What tricks and scenarios attackers use to steal cryptocurrencies of the exchange’s affected users

​Compensations, giveaways, and deepfakes. How scammers take advantage of FTX’s crash

22.11.2022

1122

6 min

The collapse of FTX dealt a powerful blow to the crypto market and led to multimillion-dollar losses for its users. While the crypto community is dealing with the consequences of the exchange’s collapse, scammers are using it as an excuse to embezzle even more cryptocurrencies from affected investors.

On Saturday, November 19, the Singapore police issued an official warning about the site, which allegedly belongs to the US Department of Justice (DOJ), and offers FTX’s affected users to use their accounts on the exchange to “be able to withdraw their funds after paying legal fees.” Apparently, the site was a typical attempt to phish these accounts, as well as additional ways to embezzle money from gullible investors.

During the rapid collapse of the exchange, scammers tried every way to take advantage of the panic and inattention of those who were not yet ready to accept the fact that their money was stuck on FTX. Even after the announcement of its bankruptcy, more and more subtle ways to lure traders into fraudulent schemes are emerging.

Before FTX’s collapse, its support on its official Telegram channel was considered responsive and timely. When news of the exchange’s likely bankruptcy began to emerge, thousands of users panicked and began texting in chat and commenting on posts on the channel, whose moderators were physically unable to cope with such a flood of messages and ended up disabling the chat and the ability to comment on posts.

Before that, the channel was filled with spam and “offers” from scammers. Some of them presented themselves as employees of FTX, allegedly solving the problem with the withdrawal of stuck money from the exchange. New York Magazine’s journalist John Herrman writes that when he simply signed up for the channel in an attempt to find out what was going on, he began receiving calls from “FTX support agents,” portraying sympathy and offering “quick solutions.” To do so, he had to go to a specific site and “log in to our systems with an existing crypto wallet.”

NFT fraud. What are the schemes and how to protect yourself

More sophisticated schemes are popping up, through which scammers are trying to embezzle funds from investors already affected by FTX’s crash. Over the weekend a deepfake video started circulating on Twitter in which the exchange’s former CEO Sam Bankman-Fried says he is ready to offer “compensation” to anyone who has funds stuck on the balance of FTX.

This was pointed out by Motherboard’s journalists. According to their observations, the video first appeared in the account S4GE_ETH, which had verification. After the purchase of Twitter, Elon Musk gave every user of the social network an opportunity to buy a verification mark for $8 a month, but after an influx of scammers, he abandoned this idea.

The video itself uses one of Bankman-Fried’s earlier interviews as its basis, where his speech was spoofed with a recording made by scammers. The technology with the use of artificial intelligence allowed scammers to create realistic facial expressions and lip movements synchronized to the audio recording. The voice on the recording does resemble Bankman-Fried’s, but it sounds more robotic and the speech is generally more constrained.

“Hello everyone. As you know, the FTX exchange is going bankrupt. But I hasten to inform all of the users that you should not panic. As compensation for the last, we have prepared a giveaway for you, in which you can double your cryptocurrency. To do this, just go to the site,” the fake Bankman-Fried says in the video.

The original tweet has been deleted, but the fraudulent site itself is still active at the time of publication. Its only page features a blurry photo of Bankman-Fried and a promise to give away up to $100 million in bitcoins and Ethereum. The site contains the same grammatical errors as the text in the video.

Screenshot of the fraudulent website

Source: Vice.com

At the time of the discovery by journalists, the Ethereum wallet of the scammers behind the site had 1,2 ETH on it, and not a single transfer was received at the bitcoin address.

The involvement of social media users in FTX-related fraudulent resources reached the point of absurdity. A group of Internet trolls spread fake news on Twitter and Reddit about the publication of an intimate video featuring Bankman-Fried and Alameda Research CEO Caroline Ellison, and this was also used by attackers. A site was created where it was allegedly possible to gain access to the video by “logging in” through a crypto wallet. If a victim of scammers approved the transaction, all available assets were automatically withdrawn from the wallet.

In Singapore, retail investors are not the only ones affected by the collapse of FTX. Temasek, a state-owned holding company, issued a statement that it would write off $210 million and $65 million of its investments in FTX and FTX’s US unit FTX US, respectively.

FTX declared bankruptcy on November 11. On the same day, Bankman-Fried stepped down as its CEO. Calls for tighter regulation of the cryptocurrency sector intensified sharply after the collapse of the exchange. Under the leadership of FTX’s newly appointed CEO, John J. Ray, the company conducted a review of its assets as part of the bankruptcy process. Ray openly stated that he has never seen anything worse in his career than the current state of affairs at FTX.

Subscribe to Getblock Magazine and stay up to date with the latest news from the world of cryptocurrencies and the digital economy