Many Indian investors are falling for high-profile scams related to cryptocurrencies and crypto-trading, a recently published study has found.
an inquiry by India Researchers at cybersecurity firm CloudSec revealed that threat actors were behind the “CoinEgg scam,” in which the team of researchers found a persistently harmful scheme, involving multiple payment gateway sites, Android-based applications, that unwittingly allowed people to spread widely. Used to lure in gambling scams.
According to their findings, “The loss of users in the CoinEgg VIP scam is estimated at 10 billion rupees. [Rs 1,000 crore], One user has also claimed to have lost Rs 50 lakh in this cryptocurrency scam, which includes additional costs such as deposits, taxes, etc.
CloudSEK’s Threat Analyst team said that the threat actors set up several fictitious domains with the keyword “CloudEgg” that looked like cryptocurrency trading sites.
It is worth mentioning that the original web address of CoinEgg was www. Is[.]coinage[.]com. The company is a UK-based cryptocurrency exchange that provides trading services for virtual currency assets.
It was observed that the dashboard and user interface of the sites have been made as an exact replica of the original website and that the scam was carried out by threat actors in multiple stages.
“In the first phase of the scam, CoinEgg users are tricked into depositing funds into a fake wallet to invest in a listed cryptocurrency. Following which, the threat actors deposit the amount into the CoinEgg VIP wallet and send the users prevent it from being obtained,” the report said.
Additionally, there are many fake phishing programs spreading online in the form of CoinEgg. These applications usually require unnecessary rights during installation and are flagged as malicious on various systems.
According to CloudSEK’s BeVigil security search engine, these harmful rights include write settings, system alert windows, request install packages, access location and process outgoing calls.
Explaining the modus operandi, the team notes that in the seventh phase of the plan, in order to avoid users reporting massive scams, if a victim complains about their experiences on other platforms, the attackers will be able to use additional Contacts them using fake identities and claims to be investigators.
In addition, scammers send emails to their victims requesting personal information such as ID cards and bank account numbers in order to freeze the frozen assets. These details are then used to perform additional activities.
According to their findings, scammers mention “CoinEgg” on the index page, use a fake CoinEgg logo to gain the trust of victims and use a customer service chatbot that redirects users to domain v .[.]chatabc[.]xyz
They found two domains used by scammers and are said to have been registered on GoDaddy on March 3, 2022, as part of a strategy to establish multiple backup domains in case of takedowns.
However, CloudSEK is not the first or only company to point out the recent increase in cryptocurrency scams around the world.
Federal Bureau of Investigation (FBI) special agent Sean Ragan claimed in an interview with CNBC last week that LinkedIn users are being targeted by cryptocurrency scammers who pose a serious threat to them.
read all breaking news , today’s fresh news watch top videos And live TV Here.