A new report from WithSecure describes a network of fraudulent web-based apps posing as Tether cryptocurrency investment schemes.
The network uses thousands of videos, some of which received inauthentic engagement from hundreds of YouTube channels managed by a small group of scammers using Telegram for communication and running operations.
Researchers estimate the group to have around 30 members, who use automation to copy/paste comments for the videos in an attempt to legitimize the fraudulent apps to potential victims.
The report found over 700 URLs hosting these fraudulent web-apps served by the network, with analysis of associated cryptocurrency wallets implicating the possible involvement of thousands more. While potential investors would transfer money from an existing cryptocurrency wallet to one of the apps, the researchers did not observe any transfers from the apps back to the wallets. WithSecure™ researchers estimate that the fraudulent apps they discovered generated just over $100,000 in revenue from approximately 900 victims.
Cryptocurrency scams aimed at defrauding potential investors have become a significant problem on the internet, particularly social media, with the US Federal Trade Commission reporting that 46,000 people reported losing over a billion dollars in crypto to scams between the beginning of 2021 and June 2022, with nearly half saying it started on a social media platform. WithSecure Intelligence Researcher Andy Patel believes that these particular scams are not very profitable, but they have figured out how to game YouTube's recommendation algorithms by using a fairly straightforward approach.
The report details the anatomy of the videos and apps behind these scams, analyses two associated scam apps in detail, explores the #usdtmining YouTube hashtag, describes the blockchain analysis methodology used on crypto wallets associated with the scams, and presents recommendations for YouTube. The report recommends that YouTube's content policies and rules around cryptocurrency scams and misleading content need to be updated and better enforced.