 | 40 MILLION! I think it's a conservative number. We could be talking about 100's of MILLIONS from this one organization. Investment scams are some of the worst type of blockchain crime around. This particular scheme appeared to to be targeting UK users through Whatsapp. The group is a mix of hired guns (scammers) and victims interacting in a chatroom. All of the numbers appear to be +44 to make it look like a legit investing operation. The hired guns talk about how much money they've made with the platform, and mention that you too can be like them! The scam is always the same. Users "invest" in the investment platform and receive big gains over time. The user continues to invest, but when it comes time to withdraw, there's always a problem. You can't! A victim who lost mid-six figures reached out to me asking for help tracking where the funds went. I expected this to be a clear cut, your funds are here! Instead, a worm hole of endless intermediary and deposit addresses opened up. Most of the scams I deal with happen on the Bitcoin or Ethereum blockchains. However, this one is all TRON USDT. (Low fees!) Let's follow the money! Hacker Wallets
Primary Wallets used to Steal Victims FundsI tried to map out the primary wallets, but the graph would take up an entire movie screen! Below are the wallets the scammer used to steal funds from victims. All of these wallets sent the stolen funds to intermediary wallets, which then were sent to various exchanges. The bullet points are where most of the outgoing transaction went. TNFXSER8SxP5EeUBAQZXp9onLmyK4mxLeb - Hacker 350K UK 1
Most of the funds here went to TC3xLtV46LaYZpYZ6ExRpnEgWeQPfBf4Vy - Hacker 350K UK 7. I’ll get to that wallet later. I’m assuming this is the wallet mostly used by the scammer to collect from victims. Hacker 350K UK 7 is an intermediary wallet and used to off ramp to exchanges.
TPEedMh4nSgcwew4wBM6evJkK4UsK56DQt - Hacker 350K UK 2
Same as above. All of the funds here went to TEaLvx1bkJEWQE6SCZHMF75GBsMZfM5G9o - Hacker 350K UK 9. Hacker 350K UK 9 is an intermediary wallet and used to off ramp to exchanges.
TMNUcWtaSsauWp6wxCjWiFNgBSWsXXazAR - Hacker 350K UK 3
An exact repeat as above. $165,200 transferred to Hacker 350K UK 9 TEZxC6T1ct74XaYfW6Y2HiBgtrUAfcfcRq - Hacker 350K UK 4
An exact repeat as above. $128,950 transferred to Hacker 350K UK 9. TS51Fu1APb1tfrp7RakEjko7xsLMMSNKb1- Hacker 350K UK 5
Same as above.
TPEedeRH6BNBi5Aa1d6WfddGbJUTK56DQt - Hacker 350K UK 6 There isn’t much activity here. Maybe it was used to pay gas fees? Wallets used to Launder FundsTC3xLtV46LaYZpYZ6ExRpnEgWeQPfBf4Vy - Hacker 350K UK 7
These next few wallets appear to be where the scammers go to send funds to exchanges to launder the stolen USDT. Due to time constraints I’m unable to map out ALL the exchange deposit addresses. There’s hundreds. Below I’ll list a few based on most amount sent. Deposit Addresses
THNmVJDoxZA8qE6vrR5tgxKH4QzkejmFYY - Hacker 350K UK 8
This wallet needs to be thoroughly expected. It appears THNmVJDoxZA8qE6vrR5tgxKH4QzkejmFYY - Hacker 350K UK 8 is a main wallet of this organization. There’s just endless deposit addresses. I marked off additional wallets based off of outgoing transactions. Deposit Addresses
Deposit Addresses Associated with Hacker 350K UK 8 (1, 2, 3, 4, 5, 6, 7, 8)
TEaLvx1bkJEWQE6SCZHMF75GBsMZfM5G9o - Hacker 350K UK 9 THw9axhbN68aHxFuQsh8Mswi9c4rkStkuA - Hacker 350K UK 11 [2.52M sent here] This wallet also needs to be thoroughly expected. Most of the outgoing funds went to THw9axhbN68aHxFuQsh8Mswi9c4rkStkuA - Hacker 350K UK 11, but I’m showing a number of outgoing txns to other wallets as well. Deposit Addresses
TMZsm5onFqDPqfzTAG3tb663PmnVcoPyM8 - Hacker 350K UK 10
This wallet also needs to be thoroughly expected. This wallet follows the exact same path as Hacker 350K UK 9. Most of the outgoing funds went to THw9axhbN68aHxFuQsh8Mswi9c4rkStkuA - Hacker 350K UK 11 but I’m showing a number of outgoing txns to other wallets as well. Deposit Addresses
THw9axhbN68aHxFuQsh8Mswi9c4rkStkuA - Hacker 350K UK 11
This wallet is doing absurd numbers. Another user tweeted about Hacker 350K UK 11 confirming it as a hacker wallet. There’s 10’s of millions of USDT in this wallet’s outflow alone. Deposit Addresses
Avoid these Scams!A post from a victim mentioning his experience working with one of the fake investment websites. If it's too good to be true or if it doesn't make sense, it's probably a scam. This is especially true if you're DMed out of the blue. I list all these wallets and deposit addresses with the hope others can pickup where I left off. This group continues to operate and is only scaling up their operations. Below are a few examples of websites I found where these scams are hosted. All of these are connected to the same organization. Add a .com at the end.
Stay safe out there! [link] [comments] |
You can get bonuses upto $100 FREE BONUS when you:
💰 Install these recommended apps:
💲 SocialGood - 100% Crypto Back on Everyday Shopping
💲 xPortal - The DeFi For The Next Billion
💲 CryptoTab Browser - Lightweight, fast, and ready to mine!
💰 Register on these recommended exchanges:
🟡 Binance🟡 Bitfinex🟡 Bitmart🟡 Bittrex🟡 Bitget
🟡 CoinEx🟡 Crypto.com🟡 Gate.io🟡 Huobi🟡 Kucoin.
![Above is inside TEaLvx1bkJEWQE6SCZHMF75GBsMZfM5G9o - Hacker 350K UK 9 [Intermediary]. There’s a few wallets here that need to be inspected further. 2.52M went to one wallet while the rest was sent to a few wallets.](https://preview.redd.it/38gik1wbj4dc1.png?1554&format=png&auto=webp&s=d6a17bcb51d12d5bf263016974dbaa63ff4a3a77){kind=link}
Comments