CryptoCore, Sophisticated Cryptocurrency Scam Attacking Users To Drain Wallets


Cryptocurrency scams have changed along with digital currencies and they now employ technological advancements like AI and deepfakes in their sophisticated frauds.

The CryptoCore group is an example of these methods where celebrity images are used, major events are exploited, and hijacked social media accounts are taken across platforms such as YouTube, Twitter, and TikTok.

EHA

Cybersecurity researchers at Avast recently discovered this group, and it’s been identified that this group has been actively exploiting sophisticated cryptocurrency scams to drain users’ wallets.

CryptoCore Cryptocurrency Scam

In most cases, they do this by organizing convincing giveaways or investment opportunities through deepfake videos and well-designed websites that are aimed at capturing unsuspecting victims.

CryptoCore, Sophisticated Cryptocurrency Scam Attacking Users To Drain Wallets
CryptoCore fraudulent websites (Source – Avast)

These types of scams take advantage of the trust that people have in renowned brands and famous personalities by forcing potential victims with limited-time offers and big profits in mind.

Extensive preparation, a developed infrastructure, and access to broad social media audiences usually determine the success of such operations on popular social platforms.

CryptoCore, Sophisticated Cryptocurrency Scam Attacking Users To Drain Wallets
CryptoCore components (Source – Avast)

The CryptoCore group conducts its sophisticated cryptocurrency scams by exploiting large events and celebrity images, especially targeting media outlets such as YouTube.

Their strategy involves creating deep fake videos, capturing high-profile social media accounts (typically with millions of followers), and then leading the victims to perfectly set-up fake websites.

They use a framework called CryptoProject, which can be found in hacker forums, to create landing pages and purchase tools as a service, such as deep fake creation and account hijacking.

Companies such as SpaceX, MicroStrategy, and Tesla are often themed in their campaigns, resulting in millions of dollars in turnover for different cryptocurrencies such as Ethereum and Bitcoin.

The scammers use sophisticated techniques to avoid detection, including obfuscated JavaScript, cookie manipulation, and Cloudflare protection.

However, these threat actors regularly change tactics to take advantage of loopholes in anti-corruption systems within automated platforms.

The CryptoCore community uses advanced techniques in its cryptocurrency frauds, such as live chat support through actual individuals on fake sites who skillfully deceive the victims into perceiving the authenticity of the scam, reads Avast report

They mainly focus on smart devices with a desktop/smart device ratio of 2:5 since more than 50% are not secure enough.

Their operations have earned about $5.4m worth of stolen cryptocurrencies within six months, with notable upticks during significant tech events like SpaceX launches.

Despite a consistent modus operandi involving deepfake videos, hijacked high-profile YouTube accounts (65% with over 100k followers), and professionally designed websites, platforms like YouTube and Cloudflare struggle to combat these scams effectively. 

The scammers use advanced techniques such as obfuscated JavaScript and Cloudflare protection to evade detection. 

Recommendations

Here below we have mentioned the recommendations:- 

  • Implement 2FA and strong passwords.
  • Exercise extreme caution regarding offers that seem too good to be true, particularly those involving cryptocurrency giveaways or investments.
  • Do not click any suspicious links.
  • Don’t download anything from any unknown or suspicious sources.
  • Use robust AV tools.



Source link