WithSecure researchers have exposed a network of fraudulent YouTube videos, channels and associated web applications that are manipulating users into joining dodgy cryptocurrency investment schemes. Some of these videos have millions of views, and many users have been scammed out of their money.
The fraudulent operation is promoting a USDT cryptocurrency investment scheme. USDT, which is pegged to the US Dollar and known as a stablecoin, has been heavily criticised over its opaque practices, and has been the subject of multiple regulatory and legal probes.
The network of videos comprises well over a thousand videos, many of which are receiving inauthentic and probably automated engagement – intended to legitimise the videos – from hundreds of distinct sock puppet YouTube channels (some verified) set up to give the operation a sense of legitimacy. The whole setup seems to be run by a group of 30 scammers who use the encrypted Telegram application to coordinate their work.
Led by security expert Andy Patel, the team analyzed a number of five- to 10-minute-long videos that all follow the same script and are presented in a number of languages.
The scripts show you how to bring up an app or website where you can register with a username and password, and recharge the account with USDT cryptocurrency, said Patel. [However,] if you put in more money, you get a reward. [Naturally,] putting money into the app is putting it into the scammer’s wallet.
The team found over 700 distinct URLs masquerading as investment web apps, each of them nothing more than a cryptocurrency wallet run by the scammers. Once funds were transferred from the victim’s cryptocurrency wallet to the scammers’, the victim was supposedly earning commission and rewards, and in common with other similar scams, will often be shown what appears to be evidence of this, which will never actually materialise.
The web apps also offer a withdrawal functionality, which, according to Patel, “doesn’t work”. The WithSecure team saw no evidence of any transfers back to the victims’ wallets.
“It’s not even a pyramid scheme,” said Patel. “It’s just convincing people to give away their money.”
Cryptocurrency enthusiasts are being targeted by a new scam that involves videos of a white whale. The videos are of low quality and do not appear to be localised, beyond being translated, suggesting that the scam is largely an opportunistic one. Patel said the network he observed seemed to be targeting existing cryptocurrency enthusiasts.
FAQ
Q1: What is the fraudulent operation that WithSecure researchers exposed?
A1: WithSecure researchers have exposed a network of fraudulent YouTube videos, channels, and associated web applications that are manipulating users into joining dodgy cryptocurrency investment schemes.
Q2: What type of cryptocurrency investment scheme is being promoted by the fraudulent operation?
A2: The fraudulent operation is promoting a USDT cryptocurrency investment scheme. USDT is pegged to the US Dollar and is known as a stablecoin.
Q3: How many fraudulent videos are part of this network, and how are they receiving engagement?
A3: The network comprises well over a thousand videos, many of which are receiving inauthentic and probably automated engagement from hundreds of distinct sock puppet YouTube channels (some verified) set up to give the operation a sense of legitimacy.
Q4: How many scammers are involved in running this operation, and how do they coordinate their work?
A4: The whole setup seems to be run by a group of 30 scammers who use the encrypted Telegram application to coordinate their work.
Q5: How do victims fall for this scam, and what happens to their money?
A5: The victims fall for the scam by being convinced to put money into an app or website that claims to offer rewards and commissions for investing in USDT cryptocurrency. However, once the money is transferred to the scammers, victims receive nothing in return. The web apps also offer a withdrawal functionality, which, according to the WithSecure team, “doesn’t work”.