Finance
Sha Zhu Pan scammers use fake cryptocurrency trading pools to steal more than $1 Million, Sophos reports
The Story of One Scammed Victim in the Crypto Trading Pool Who Lost $22,000 in One Week, according to Sophos, SANDRA ANI reports
Sophos, a global leader in innovating and delivering cybersecurity as a service, today released findings on a major shā zhū pán (pig butchering) operation utilizing fake trading pools of cryptocurrency (liquidity pools) to steal more than $1 million.
The report, “Latest Evolution of ‘Pig Butchering’ Scam Lures Victim in Fake Mining Scheme,” details the story of one of the scammed victims in the pools, named *Frank, and how he lost $22,000 in one week after “someone” pretending to be “Vivian” on the dating app MeetMe contacted him.
After Sophos X-Ops investigated Frank’s story, the team uncovered a total of 14 domains associated with the scam operation, as well as dozens of nearly identical fraud sites that, together, netted this one “ring” of pig butcherers more than $1 million in three months.
This scam takes advantage of the largely unregulated world of decentralized finance (DeFI) cryptocurrency trading applications. Such applications create “liquidity pools” of various types of cryptocurrencies that users can then access to make trades from one cryptocurrency to another. Those who participate in the pool receive a percentage of any fee paid when a trade is made, creating an enticing return on investment.
To join a pool, participants first have to sign an online smart contract—a contract that gives another account (typically the operators of the pool) permission to access participants’ wallets to facilitate trades.
Fake pools, which pig butcherers are increasingly utilizing to siphon funds from targets, operate in much the same way. However, unlike legitimate pools, at some point these scammers “pull the rug” and empty the entire liquidity pool for themselves.
“When we first discovered these fake liquidity pools, it was rather primitive and still developing. Now, we’re seeing sha zhu pan scammers taking this particular brand of cryptocurrency fraud and seamlessly integrating it into their existing set of tactics, such as luring targets over dating apps. Very few understand how legitimate cryptocurrency trading works, so it’s easy for these scammers to con their targets. There are even toolkits now for this sort of scam, making it simple for different pig butchering operations to add this type of crypto fraud to their arsenal. While last year, Sophos tracked dozens of these fraudulent ‘liquidity pool’ sites, now we’re seeing more than 500,” said Sean Gallagher, principal threat researcher, Sophos.
Sophos X-Ops first learned of this liquidity mining operation from a victim named Frank. Frank had connected on the dating app MeetMe with a scammer hiding behind the persona of Vivian, a German woman supposedly living in Washington, D.C. for work. For weeks, Frank chatted with Vivian, who mixed her romantic promises with persistent attempts to convince Frank to invest in crypto.
Eventually, Frank opened a Trust Wallet account (a legitimate app for converting dollars to cryptocurrency) and connected to the link to the liquidity pool site Vivian recommended.
In reality, the pool site was a fraud site utilizing the brand of Allnodes, an established decentralized finance platform provider, as a cover. Between May 31 and June 5, Frank invested $22,000 in the scheme. Just three days later, the scammers emptied Frank’s digital wallet.
Frank, looking to recover his money, turned to Vivan, who claimed he needed to invest even more in the pool to recover his funds and reap the “rewards.” While waiting for his bank to authorize a money transfer to Coinbase, Frank started researching what was going on and came across an article on liquidity mining from Sophos. At this point, Frank reached out to Gallagher for help.
Even after Gallagher instructed Frank to block Vivian, she eventually found him on Telegram and continued her attempts to entice him into “continuing their investment,” going so far as to send a lengthy, emotional letter that was very likely created by a generative AI app.
“What makes these sorts of scams particularly tricky is that they don’t require any malware to be installed on a victim’s device. They don’t even involve a fake app, like some of those we’ve encountered in other CryptoRom scams. This entire fake liquidity pool was run through the legitimate Trust Wallet app. At one point, Frank even tried to contact Trust Wallet’s support to recover his money, but he connected with a fake support contact from the fraudulent liquidity pool site. There is no regulation of these pools, legitimate or otherwise, on these crypto apps. These scams succeed solely through social engineering, and the scammers are persistent. Vivian continued trying to contact Frank for weeks after he blocked her on WhatsApp.
