The major technology conglomerate Cisco in cooperation with the Cyber Police of Ukraine has just revealed a Ukrainian Bitcoin (BTC) phishing ring that just stole over $50 million over three years of time.
According to Talos which is Cisco’s threat intelligence team, the phishing threat began on February 24th when the Ukrainian-based phishing scheme named COINHOARDER targeted the wallet service blockchain.info. The scam was made through Google Ads containing gateway phishing links and attracting more than 200,000 to the search queries.
The Google ads represented the real blockchain.info Bitcoin wallet. They were using domain names that resembled ones of the official wallet such as ‘blockchein.info’ which were designed to match the real site in many ways except for the domain name.
COINHOARDER has made a lot of progress towards making their phishing site look more legit by adopting SSL certificates in combination with their attacks. The phishing targeted geographic areas where local currencies were unstable – as the main target for the entire scam.
As we said above, the Cyber Police of Ukraine also helped them identify the attackers’ BTC wallet address. According to Talos, more than $10 million were stolen while tracking the wallet activity from September to December.
The report ends with the list of IP addresses that were associated with the entire phishing scam as well as some advice for people to protect themselves against similar threats. Users creating fake accounts on Twitter also contributed to these phishing scams – and Talos clearly warned people about the following.
DC Forecasts is a leader in many crypto news categories, striving for the highest journalistic standards and abiding by a strict set of editorial policies. If you are interested to offer your expertise or contribute to our news website, feel free to contact us at [email protected]
Discussion about this post