US law enforcers have busted a Bitcoin-fuelled dark web drug ring after one of the alleged dealers messed up and bought pre-printed postage online using his real identity.
The dealers, which sold almost $9 million worth of counterfeit Adderall, leveraged the anonymity afforded by the dark web and received payments in Bitcoin. But, one of the men involved made a crucial mistake that led to their arrests.
It’s all well and good using the dark web and Bitcoin to stay anonymous, but this story shows that these technologies don’t protect your identity outright.
According to Quartz , undercover federal agents spent the past six months buying Adderall on now-defunct Dream Market, a dark web site specializing in stolen personal data and narcotics.
Court documents show the pills were sold by a Chinese-born US citizen called Tzu Yang “Issac” Lin , supplied by Meng Ting “Leo” Hu , a Taiwanese national, and sent using the US Postal Service.
After noticing that Hu had paid for postage online, federal agents discovered his identity and put him under surveillance. As a result, they witnessed him sending boxes containing the drugs to Lin.
They later tailed Lin to a post office, where they saw him drop off 87 Priority Mail envelopes into a mailbox.
Both men resided in Southern California and are thought to have started the online drug ring in 2017.
According to prosecutors, Lin is thought to be responsible for over 8,000 individual sales, accounting for more than $8.8 million in sales, all off which were made using Bitcoin.
CoinMarketCap announces night mode and more for its platform
If you are a cryptocurrency trader whose eyes are fixed all day long at CoinMarketCap, you might find the platform’s new updates as exciting as I do.
The leading cryptocurrency tracking website announced the updates to its platform on Wednesday.
There’s a new night mode switch on the platform and the search function on the mobile app has been updated. Users can now also add up to 250 cryptocurrencies on their CoinMarketCap watchlist.
The watchlist function essentially allows users to be able to track the cryptocurrencies that are of most interest to them.
Unlike the home page which displays the top 100 cryptocurrencies by market capitalization, you can choose which cryptocurrencies you want on the watchlist. The feature is especially useful to track market movements for your investment portfolio.
Previously, up to 100 cryptocurrencies could be tracked in the watchlist. The updated limit to 250 will make it easier for traders with a more diverse portfolio to track their investments.
While the search function on the iOS app is an improvement, in my opinion, the overall user experience still does not compare with what you get on the website.
It is also worth noting that the app is only available on iOS presently but the company has plans to release on Android soon.
The night mode button might seem like the most trivial update on the face of it, but given how much time cryptocurrency analysts and traders end up spending on the website, it can be a vital improvement in the user experience. I love Telegram’s night mode and I am glad to switch to the same on CoinMarketCap.
The fact that you can switch between the day mode and night mode with a tap also makes for a fun “lights on — lights off” game if you are truly bored staring at those statistics.
As if the night mode weren’t cool enough, you might see CoinMarketCap merchandise soon!
CoinMarketCap — founded in 2013 by programmer Brandon Chez — is one of the most heavily trafficked in the world. Ranked 245 in the world by Alexa rankings, CoinMarketCap is significantly more popular than financial data giants such as Reuters and Bloomberg .
The fascinating evolution of the Bitcoin giveaway scam on Twitter
2018 saw a new scam epidemic that gradually took over Twitter – and eventually the entire cryptocurrency and blockchain space: the Bitcoin giveaway scheme.
It all started in January, at the height of the cryptocurrency mania. Ethereum co-founder Vitalik Buterin took to Twitter to warn users that cunning individuals had been impersonating him and spamming cryptocurrency enthusiasts with requests to send small amounts of Ethereum.
“ The usual scammer story is that ‘my laptop literally died’ and I have no way to access funds from my cold wallet until a week from now,” Buterin said on Twitter. “Don’t believe it or anything like it.”
A few weeks later though, the scammers had devised a new scheme that not only allowed them to reach significantly bigger audiences, but also to automate the whole process and exploit social media algorithms to give themselves more exposure. Indeed, the scammers had ditched email for Twitter.
Enter the cryptocurrency giveaway scam
In February, Buterin yet again warned the Twittersphere that scammers had been posing as him in attempts to trick users into sending them small amounts of cryptocurrency.
Posted from various handles disguised as Buterin, the attackers were promising to double any amount of Ethereum sent by users.
“I’m donating 400 Ethereum to the ETH community,” one of the malicious tweets read. “First 200 transactions with 0.2 ETH sent to the address below will receive 2 ETH in the address the 0.2 ETH came from.”
Of course, the attackers never intended to give back those funds.
While the crafty tactic bred success at first, people were slowly catching on – so the attackers had to evolve.
The botnet
While the scammers used to exclusively impersonate Buterin, they quickly found there are other blockchain influencers with worthwhile identities to steal. They also discovered that Ethereum is not the only currency they can organize fake giveaways for.
In a short amount of time, there were tons of botnets disguised as various authority figures in the cryptocurrency space. Not only that, but they were asking for a number of different coins.
Indeed, TRON founder Justin Sun was routinely impersonated to spread links to such giveaway scams . Cryptocurrency exchange desk Binance too tweeted that scammers had been posing as them, asking users for small deposits to specific wallet addresses.
But the scammers did not stop there: they went on to impersonate many other influencers and brands, including the controversial John McAfee and even Tesla CEO Elon Musk .
By now, the scammers weren’t just targeting Ethereum holders, they were now promoting fake giveaways for other cryptocurrencies, like Verge and Bitcoin.
At one point, the situation had gotten so bad that Musk himself recruited the creator of Dogecoin – a self-proclaimed “joke cryptocurrency” – to fight the scambot epidemic. Previously, Twitter had updated its policy to prevent people from using the screen name ‘Elon Musk,’ but it was clear this wasn’t enough to curb the epidemic.
Indeed, researchers discovered the scammers employed a multi-layered tactic that involved controlling a network of over 15,000 bots to push malicious giveaway links. In addition to that, the hackers had also tasked certain bots to respond to malicious giveaway links as a strategy to lend them more credibility.
The tactic was so efficient that it ultimately tricked Twitter‘s algorithm into suggesting users should follow some of the scambots. At the time, reports suggested the scammers were making over $5,000 worth of stolen cryptocurrency each night.
The victims
Things ultimately took a turn for the worse when the scammers found an even more impish way to run the malicious giveaways – breaking into verified accounts .
In November, numerous verified accounts belonging to top brands and high-profile figures were hijacked to spread Bitcoin giveaway links.
Among others, the attackers exploited the accounts of politicians , government agencies , iconic film studios , retail giant Target , and even Google itself.
Particularly impressive was that all of these took place within the span of two weeks.
Twitter finally chimes in
After months of silently standing on the sideline, Twitter eventually addressed the string of hackings after the Target incident.
“ We’ve been in close contact with Target this morning and can also confirm that their account was inappropriately accessed for approximately half an hour, after which we swiftly locked the account so Twitter could thoroughly investigate the issue,” a Twitter spokesperson told Hard Fork.
Twitter further assured us that it is working closely with affected companies to prevent this from happening in the future. But ironically, moments after Twitter‘s reassurance, Google’s Gsuite account posted a link to a malicious Bitcoin giveaway.
Since then, the cryptocurrency giveaway scam has somewhat died down, though not thanks to Twitter‘s efforts. Instead, it appears that scammers are gradually starting to expand their horizon with other platforms – like Facebook .