The Foreign Ministry of Thailand has invalidated the passport of an alleged Bitcoin scammer, rendering him unable to return to his home country for prosecution.

The Foreign Ministry of Thailand has revoked the passport of an alleged crypto scammer, which has reportedly rendered him unable to return to his home country for prosecution, the Bangkok Post reports Wednesday, Oct. 10.

According to the report, Prinya Jaravijit was in the U.S. after a cryptocurrency investment scheme surfaced in which he and several accomplices allegedly defrauded a Finnish investor of $24 million.

The Crime Suppression Division’s (CSD) deputy commander Pol Col Chakrit Sawasdee claimed on Wednesday that the Foreign Ministry invalidated the passport of the prime suspect Jaravijit.

Sawasdee reportedly ordered the suspect to turn himself in by Monday, but Jaravijit stated that he was not able return to Thailand since his passport was revoked, making his stay in the U.S. illegal. Jaravijit was reportedly in the process of handling his return with the Thai embassy in the U.S.

On Tuesday, the Thai Anti-Money Laundering Office (AMLO) confiscated funds worth $6.4 million from Jaravijit’s family and other people connected to the case. Next week, local police are reportedly set to charge the suspect’s family and elder brother with money laundering. The accused allegedly received money from Jaravijit and spent it later.

As previously reported by Cointelegraph, Jaravijit and his accomplices are accused of defrauding Finnish millionaire Aarni Otava Saarima and his business partner, who were lured into investing their Bitcoin (BTC) in a fake investment scheme involving three companies and  gambling-focused crypto token Dragon Coin.

The alleged scammers took their victims to a Macau-based casino, where they claimed the tokens would be used. Saarima subsequently transferred his bitcoins, but never saw returns, nor shareholder papers or proof of investment in Dragon Coin. Saarima approached the CSD with a complaint in January.

The deputy commander reported that the other suspects have all been members of the Jaravijit family, including investor Prasit Srisuwan and businessman Chakrit Ahmad, who reportedly have reached a compensation settlement with the Finnish investor.

The case first came to light in August, when Thai police arrested 27-year old soap-opera star Jiratpisit “Boom” Jaravijit, who is reportedly one of the seven suspects involved in the $24 million crypto scam.

Continue Reading

Hackers Breach Smart Contract on Ethereum-Based Adult Entertainment Platform SpankChain

Blockchain-based adult entertainment platform SpankChain lost $38,000 in ETH in a hack of its payment channel smart contract.

Ethereum-based adult entertainment platform SpankChain has suffered a smart contract security breach that led to loss of around $38,000, the firm reported on its Medium page Oct. 9.

The hack, which purportedly took place Oct. 6, was detected by SpankChain a day after, and was announced today in a post entitled “We Got Spanked: What We Know So Far.”

Anonymous attackers managed to steal 165.38 Ethereum (ETH) or around $38,000 from the platform’s payment channel smart contract. Additionally, the security breach caused the immobilization of $4,000 worth of the SpankChain’s internal token called BOOTY.

While most of lost or immobilized funds belong to SpankChain itself, the platform claimed that client reimbursements are of “immediate priority.” The company will shortly repay $9,300 worth of Ethereum and Booty coins directly to users’ SpankPay accounts via Ethereum airdrop.

The SpankChain team has subsequently halted its camservice Spank.Live in order to prevent users from depositing via the payment channel smart contract. The website reboot is expected to take around two to three days in order to reset the payment channel smart contract, carry out airdrop reimbursements, reset native token distribution, and eliminate the security weakness.

The attack was related to a “reentrancy” bug similar to that which exploited The Decentralized Autonomous Organization (The DAO). The hacker reportedly created a malicious contract mimicking an ERC20 token, with a “transfer” function calling back into the payment channel smart contract multiple times in a loop, extracting Ethereum each time.

A smart contract is a protocol that enables the specific behavior of a contract by applying the terms of the agreement into the code, eliminating the need for a third party intermediary.

While smart contracts are reportedly “extremely difficult to hack,” they are still a young technology, and can be prone to bugs, which may in turn be exploited by scammers.
The adult entertainment industry is increasingly taking advantage of cryptocurrencies and blockchain technology, mostly driven by the technology’s inherent anonymity, as well as a number of other benefits.

Continue Reading

US Regulator Acts Against Crypto Firm Falsely Claiming to Represent Coinbase, Cointelegraph

The Texas Securities Commission has issued an emergency cease and desist order against a Russian crypto firm for misleading representation.

The Texas Securities Commission (TSC) has issued an emergency cease and desist order against a Russian crypto firm, according to an official press release published September 18. The Texas regulator states that the company allegedly misappropriated both Coinbase and Cointelegraph materials to attract investors.

The firm, operating as Coins Miner Investment Ltd., is said to have spoofed the email address of major U.S. crypto exchange and wallet service provider Coinbase in order to make its email solicitations to investors seem as if they were endorsed by the entity.

The cease-and-desist order states that Coins Miner falsely claimed to be registered at a U.K. address, whereas the firm was in fact operating from Volgograd in Russia. It is charged with sending unsolicited emails to numerous recipients — including Texas residents — luring them to purchase investments in crypto mining programs issued by Coins Miner.

At the center of the order is a Coins Miner affiliate “Ana Julia Lara,” who is charged with falsely depicting herself as a Coinbase crypto trader, as well as misappropriating a photograph of “herself” posing with the president of crypto company Ripple.

The person in the photograph is in fact one of Cointelegraph’s vice presidents, and is not the Coins Miner scammer “Lara,” according to the cease-and-desist:

“Respondent Lara is telling potential investors she met the president of Ripple and [is] providing potential investors with a photograph that purports to depict her and the president of Ripple. The photograph does not depict Respondent Lara. Instead the photograph depicts a vice president at CoinTelegraph Media Group [sic].”

Third parties reporting on the matter have confusingly described the cease-and-desist order, with media outlet Finance Feeds erroneously writing that “the person identified as Lara is [editor’s emphasis added] a vice president of CoinTelegraph Media Group [sic].” Cointelegraph officially denies all connection with the person “Ana Julia Lara.”

Coins Miner is further charged with publishing a “phony” video that “falsely” depicts its facilities, engineers, and financial professionals, and with using “fake” photos that purport to show the interior of its office suite, but are in fact stock Internet photographs available for purchase online.

It is also charged with misappropriating a video of a Fortune journalist discussing crypto next to a superimposed Coins Miner logo. According to the TSC press release, “neither the journalist nor Fortune authorized the use of the video, which was filmed for Fortune as part of its coverage of cryptocurrencies.”

Alongside these charges of misleading and deceptive representations, the TSC deems the investments in Coins Miner to be securities, and their unregistered sale in Texas to therefore be in violation of Section 12 of the Securities Act.

TSC also issued two further cease-and-desist orders on the same day, September 18: one against “DGBK Ltd., an offshore digital “bank” that says it has developed hack-proof storage for virtual currencies”; and Ultimate Assets LLC, a “supposed crypto and foreign exchange trader.”

Earlier this month, in what appeared to be the first U.S. court to address the matter, a New York federal judge ruled that U.S. securities laws are applicable for prosecuting crypto fraud allegations.

Continue Reading