Personal Data of 250,000 People From 20 Countries Leaked by Bitcoin Scam
A global bitcoin scam has reportedly leaked personal data of about 250,000 people from more than 20 countries. The majority of the compromised data were of people in the U.K., Australia, South Africa, and the U.S. This bitcoin scam operates under several different names.
Investors’ Personal Data Leaked
A global threat hunting and intelligence company, Group IB, revealed this week that it has “discovered thousands of personal records of users from over 20 countries of the world exposed in a targeted multi-stage bitcoin scam.” The Singapore-based company said that it found 248,926 sets of unique personally identifiable information, elaborating:
The analysis of the exposed phone country codes showed that most of the victims were from the UK (147,610), followed by Australia (82,263), South Africa (4,149), the US (4,147), Singapore (3,499), Malaysia (2,491), Spain (2,420), and other countries.
At least six active domains featuring the same bitcoin investment platform were identified, the company described. The scheme operates under different names, such as Crypto Cash, Bitcoin Rejoin, Bitcoin Supreme, and Banking on Blockchain. Group IB’s analysts added that this new scheme resembles the Bitcoin Evolution scam.
An illustration of how this “personalized bitcoin investment scam” works. Source: Group IB
The company also explained how this bitcoin scam works. Firstly, a potential investor receives an SMS text message. Scammers sometimes send out phishing messages using the name of a recognized media outlet as the sender.
Every message contained a unique short link that takes the investor to a website “which already demonstrates their personal data, such as the phone number, first or/and last name, and sometimes an email address, and used for redirects to fake websites masquerading as a local media outlet,” the intelligence company detailed. “The experts believe that the personal information info could have been obtained by fraudsters through a separate fraudulent scheme or simply bought from a third party.”
The content displayed often depends on the targeted crypto investor’s location, such as major news outlets in the investor’s country. The scam websites feature fake interviews of famous people, articles, news, and comments attributed to local celebrities. They allege that famous people made a fortune using the new cryptocurrency investment platform. One example is Prince Harry and Meghan Markle, the Duke and Duchess of Sussex, used by Bitcoin Evolution as news.Bitcoin.com previously reported.
“All the fake pages discovered are almost identical in terms of design, but the URL and the page code are unique every time and contain users’ personal records. If a victim decides to click any link in the article, they are taken to a bitcoin investment platform website, where their data, contained in the URL, would already be pre-filled in the registration form without a user’s consent. Later a victim would be asked to add to their account balance in BTC,” the researchers detailed. Bleepingcomputer noted that “targets can create an account and activate it for a modest fee of 0.03 BTC [$274].”
According to the intelligence company, the source of the leak has not been established but the information has been provided to relevant authorities in the affected countries.
What do you think about this bitcoin scam leaking people’s personal data? Let us know in the comments section below.