Blog

Dobryshkin Sergey

Dobryshkin Sergey

Fraudsters are trying to make money amid the coronavirus pandemic and the fight against it. In particular, at the beginning of this week the number of spam mails allegedly on behalf of the World Health Organization (WHO) has increased. The letters speak of fundraising for COVID-19 Funds worldwide.

Specialists of the portal SICP.ueba.su analyzed one of these letters, which was sent from This email address is being protected from spambots. You need JavaScript enabled to view it.. It turned out that the second-level domain is actually used by WHO, but it was this letter that was sent from a mail server located in the state of Colorado in the United States of America and in transit passed through a reference mailer in the German municipality of Mauern.

Experts also learned that a link to a picture with a QR code (the address of a bitcoin wallet for donations) leads the reader directly to the portal of the investment company Five Stand Capital, located in the US city of Atlanta from Georgia. As follows from the official information on the company's website, it is a partner of large US investment funds in the United States. The portal itself is hosted by GoDaddy in Oregon (Portland). Still there are three site mirrors - for various domain zones.

This email was first sent from the SendGrid.net mail server, which is also located on GoDaddy’s resources in Colorado, Denver. And, judging by the information bases, another 13 resources are located on this IP address, nevertheless, only one of them is displayed - a web-based mail gateway.

It is important to consider that on the official website of the WHO there is no way to donate funds in the form of cryptocurrency - bitcoin. The same is true of their dedicated donation collection site. And there is even a warning that they do not send any letters.

Apparently, fraudsters are trying to cunningly take advantage of the global crisis situation, possessing a good knowledge of modern technology. Or maybe the owners of WHO decided to use all available tools to raise funds. And experts are wondering, where is the hosting site for WHO?

Interestingly, so far, no funds have been received to the cryptocurrency wallet, which is indicated in the letter of the scammers. The wallet is constantly monitored by SICP platform experts, however, like other malicious purses known to them.

Source: CryptoRussia.ru

Tuesday, 17 September 2019 16:14

CLOUDTOKEN - 150X PROFIT OR PYRAMID SCHEME?

Since the spring of this year, a project called CloudToken is actively developing and promoting the network, positioning itself as "the first wallet in the world that integrates all crypto assets of the blockchain on one platform." Their goal is to provide project participants with a special ecosystem of public savings.

The project supports 7 major cryptocurrencies and stablecoins, 21 referral levels, has a mobile application (wallets in leading marketplaces) and offers its participants a yield of 6 to 12% per month, as well as 150-fold profit (!) For 2019. At the same time, the first participants (top of the pyramid?) Are promised support for the issuance of payment cards.

The project attracts its participants (the number of which, according to some estimates, has already exceeded 800,000 people) with the help of the so-called "network leaders" from around the world. For example, in Russia and neighboring countries, Pavel Chernyshev is engaged in resource promotion.

Information on the project website is presented in English and Chinese, the legal entity Cloud Technology and Investment Pty., LTD is registered in Australia, and the United States is indicated as the geolocation of the site. Currently, 145 countries are involved in the scheme.

The process of making a profit is described on the resource as follows:

1. Participants send funds to ETH / BTC in the Jarvis bot asset management pool.

2. A tool called Varoom collects data from over 38 cryptocurrency exchanges.

3. Varoom transfers assets to the Jarvis AI BOT.

4. Varoom instructs Jarvis.

5. Jarvis trades on exchanges.

6. Information is collected on the latest prices at CoinMarketCap.com.

7. Members receive rewards in CTO tokens.

8. The rest of the earned funds are transferred to the Jarvis Asset Reserve.

9. Jarvis Asset Reserve supports the rate in the conversion wallet.

10. Participants can convert CTO to ETH, BCH or other cryptocurrency at any time.

The mobile application offered for download is positioned as a cryptocurrency multi-wallet with passive income (while funds can be sent in only one direction), as well as a trading bot (without confirming trading volumes). Nevertheless, judging by the volumes, the funds received from participants (victims?) Are immediately transferred to controlled sites and cold wallets.

According to an investigation conducted by the experts of the cybersecurity resource SICP (sicp.ueba.su), the total amount of funds that have passed through only one wallet currently exceeds 6 billion rubles, and this figure is constantly growing.

In particular, as a result of the investigation, it was found that all the main assets of the CloudToken project are transferred to the South Korean crypto exchange Upbit, and also are withdrawn through wallets in Thailand (in some cases they are frozen).

Below is some more evidence that the CloudToken project is just another pyramid scheme.

1. Despite the fact that the organizers of the project position it as a “completely decentralized cryptocurrency wallet”, in fact it’s hard to even call it a wallet. In fact, users only get access to the server, where they see their tokens. Judging by the CloudToken tracker on Etherscan, all it can boast of is 4 addresses and 5 transactions, with 99.9999% of the funds held at one address. Thus, buyers give their money, but do not become owners of the coveted tokens.