“The only way to stay safe from these scams is to be vigilant and know that they exist and how they operate. That is why Frank wanted to share his story. Users need be wary of anyone they have no connection with reaching out to them suddenly via any dating app or social media platform, particularly if the ‘person’ reaching out wants to move the conversation to a platform like WhatsApp and then discusses investing in cryptocurrency,” said Gallagher.
Sophos has shared its data on this case with Chainalysis and Coinbase, as well as other threat intelligence professionals in the cryptocurrency space, all of whom continue to investigate. People who believe they may be a victim of pig butchering or liquidity mining fraud are free to reach out to Sophos. They should also reach out to their local law enforcement for assistance.
For more about the rise of liquidity mining scams in “Latest Evolution of ‘Pig Butchering’ Scam Lures Victim in Fake Mining Scheme,” go to Sophos.com.
*[Name has been changed to protect the privacy of the victim].
Flutterwave, Africa’s leading payments technology company, has announced today that its online merchants in Nigeria can now accept American Express payments.
American Express Card Members – with consumer, business, or corporate cards – will be able to make payments directly to e-commerce businesses using Flutterwave in Nigeria.
This service will also be available to Flutterwave merchants in other countries including Tanzania, Rwanda, Ghana and Uganda in the near future.
This collaboration facilitates online transactions and offers a range of benefits for both merchants and online shoppers:
- Flutterwave merchants can attract business from a new customer base of American Express Card Members in Africa and around the world. This includes consumers with personal cards and spenders with business or corporate products. Terms and conditions apply.
- For shoppers, there is more choice when it comes to being able to select their preferred method of payment when transacting with Flutterwave merchants. This collaboration strengthens the American Express global network and increases the number of locations across Africa that can be used by American Express Card Members to purchase a range of different goods and services.
Speaking on the development, Olugbenga ‘GB’ Agboola, Founder and CEO, Flutterwave, said:“At Flutterwave, we’re always looking for ways to connect the world to Africa through payments. This is one of our initiatives to ensure that more people across the world can pay using Flutterwave in Africa. We understand the value of providing shoppers with payment methods that work for them, as well as helping businesses to expand their customer bases. This collaboration also provides more options of where to shop and what to buy to American Express card holders across the globe. By offering American Express as a method of payment, Flutterwave will make the payment process faster and simpler for American Express card holders, and improve the experience for e-commerce businesses using Flutterwave, helping them to start locally and sell globally.”
On his part, Briana Wilsey, Vice President and General Manager of Global Network Services EMEA at American Express, said: “American Express continues to expand in Africa to enable greater payment choice for businesses and consumers. Through the agreement with Flutterwave, a trusted payment provider, we are giving e-commerce merchants in Nigeria the opportunity to reach American Express Card Members around the world. The collaboration is a win-win because it also increases the number of places where our Card Members can use their Cards in Nigeria.”
Flutterwave and American Express share similar visions; to enable businesses across the world to expand their operations in Africa and other emerging markets through a platform that enables local and cross-border transactions via one Application Programming Interface (API).
Flutterwave has processed over 630M transactions in excess of USD $31B, serves global and African customers like Uber, Air Peace, Bamboo, PiggyVest, and across various industries. On the other hand, American Express is a globally integrated payments company, providing customers with access to products, insights and experiences that enrich lives and build business success.
…Posts N3.3trn Net Profit, Declares N2.1trn Dividend
…Targets 2mbpd Crude Oil Production by December 2024
The NNPC Limited has released its 2023 Audited Financial Statement (AFS), declaring a net profit of N3.297 trillion at the close of the financial year which ended in December 2023, an increase of over N700billion (28%) when compared to the 2022 profit of N2.548trillion.
In a world press conference held at the NNPC Towers in Abuja on Monday, the Chief Financial Officer of the Company, Mr. Umar Ajiya said the release of the AFS is a testament to the Company’s commitment to transparency and accountability.
“Our fiscal performance reflects both strategic foresight and operational resilience. Despite inherent challenges of our operational and economic environment, we have improved the productivity and the financial performance of this great company,” Ajiya stated.
