Resecurity has identified an increasing trend of cryptocurrency counterfeiting, the experts found several tokens impersonating major brands, government organizations and national fiat currencies.
Resecurity has identified an increasing trend of cryptocurrency counterfeiting. Ongoing brand protection for Fortune 100 companies by cybersecurity company uncovered several tokens impersonating major brands, government organizations and even national fiat currencies.
As in any other booming industry, the decentralized finance (DeFi) and crypto space has attracted its fair share of scammers and bad actors. These individuals seek to lure investors into fake projects known as rug pulls, only to abscond with their funds.
A notable example of this deceptive practice is the emergence of a counterfeit token named ‘BRICS’ recently detected by Resecurity, which exploited the focus on the investment interest and potential expansion of the BRICS intergovernmental organization, comprising countries like Brazil, Russia, India, China, South Africa, Egypt, Ethiopia, Iran, and the United Arab Emirates.
Besides scamming, bad actors also released misinformation about new countries joining the alliance, which didn’t confirm their membership. This is a great example of how bad actors capitalize on geopolitical narratives to profit from investment scams. Likely, unverified news stating BRICS countries adopting a gold-backed money to compete with the US dollar and Euro inspired bad actors with this idea which later transitioned into creative crypto-scam.
Leveraging a global international umbrella of the organization, fraudsters launched an initial coin offering (ICO) promoting the fake token offering various rewards.
This type of fraud was prominently observed on platforms such as Lobstr.co, which allows the creation of tokens on the Stellar network. Due to their flexibility in allowing users to offer their own tokens for trading, such platforms are especially susceptible to exploitation by cybercriminals.
The common fraudulent tactics they employ include ‘cryptocurrency counterfeiting’, where scammers create tokens with names like those of legitimate ones, and the aforementioned ‘rug pulls’.
As for today, the token was still available for trading attracting victims:
The offer already generated some interest and led to first victims:
Resecurity warns Internet users to perform due diligence of new cryptocurrency offerings and contact your local regulators to make sure they are legitimate.
Resecurity has identified and reported similar cryptocurrency counterfeit tokens promoted at the same platform impersonating:
- one of the major oil corporations
- national financial regulator
- national currency
- major real estate development
Some of these scams involved misleading information referencing Monetary Authority of Singapore and Central Bank of one of the countries in the Middle East.
According to Solidus Labs, ‘rug pull’ scams have defrauded over 2 million investors, surpassing the number of victims from major crypto failures like FTX, Celsius, and Voyager.
These scams typically manifest in two forms:
- DeFi scams involve altering a token’s smart contract to defraud investors. Tactics used include making the token unsellable, enabling the creation of an unlimited number of new tokens, or imposing high trading fees
- Exit scams are characterized by extensive promotion of a token, followed by the scammers betraying investors. Methods include creating fake marketing websites, announcing non-existent partnerships, or using bots for wash trading.
The low barrier to entry for executing these scams makes them accessible to a broad range of malicious actors, eliminating the need for advanced programming skills. Utilizing platforms like Stellar to create misleadingly named tokens is a common strategy in these ‘rug pulls’.
The cryptocurrency landscape faces significant challenges in combating such fraudulent activities, highlighting the urgent need for increased vigilance and more robust regulatory frameworks.
More details are included in the analysis published by Resecurity:
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, cryptocurrency counterfeiting)