New Threat Research: Uncovering Adversarial LDAP Tradecraft

Read Threat Research


Ukraine Takes Down Cybercrime Group Hitting Crypto Fraud Victims

The National Police of Ukraine (NPU) carried out an operation against a network of call centers that supported a cybercrime group focused on financial and cryptocurrency scams. The fraudsters behind these illegal call centers were also allegedly involved in scamming citizens of Ukraine and European Union countries interested in cryptocurrency, securities, gold, and oil investments. The group would spoof phone numbers of state banking organizations to trick individuals into believing they were speaking with legitimate crypto brokers. The attackers also used contact information belonging to previous victims of other cryptocurrency scammers to deceive them that they could help them recover their stolen funds for a “commission.” ​Ukrainian law enforcement officers confirmed these illegal activities following authorized searches at the location of multiple “call centers” linked to this cybercrime operation and the seizure of computer equipment, mobile phones, and data records. Those linked to this fraud scheme are investigated for being part of an organized criminal group, fraud, and using malicious software, and are facing up to 12 years in prison

Analyst Notes

The U.S. Federal Trade Commission (FTC) stated last year that more than $80 million were lost to cryptocurrency investment scams, according to roughly 7,000 reports received since October 2020. The FTC recommends that individuals should beware if you spot these warning signs of an investment scam:

• Guaranteed High Investment Returns. Promises of high investment returns – often accompanied by a guarantee of little or no risk – is a classic sign of fraud. Every investment has risk, and the potential for high returns usually comes with high risk.
• Unsolicited Offers. Unsolicited offers (you didn’t ask for it and don’t know the sender) to earn investment returns that seem “too good to be true” may be part of a scam.
Red flags in Payment Methods for Investments.
• Credit Cards or Digital Asset Wallets and Cryptocurrencies. Most licensed and registered investment firms do not allow their customers to use these methods to invest.
• Wire Transfers and Checks. If you pay for an investment by wire transfer or check, be suspicious if you’re being asked to send or to make the payment out to a person or to a different firm, the address is suspicious (for example, an online search for the address suggests it is not an office building where the firm operates), or you are told to note that the payment is for a purpose unrelated to the investment