Trader Lose $310K on Dodgy Exchange Pitched in LinkedIn Request; Owners of “Empire Market” Charged; The alleged developer of ransomware for Conti and LockBit was arrested in Kyiv and etc
A trader loses $310,000 on a LinkedIn exchange, Empire Market owners are accused of running a $430 million darknet market, an employee's old nickname is used to steal $245,000 in cryptocurrency, a new cryptocurrency scheme is spreading in Russia, F.A.C.C.T. experts say.
Trader Loses $310K on Suspicious Exchange Pitched on LinkedIn
An investor claims to have lost $310,000 to an allegedly fraudulent crypto trading platform after responding to an unsolicited LinkedIn connection request. This incident was reported by the Washington State Department of Financial Institutions (DFI) Securities Division on June 13.
Initially, the investor discovered the platform, named “Ethfinance,” through a random friend request on LinkedIn. Initially, he transferred a total of $310,000 from his DeFi wallet to Ethfinance, hoping to earn profits from crypto trading. When the investor tried to withdraw his initial investment and the reported profits, he was told to add more funds to complete the "smart contract" necessary for the withdrawal. The investor did not send any more money and found his account locked, unable to withdraw any funds.
$310K Lost in Ethfinance Crypto Scam
Notably, the Washington DFI suggests that this case appears to be an example of "Advance Fee Fraud." This scam promises victims significant returns or services in exchange for an upfront payment. Once the payment is made, the scammer either asks for more fees or disappears.
The DFI stated, "The investor has been unable to withdraw any funds from his account, and his account is locked."
Previous Complaints Against Ethfinance
Additionally, Ethfinance has been mentioned in previous complaints. According to the Washington DFI's crypto scam tracker, a California resident reported losing over $165,000 after engaging with the same platform. The individual was approached by a stranger online who offered to teach them how to trade crypto options.
Owners of "Empire Market" Charged With Operating $430 Million Dark Web Marketplace
Two men have been charged in federal court in Chicago with operating "Empire Market," a dark web marketplace that enabled users to anonymously buy and sell more than $430 million in illegal goods and services around the world. Thomas Pavey, also known as "Dopenugget," 38, of Ormond Beach, Fla., and Raheem Hamilton, also known as "Sydney" and "Zero Angel," 28, of Suffolk, Va., owned and operated Empire Market from 2018 to 2020, during which time they facilitated approximately four million transactions between vendors and buyers valued at more than $430 million, according to a superseding indictment returned Thursday in U.S. District Court in Chicago. The indictment charges Pavey and Hamilton with conspiring with each other and others to engage in drug trafficking, computer fraud, access device fraud, counterfeiting, and money laundering. The charges in the superseding indictment are punishable by a maximum sentence of life in federal prison. Pavey and Hamilton are in U.S. law enforcement custody. Arraignments in federal court in Chicago have not yet been scheduled.
The superseding indictment was announced by Morris Pasqual, Acting United States Attorney for the Northern District of Illinois, Robert W. "Wes" Wheeler, Jr., Special Agent-in-Charge of the Chicago Field Office of the FBI, Ruth Mendonça, Inspector-in-Charge of the Chicago Division of the U.S. Postal Inspection Service, and Ivan J. Arvelo, Special Agent-in-Charge of the New York office of Homeland Security Investigations. The government is represented by Assistant U.S. Attorneys Melody Wells and Ann Marie Ursini.
According to the charges, Pavey and Hamilton previously worked together to advertise and sell counterfeit U.S. currency on AlphaBay, a dark web marketplace for illicit goods that was shut down in 2017. They began operating Empire Market on February 1, 2018, the indictment states. Thousands of vendors and buyers accessed Empire Market through a specialized anonymizing software and the site's address, which ended in "."onion." Vendors on Empire Market offered to sell various illicit goods and services, including controlled substances such as heroin, methamphetamine, cocaine, and LSD, as well as counterfeit currency and stolen credit card information, the indictment states. Buyers could browse the available goods and services by category, including "Fraud," "Drugs & Chemicals," "Counterfeit Items," and "Software & Malware," among others, the indictment states. After transactions were completed using cryptocurrency, buyers could review and rate their purchases on multiple criteria, including "stealth," the indictment states. During the investigation, federal law enforcement seized cryptocurrency valued at $75 million at the time of the seizures, as well as cash and precious metals.
The public is reminded that an indictment is not evidence of guilt. The defendants are presumed innocent and entitled to a fair trial at which the government has the burden of proving guilt beyond a reasonable doubt.
The alleged developer of ransomware for Conti and LockBit was arrested in Kyiv
Ukrainian cyber police announced the arrest of a 28-year-old resident of Kyiv, who is suspected of collaborating with ransomware groups Conti and LockBit and carrying out at least one attack on a Dutch multinational corporation. According to investigators, the detainee developed special encryption programs for hackers to make it difficult to detect their malware on victims' computers. In addition, Dutch police confirmed at least one case of a person of interest orchestrating an attack using a Conti payload in 2021. During searches in Kyiv and the Kharkov region, computer equipment, mobile phones and handwritten notes were seized. The developer has been charged with unauthorized interference in information systems. He faces up to 15 years in prison. The investigation is ongoing.
Employee's old nickname of a16z was used to steal $245,000 in cryptocurrencies
An unknown attacker stole funds in Ethereum and LinqAI from a user for a total of $245,000 under the guise of an employee of the American venture company Andreessen Horowitz (a16z). This was reported by on-chain researcher ZachXBT. The victim was offered to host a joint podcast, allegedly on behalf of a16z representative Peter Lauten. What worked into the attacker's hands was that the real Lauten had recently changed his X nickname from "peter_lauten" to "lauten," but his company's official account still used his old name. The victim did not notice the trick and downloaded the Vortax application sent by the hacker, which was malware. Once on the computer, it transferred all cryptocurrency assets to the attacker's wallets. Subsequently, the funds were transferred to a number of exchanges.
A new cryptocurrency scheme is gaining momentum in Russia, said experts from the F.A.C.C.T. investigation department
Crypto exchange employees and crypto enthusiasts are becoming victims of scammers. How the scheme works: Fraudsters contact a potential victim and offer to buy crypto. The pretext is the purchase of precious metals in countries where cash transactions, according to them, are difficult, for example in India. To gain trust, attackers organize a video call, showing fake documents. During or after a video call, the victim, under various pretexts (for example, to prove the purity of the origin of assets or the absence of his wallet on blacklists), is convinced to transfer cryptocurrency to his own unique address, adding "."eth" at the end. The link leads to the scammers' crypto wallet. After a "test" transfer, scammers manually return the amount to the sender's wallet. After receiving full payment for the service, the attackers disappear, leaving the victim without crypto.