Last Friday, November 17, the program La Sexta Research Team dedicated a program to cryptocurrency scams, more specifically, to Celebrity Scams, a lucrative scam in which cybercriminals use fake cryptocurrency trading platforms so that victims invest their money in them.
During the investigation, the La Sexta team contacted Zerolynx to request technical support and be able to answer some questions. Our colleagues collaborated in this work. Noelia and Sergio, from our cyber intelligence team, and part of the results were presented by our CEO, Juan Antonio Calles, in different interventions during the course of the program.
Our intervention began with the analysis of a series of links to supposed websites where images of celebrities related, mainly, to the program El Hormiguero on Antena 3, were presented. These public figures, according to said websites, would have become millionaires through cryptocurrency trading platforms, a simple and attractive hook to attract potential victims, less familiar with the use of the Internet.
The study of the websites led to the obvious and expected conclusion, these were articles created to encourage clicking towards false trading platforms. These websites were created and deleted every few days, although some of them were hosted on the platform Medium They remained active for many weeks, and some, like the following, remain active as of the date of publication of this article:
https://medium.com/@josuegarciavillavazquez/informe-especial-la-%C3%BAltima-inversi%C3%B3n-de-boris-izaguirre-asombra-a-los-expertos-y-aterroriza-a-los-b10406538bd9
But where did these trap websites go? Well, all the sites were flooded with links pointing to the same platforms, supposed pages from where Internet users could invest in cryptocurrencies. Specifically, the ads that the La Sexta team asked us to investigate directed to different variants of the "Immediate Edge" platform. The links are still alive and indexed on Google: https://www.google.com/search?q=immediate+edge.
With another Google search you can see that this supposed company has a warning from the CNMV warning that said entity cannot operate in accordance with the Securities Market Law.
Majo Sellens and the rest of the team that coordinated the investigation decided to register on several of these platforms with a real telephone number, and they were able to see how shortly after they began to be harassed by supposed financial managers who wanted to advise them on investing. At the beginning of the program, in the scene that we share with you below, one of these calls could be seen.
Two of the communications they received were through the WhatsApp platform, and they provided us with the images and numbers of the supposed financial advisors (Juan and Natalia) so we could investigate who was behind them.
It didn't take us long to realize that Juan was not Juan, it was a fake profile with an image taken from one of the many image banks where the photograph was available:
After various conversations, Majo receives different wallets of Bitcoin where you can start investing your first €250, and provides us with some of them to verify if the virtual wallets existed, and if they had movement.
The first of the wallets that they provided us had moved about 4,000 dollars, and the money that they received was quickly moved to other wallets:
We were able to track up to 4 money jumps between wallets.
The amount of money of the last wallet It attracted a lot of attention from journalists, and no wonder, because the amount moved exceeded the GDP of many countries, but that is the reality of cryptocurrencies, they are no longer an underworld contrary to what many people may continue to think:
Both the jumps that the initial transfer would have made through the different wallets that we were able to monitor, and the movements that can be seen in this last wallet (belonging to a large exchange platform, Binance), complicate trace and identify who would be behind the scams.
However, the modus operandi of this type of crime is usually characterized by moving money through highly discreet platforms such as mixers. Therefore, in the program, already in its final part, we were talking about websites like Sinbad, a mixer through which it is possible (more or less) to thwart money tracking efforts, taking it and mixing it with other users' cryptocurrencies. This service is paid for through the commissions it charges depending on how quickly you want to launder the money:
The Sixth team went beyond our brief technological investigation and reached Albania, they located former employees of these scam groups and many deceived victims, so don't stop watching the program. We are sure that thanks to this work thousands of people will avoid being scammed, and we will be able to continue making the Internet a safer place for everyone.
All the best!