Ajiya added that posting such impressive returns demonstrates NNPC Ltd’s commitment to sustaining profitability and supporting the attainment of national energy security as stipulated by the Petroleum Industry Act (PIA) 2021, and by extension, as expected by the Company’s shareholders.
Explaining that the NNPC Ltd will announce Initial Public offer (IPO) once the shareholders and Board make a decision, Ajiya also debunked claims on subsidy payment, saying the Company was only taking care of the shortfall on PMS importation between it and the Federation.
Speaking earlier at the press conference, the Chairman of the NNPC Ltd Board, Chief Pius Akinyelure said that the excellent performance came as the fruit of the PIA 2021, the commitment of the Board, Management and staff of the company.
Akinyelure added that the shareholders of the company have since approved a final dividend of N2.1trn in line with PIA 2021 provisions.
In her remarks at the briefing, the Executive Vice President, Upstream, Mrs. Oritsemeyiwa Eyesan said with improvements witnessed as a result of the renewed vigour in the war against crude oil theft and pipeline vandalism, NNPC Ltd is targeting 2million barrels per day crude oil production by the the end of the year.
On the current fuel queues in parts of Lagos and the FCT, the Executive Vice President, Downstream, Mr. Dapo Segun appealed for understanding from Nigerians, saying that the the Company is working with relevant stakeholders to address the distribution, evacuation and logistics challenges.
It would be recalled that in 2021, NNPC declared profit in its operations for the first time. From a loss position of N803 billion in 2018, it reduced the loss further down to N1.7 billion in 2019.
However, in 2020, it posted its ‘first ever’ profit of N287 billion, then in 2021, it recorded a N674.1 billion profit and in 2022, the profit grew to N2.548, an unprecedented achievement in its financial performance. The N3.297 trillion profit declared for 2023 is the highest since the Company’s inception, 46 years ago.
The Central Bank of Nigeria (CBN) has directed deposit money banks in the country to start charging 0.5% cybersecurity levy on some transactions done by their customers.
The apex bank gave the directive in a circular dated May 6, 2024 and sent to all commercial, merchant, non-interest and payment service banks as well as mobile money operators and payment service providers.
“Following the enactment of the Cybercrime (Prohibition, Prevention, etc) (amendment) Act 2024 and pursuant to the provision of Section 44 (2) (a) of the Act, ‘a levy of 0.5% (0.005) equivalent to a half percent of all electronic transactions value by the business specified in the Second Schedule of the Act’, is to be remitted to the National Cybersecurity Fund (NCF), which shall be administered by the Office of the National Security Adviser (ONSA),” the circular partly read.
The apex bank said that the implementation of the levy would start two weeks from the date of the circular.
“The levy shall be applied at the point of electronic transfer origination, then deducted and remitted by the financial institution. The deducted amount shall be reflected in the customer’s account with the narration, ‘Cybersecurity Levy’. Deductions shall commence within two weeks from the date of this circular for all financial institutions and the monthly remittance of the levies collected in bulk to the NCF account domiciled at the CBN by the fifth business day of every subsequent month,” the circular said
The apex bank added that this new levy will not be applied on transactions such as loan disbursements and repayments, salary payments, intra-account transfers within the same bank or between different banks for the same customer, intra-bank transfers between customers of the same bank.
Also exempted from the levy were inter-branch transfers within a bank, cheque clearing and settlements, Letters of Credits, Banks’ recapitalisation-related funding only bulk funds movement from collection accounts, savings and deposits including transactions involving long-term investments, among others.
This current implementation however is not sitting well with some netizens as they reacted to the new development.
Here were some of their reactions from X.
QNET and Man City Mark 10th Anniversary of their Partnership
QNET Enhances Wellness Products with Cutting-Edge Technology
Betsy: Reject Gov Obaseki’s N50m Bribe-for-protest against Oshiomhole, Osifo Urges Edo Women
LASG Acquires New Outboard Engines For Optimum Boat Performance
Elon Musk builds Hotel in Mars, Sets to launch soon at $5million per night – Photos
