Fraudsters Pulled Off A $27 Million Cryptocurrency Heist

By India Bottomley on ALTCOIN MAGAZINE

--

Six people have been arrested for stealing cryptocurrency from over 4,000 people’s virtual wallets by impersonating blockchain.com.

Using a technique known as typosquatting, where fraudsters imitate a known domain by operating under a similar URL and copying the interface of the genuine site, the fraudsters were able to access thousands of people’s crypto wallets. The perpetrators impersonated Blockchain.com and gathered login details from users who believed they were trying to log in to the genuine site. The criminals then used those login credentials to access users’ accounts and empty them, to the total value of around $27 million.

The investigation began when police received a report of £17,000 worth of cryptocurrency being stolen from a U.K.-based Blockchain.com user, but after starting their investigation into that case they uncovered a large number of other linked cases. Authorities are expecting more victims to come forward as the police continue their investigation, and as the story starts to reach mainstream media.

According to the U.K.-based South West Regional Cyber Crime Unit (SW RCCU), the technique allowed the fraudsters to steal coins from users based in 12 different countries. The RCCU worked alongside Europol, Eurojust, the U.K.’s National Crime Agency, and their investigation was supported by the Wiltshire Police, South East Regional Organised Crime Unit, and the Avon and Somerset Police. Investigators found that fraudsters had paid for Google AdWords adverts promoting the bad link to drive users to the fake website according to Detective Inspector Louise Boyce, who spoke to ISMG earlier this week.

The technique used by the fraudsters has prompted Europol to remind internet users to check the URL of the website they are using before entering any personal credentials, including usernames and passwords. Phishing techniques used by fraudsters in emails follow the same principle, relying on users not checking which website they are being sent to before going ahead to use the website.

According to Europol, the six arrests were made in the U.K. and in the Netherlands, and are the result of a 14-month long investigation into the large-scale fraud case. The arrests were coordinated simultaneously in Charlcombe, Lower Weston, and Staverton in the U.K., as well as in Amsterdam and Rotterdam in the Netherlands. As of today, it is unclear whether the individuals who were arrested have been charged.

--

--