An investigation by researchers at Indian cybersecurity firm CloudSEK has revealed that the threat actor behind the “CoinEgg scam” has been identified as a persistent malicious scheme by a team of researchers. (Getty)
One user also claimed that he lost Rs 50 lakhs including deposit amount, taxes and other additional costs due to cryptocurrency scam.
A recently published study has found that several Indian investors are falling for high-profile scams related to cryptocurrencies and cryptocurrency trading.
According to an investigation by researchers at Indian cybersecurity firm CloudSEK, a team of researchers found an ongoing harmful scheme involving Android-based applications, multiple payment gateway sites used to lure unwary people into a wide network of threats behind the “CoinEgg scam”. It revealed that there was an actor. Gambling fraud.
According to the findings, “User losses due to CoinEgg VIP fraud are estimated at Rs 10 billion. [Rs 1,000 crore]. One user also claimed that he lost Rs 50 lakhs due to this cryptocurrency scam, including additional costs like deposit amount, taxes, etc.
CloudSEK's team of threat analysts said threat actors had built several virtual domains using the keyword “CloudEgg” that looked like cryptocurrency trading sites.
What is noteworthy is that CoinEgg's original web address is www.[.]Coin Egg[.]com.com. The company is a UK-based cryptocurrency exchange that provides trading services for virtual currency assets.
The site's dashboard and user interface were an exact replica of the original website, and the scam appeared to have been carried out in multiple stages by the threat actors.
“In the first stage of the scam, CoinEgg users were tricked into investing in listed cryptocurrencies by depositing funds into fake wallets. The threat actor then freezes the funds in the CoinEgg VIP wallet and prohibits users from retrieving those funds,” the report said.
Additionally, numerous fake phishing programs pretending to be CoinEgg are spreading online. These applications usually require unnecessary permissions during installation and are marked as malicious by other systems.
According to CloudSEK's BeVigil security scanning engine, these harmful permissions include writing settings, system warning windows, requesting installation packages, location access, and handling outgoing calls.
Explaining how they work, the team explains that to prevent users from noticing the large-scale fraud, if a victim complains about their experience on another platform, in step 7 of the plan, the attacker will use an additional fake identity to contact the victim and It was noted that he claimed to be a fraudster. investigator.
Scammers also email victims requesting personal information such as identification and bank account numbers to unlock frozen assets. These details will be used to carry out further activities.
According to our findings, scammers mention “CoinEgg” on their index page, use CoinEgg's fake logo to gain victims' trust, and use a customer service chatbot that redirects users to domain v.[.]chatabc[.]xyz.
They discovered two domains used by the scammers, both of which were reportedly registered with GoDaddy on March 3, 2022, as part of a strategy to set up multiple backup domains in case of a takedown.
However, CloudSEK is not the first or only company to note the recent rise in cryptocurrency scams around the world.
Sean Ragan, a special agent with the Federal Bureau of Investigation (FBI), claimed in an interview with CNBC last week that LinkedIn users are being targeted by cryptocurrency scammers who pose a serious threat.
Read all the latest news, breaking news and watch trending videos and live TV here.