Home / News / Technology / Binance’s Velvet Capital Quick Reaction to Phishing Threat: Decreased Crypto Scams, Increased Ransomware and Darknet Activities
6 min read

Binance’s Velvet Capital Quick Reaction to Phishing Threat: Decreased Crypto Scams, Increased Ransomware and Darknet Activities

Published April 23, 2024 3:30 PM
Giuseppe Ciccomascolo
Published April 23, 2024 3:30 PM

Key Takeaways

  • A recent attack on Velvet Capital highlights the ongoing issue of DeFi platform vulnerabilities.
  • While the overall number of crypto thefts decreased in 2023, the methods are becoming more elaborate.
  • The rise in criminals using stablecoins underscores the urgency for tighter regulations and increased oversight of stablecoin issuers.
  • Ransomware attacks and darknet market activity rose in 2023, indicating criminals are adapting to countermeasures.

The cryptocurrency landscape is a double-edged sword. While it offers exciting opportunities, it also attracts malicious actors. The recent attack on Velvet Capital highlights the evolving tactics cybercriminals employ.

However, despite the rise of complex attacks, the number of hacks has decreased. But this doesn’t mean crypto users and traders can relax just yet.

Some Recent Attacks

On April 22, 2024, Binance-backed DeFi protocol Velvet Capital  faced a critical situation. A troubling phishing attack on its front end prompted the platform to shut down its website swiftly. The incident occurred just as the asset management protocol doubled its security measures to protect users against crypto-centric attacks.

Velvet Capital introduced its bloXroute Protect RPC to counter the attack, aiming to protect users from MEV Frontrunning and Sandwich Attacks. However, shortly after its announcement, the protocol’s website faced suspicious activity, raising concerns about user funds. On April 23, Twitter users noted unusual behavior on the website, prompting them to approve wallet access upon visiting the front end.

The Velvet Capital team promptly issued an “urgent security alert” on Telegram, advising users to refrain from connecting their digital wallets or conducting transactions until further notice. Simultaneously, the development team initiated an investigation and implemented additional security measures.

But this was just the most recent attack in the crypto space. Last week, a federal jury in New York convicted  a Puerto Rico resident of commodities fraud, commodities market manipulation, and wire fraud about his involvement in manipulating the Mango Markets decentralized cryptocurrency exchange. Avraham Eisenberg, aged 28, orchestrated a scheme to unlawfully acquire $110 million worth of cryptocurrency from Mango Markets and its clientele by artificially inflating the prices of specific perpetual futures contracts.

Furthermore, in an analysis shared on Reddit , an analyst traced approximately $760,000 worth of wstETH, stETH, and pufETH from a single victim to a known hacker address. The analyst observed that the victim appeared to have inadvertently approved malicious transactions. Upon closer examination using on-chain analysis, it was discovered that the stolen cryptocurrency now resides in a wallet linked to the attacker. And this is steadily growing, indicating it may collect funds from multiple victims.

Top Three Crypto Scams

Cryptocurrency scams persist as a global concern. Alberta Securities Commission  listed the top three scam  attacks and dissected the tactics used by fraudsters to target everyday crypto users.

The first is the “Social Media Deepfakes and Celebrity Endorsements.” Fraudsters use AI-generated deepfake technology to create convincing fake videos and images featuring prominent figures like Justin Trudeau and Elon Musk. These are used in social media campaigns to lure individuals into crypto scams. Remember, celebrity endorsements are not reliable financial advice.

Then, there are the “Romance Scams.” Post-pandemic, dating app fraud and romance scams have surged. Fraudsters exploit vulnerable individuals seeking companionship, soliciting money, or offering fake investment opportunities, including in crypto.

Finally, the “Recovery Room Scams.” Fraudsters pose as regulators or law enforcement officers, promising to recover lost crypto assets for a fee. They target recent scam victims, asking for fees or personal details. Legitimate authorities never contact individuals unprompted for recovery fees. Recovering lost crypto is often impossible, so skepticism is crucial

Fewer Attacks, But More Sophisticated

Cybercriminals’ profits from crypto heists plummeted by over 50% in 2023 compared to the previous year. In 2022, hackers made off with a staggering $4 billion, but that figure dropped to $1.7 billion in 2023, according to research  from blockchain intelligence firm TRM Labs.

Despite a decrease in the number of phishing attacks, TRM Labs cautioned that these attacks have grown more sophisticated. They highlighted the potential for the emergence of new, advanced threats that could quickly reverse the decline in hack volumes. They emphasized the importance of continued vigilance within the industry to prevent such a reversal from occurring in 2024.

TRM Labs underscored the ever-evolving and uncertain nature of the hacks landscape.

How a crypto scam works
How a crypto scam works. l Source: TRM Labs

While certain forms of illicit cryptocurrency activity, such as darknet market sales and ransomware extortion, primarily involve Bitcoin, others, like scamming and transactions linked to sanctioned entities, have shifted to stablecoins. These activities represent the largest forms of crypto crime by transaction volume, driving the overarching trend.

Sanctioned entities and those operating in sanctioned jurisdictions or involved in terrorism financing increasingly turn to stablecoins due to challenges accessing the US dollar through traditional means. Stablecoins offer stability while circumventing these obstacles. However, it’s worth noting that stablecoin issuers can freeze funds upon detecting illicit activities. For instance, Tether recently took action by freezing addresses  associated with terrorism and warfare in Israel and Ukraine.

Ransomware And Darknet Market Activity Increase

In 2023, ransomware and darknet markets emerged as standout performers in crypto crime, defying overall trends by experiencing significant revenue growth. This resurgence in ransomware revenue marks a disappointing reversal from the sharp declines witnessed the previous year, indicating a potential adaptation by ransomware attackers to the enhanced cybersecurity measures implemented by organizations – a trend initially flagged by Chainalysis .

Similarly, the upswing in darknet market revenue this year follows a decline in 2022, primarily attributed to the closure of Hydra, once the dominant player in the darknet market space. Despite the absence of a clear successor to Hydra, the sector is rebounding, with total revenue inching back towards its 2021 peaks.

Total cryptocurrency value received by illicit addresses
Total cryptocurrency value received by illicit addresses in 2018-2023 period. l Source: Chainalaysis

A significant trend in illicit transaction volume is the prevalence of sanctions-related transactions. In 2023, sanctioned entities and jurisdictions collectively accounted for $14.9 billion in transaction volume. This comprised 61.5% of all illicit transactions measured throughout the year. Much of this volume stems from cryptocurrency services sanctioned by the US Department of the Treasury’s Office of Foreign Assets Control (OFAC) or operating in sanctioned jurisdictions where US sanctions are not enforced.

While these services may serve legitimate users in sanctioned jurisdictions, they also present serious compliance challenges for crypto platforms subject to US or UK jurisdiction. For instance, despite being sanctioned by OFAC and the UK’s Office of Financial Sanctions Implementation (OFSI)  for facilitating money laundering, Russia-based exchange Garantex continues to operate within its jurisdiction. This scenario underscores the necessity for crypto platforms to remain vigilant and diligently screen for exposure to sanctioned entities like Garantex to ensure compliance with regulatory standards.

Was this Article helpful? Yes No