Altcoins Talks - Cryptocurrency Forum
Further Discussions => Reputation, Scams & Phishing => Topic started by: GxSTxV on April 04, 2024, 08:36:46 PM
-
The scamme’s profile: AidenWeb3 (https://www.altcoinstalks.com/index.php?action=profile;u=98531)
His Telegram account: Aiden_Orbit
His: Twitter account: Sizzle23_eth
His: Discord account: - butlerwesley
The malicious website: https://dinoverse.cc/
Yesterday, this user caught my attention with topics about job offers related to a web3 game project. So, given my past experiences with similar suspicious offers, one of which I shared in another forum BTT: playmisterium SCAM ORGANIZATION (https://bitcointalk.org/index.php?topic=5438406.msg61720284#msg61720284) and I believe to be from the same organization or related to same hackers and developers, Continuing from my previous reply to one of his topics:
Well, the job offer is looking good and may attract many users who needs a job. However, I ask everyone to be careful before giving sensitive information or details to anyone, this OP as a recruiter did not mention the project or the web3 game they own.
From my experience, I contacted this person on Telegram and I have been asked for my Wallet address which is a very high risk sign where some scammers using such manipulative methods to hunt funded wallets by asking them to download and install a game.
This is a form the OP asked me to fill:
Hello. Thank you! Please fill out the form (preferably in one message, for easier processing)
1)What is your country?
2)Have you ever worked as a moderator/beta tester?
3)How many hours a day are you willing to work?
4)Do you have a computer or laptop? (Mac or Windows)
5)Your ERC20 address, please indicate the main address because we will check your experience in interaction with dapps(for a paycheck)
I’m not accusing the op of anyone, though I’m asking you guys to be careful.
He finally replied to me earlier on Telegram with the following message:
(https://talkimg.com/images/2024/04/04/VLH4v.jpeg)
Their fake game website when you try to join Metaverse which doesn’t exist in first place and it’s only a launcher, is infected with a malicious server intended to either directly steal your assets or track your passwords and private keys. Therefore please avoid downloading it. Instead we need experts that could decode the contents of the fake game and provide us with more information on how this type of hacking works if it's possible to track the hackers' wallet and gather more details about this organization. I believe this type of scam and hacks are dangerous, you may try to download the game and forget about it since it doesn’t work, then surprisingly lose your assets and not knowing how and what happened.
(https://talkimg.com/images/2024/04/04/VLANb.jpeg)
-
Thanks for the warning @GxSTxV. Now that I pay attention to the "offer", I see that it is too good to be true.
As a preventive measure, the offer thread will remain locked.
If you can (that is, if you have not deleted the Telegram conversation) and you agree, update the post with a screenshot of the conversation, that way no one will be able to say that you made up that response.
+3
-
If you can (that is, if you have not deleted the Telegram conversation) and you agree, update the post with a screenshot of the conversation, that way no one will be able to say that you made up that response.
Thanks for the reminder, if in any case the user denies everything, I have just saved and forwarded his messages to my savings in Telegram account, in that way even if he could delete the conversation, I still can send the forwarded messages to a trusted member or moderator here to confirm everything. Beside that I have saved the file and fake game inside the website in case they deleted it also.
Now, I will try to learn about decoding these kind of viruses or malicious programs to find extra information about this user and organization.
Here is another updated screenshot of the conversation with this user beside his Telegram username:
(https://talkimg.com/images/2024/04/04/VLMC5.jpeg)
-
Can someone verify, so we can quickly grant scammer tag to avoid people falling for it
-
Can someone verify, so we can quickly grant scammer tag to avoid people falling for it
I just took a quick look at their site and I believe @GxSTxV is correct about them being a scam and here are the few things I noticed.
Date of the Domain and Fake statistics
Domain: dinoverse.cc
Registrar: Web Commerce Communications Limited dba WebNic.cc
Registered On: 2024-03-29
Expires On: 2025-03-29
Updated On: 2024-03-29
Status: ok
Name Servers: venus.ns.cloudflare.com
zod.ns.cloudflare.com
(https://www.talkimg.com/images/2024/04/04/VLrRo.png)
For a site that`s barely up to a week old I hardly believe that they will be able to have accumulated that amount of users within that short period [I believe its a means to deceive others into believing that they truly have that stats] and that`s a red flag.
I also went through their Twitter account to see if they utilized it (before their site creation) but it turned out that they started shilling almost the same time the site was created (this also strengthened my suspicion of them faking the stat).
Forcing Users to download an app to view Whitepaper
A legit project should be willing to display their whitepaper without anyone having to download their app first but the fact that they are keeping it hidden until the app is downloaded shows that they have an ulterior motive.
-
I also ran that website in virustotal and it was flagged as well,
(https://www.talkimg.com/images/2024/04/05/VcfJd.png)
Evidence are overwhelming, so I guess admin should tag this account as "scammer".
-
Anytime anyone is asking you to download anything you should always run some sort of virus scanner at a minimum before proceeding. I don't click links period but some unsuspecting users or those desperate for a job might click and get screwed.
-
Thank you GxSTxV for the warning. Good investigation.
I join GxSTxV in warning about this scam because I know he has experience working in Web3 and is used to dealing with these things so he has good experience in detecting scams early on.
This scammer is trying to spread it in all local sections to get as many victims as possible, so must warn him. Such projects that request wallet addresses, private keys, or downloading suspicious programs have become common on the Internet, and unfortunately, despite the constant warning, there are still victims who fall into the trap.