Uppsala Security Releases the Virtual Asset Damage Response Center (CIRC) 2022 Report
“A new type of romance-based scam that attracts users to sign up for mining sites has increased by 10% compared to last year (2021)”
Singapore, 22nd February 2023 — The Crypto Incident Response Center (CIRC) of Uppsala Security, a leading South Korean blockchain virtual asset regulatory technology (RegTech) specialist, has recently released its “2022 CIRC Statistical Report.” The report is based on submissions received directly from victims of virtual asset crimes in South Korea, offering valuable insights into the trends and impacts of these incidents in the country.
CIRC (Crypto Incident Response Center) is a private organization that was established in April of 2020. For the past consecutive years, it has been dedicated to protecting companies and individual investors who have been victims of virtual asset fraud. We track and analyze wallet addresses at the request of victims, confirm the final destination of funds on exchanges, and write detailed incident reports. Additionally, we provide training on the tracking and analysis of virtual assets to corporate compliance teams and public institutions. As a result of an investigation, we issue a conclusive investigative report that can be submitted as legal evidence to local authorities.
In 2022, Uppsala Security received approximately 500 reports of virtual asset fraud, resulting in a total damage of 52.4 Billion KRW. Among the affected coins, Ethereum (ETH) and ERC-20 tokens were the most impacted, followed by Bitcoin (BTC) on the 3rd place. The most common type of fraud were romance-based scams, accounting for 30% of reported incidents, followed by private key leakage of cryptocurrency wallets (22%) and last but not least ICO investment fraud (17%).
Park Jeong-seop, Senior Researcher at Uppsala Security’s CIRC, said, “In 2021, social media and email phishing scams were the most commonly reported incidents. However, in 2022, the number of romance-based scams increased by 10% compared to the previous year, making it the most frequently reported scam. Notably, while romance-based scams were prevalent in the previous year by involving investments in certain coins/tokens, this year’s scams have a modified technique: using mining site subscriptions as bait.”
A common romance-based scam involves a fraudster approaching a victim on social media under the pretext of dating or marriage and luring them to a fake website that promises a guaranteed return on investment through cryptocurrency mining. The scammer initially requests a small investment to show the victim that the returns are legitimate, but later on, when the victim invests a larger amount, the scammer claims that it is difficult to cash out for various reasons. To make matters worse, the scammer may ask for an additional deposit to release the victim’s assets, often requiring the victim to take out a separate loan to meet these demands.
As previously stated, in 2021 there have been numerous instances of private keys being stolen through phishing sites that deceive users by changing the spelling of well-known website addresses (such as changing ‘.com’ to ‘.con’). Similarly, in 2018, many websites, including DeFi, mining investment, and DEXes, required users to link their personal wallets when signing up for membership. Hackers often exploit these connections to steal personal private keys and passwords. To prevent such theft, it is essential to verify the authenticity of a site by carefully checking its URL address and using browser extension tools that identify phishing sites (such as, for example, the free of charge UPPward browser extension available for Google Chrome, Brave, Edge and Firefox browsers). If any swap/trading site requests personal information where wallet linkage is required, it is recommended to be extremely cautious.
As of February 2023, Uppsala Security reports a cumulative total of 1,671 cases with reported damage to virtual assets of about 476.9 Billion KRW. The virtual asset tracking report by Uppsala Security’s CIRC can be used as evidence for fact-checking of cases reported by victims when submitted to judicial authorities and in some cases it can be a strong pillar in retrieving the lost funds.
About Uppsala Security
Uppsala Security built Sentinel Protocol, the first crowdsourced Threat Intelligence Platform powered by artificial intelligence, blockchain technology, and machine learning. Supporting the framework is a team of experienced cyber security professionals who have developed an award-winning suite of advanced tools and services for Crypto AML/CFT, Transaction Risk Management (KYC/KYT), Transaction Tracking, Regulatory Compliance, and Cybersecurity enabling organizations of every type and size to protect their crypto assets from malicious attacks and scams while meeting stringent regulatory compliance standards.
Uppsala Security is headquartered in Singapore, and has branch offices in Seoul, South Korea and Tokyo, Japan. You can follow Uppsala Security on Telegram, LinkedIn, Twitter, Facebook and Medium.