2. In the promotion of the service involved people who have repeatedly advertised fraudulent schemes.

3. Lack of evidence of trading using the Jarvis bot. Although representatives of the project claim that they generate profit using the Jarvis AI Bot bot, which is used for arbitrage trading on exchanges, there is no evidence of such trading on the resource.

4. Cryptocurrency pyramid based on the Ponzi scheme. Project participants on the referral side need to replenish their account by at least $ 500, after which they will be able to receive commissions for attracted people. In this case, commissions are paid up to level 21. It is unlikely that such a scheme can last long.

5. Lack of use cases. CloudToken does not have application scenarios in the real world, it can only be purchased from developers, and no token exchanges accept. The price of the token is not supported by anything, the demand for it is artificial. The company can change the value of the token at any time.

6. Lack of access to CTO wallet private keys. Users do not receive secret keys from the "wallet", instead they are given a password or PIN code.

7. The promise of high return on investment. Most projects that promise high investment returns actually turn out to be scams, unless the program has official registration and regulation.

8. Invalid information. The White Paper of the project mentions the names of people who have nothing to do with the project.

From the foregoing, we can conclude that CloudToken does not have a secure cryptocurrency wallet, its founders do not trade on the exchange and deceive investors. In addition, the project is advertised by well-known network scammers, and the CloudToken address is involved in the services of doubling bitcoins and the distribution of paid prohibited content.

Source: CryptoRussia.ru

PlusToken could be the largest scam in the history of financial pyramids. This project has already raised almost $ 3 billion in cryptocurrencies.

At the end of June of this year, six PlusToken project fraud suspects were arrested in China, while another part of the executives is still at large.

According to Elementus researchers, PlusToken collected 10 million ETH from over 800 thousand contributors. In addition to ETH, funds were invested in the project in other digital assets - in bitcoins, XRP and EOS. The total amount of funds raised is impressive - almost $ 3 billion in terms of the exchange rate. Investors live in almost all Asian countries, as well as in Russia, Ukraine, Germany and Canada.

According to preliminary estimates of other researchers, the PlusToken pyramid attracted about 200 thousand bitcoins, 789 thousand ETH and 26 million EOS. All of these funds went to wallets controlled by the PlusToken team. It was possible to track the funds of defrauded investors thanks to the cryptocurrency transaction analysis service created in the Special elaborations department of the Technopark of St. Petersburg. It is known that some of the bitcoins were already cashed by criminals through the Huobi Global and Bittrex crypto exchanges, while the other part settled on one of the crypto wallets.

In particular, PlusToken organizers transferred almost half of the funds raised to the Singapore Huobi crypto exchange - at least 4.3 million ETH of the total ETH.

The PlusToken project was launched in 2018 as an international cryptocurrency project and a decentralized solution (crypto wallet), supported by a team from South Korea. Project promotion was supposed mainly in Asian countries - China, Japan, Myanmar, Vietnam, as well as in Russia and Europe. The project immediately had obvious signs of a financial pyramid - a referral system was offered to investors and a monthly profit of 6% to 19% was promised. According to experts, the PlusToken fraudulent scheme is organized on the principle of the already closed BitConnect platform - with tokens and dividends. The capitalization of BitConnect tokens at the top of trading was a little over $ 121 million, and the capitalization of PlusToken was already $ 17 billion.

Although the PlusToken pyramid has ceased to exist, "a holy place does not exist empty." Similar projects Cloud Token and VDS (Vollar) appear on the market with a market capitalization of $ 1 billion and are already becoming popular, including among Russian-speaking users.

Earlier we reported what a financial pyramid is. Often, pyramids are often understood as MLM - a method of marketing promotion and sales that has been used for many years. Nevertheless, there are different nuances. A synonym for the “evil” pyramid is a scheme named after Ponzi, an Italian-American scammer who created a scam, massively promising investors profit from the contributions of new participants, forming a pyramid until the collapse that inevitably occurs, according to the nature of speculation and any financial bubbles. In our country, Mavrodi distinguished himself with such a fraud with the MMM pyramid. The concept of a financial pyramid is fixed at the legislative level and you can pay for it, including imprisonment for up to six years. So far, the practice of applying this criminal article is not very common.

The Central Bank of Russia gives several main signs of the financial pyramid in its recommendations: paying money to participants from funds contributed by other participants, lack of licenses for this type of activity, promise of high profitability, lack of information about the financial position of the organization, lack of own fixed assets or assets, lack of certain type of activity of the company.

Source: CryptoRussia.ru

About SICP

Security Intelligence Cryptocurrencies Platform - Cybersecurity infrastructure of the blockchain and antifraud in the cryptocurrency sphere. SICP - antiscam, trust, compliance.

Get In Touch

Address: Russia St. Petersburg Marshal Tukhachevsky 22

Phone: +7 (812) 983-0483

Fax: +7 (812) 983-0483

Email: sicp@ueba.su

Website: www.ueba.su

Join Our Community

Sign up to receive email for the latest information.
© 2020 SICP. All Rights Reserved.

Search