Anatomy of a SCAM: crypto-fast dot info aka “help me withdraw my Bitcoin”

Today I’ve had several unknown people contact me on Telegram and ask for help in withdrawing their Bitcoins from an exchange. This sounds way too suspicious to even consider to be legit, – these are all scammers or even chat bots serving scammers.

I decided to talk to one of them, to see how exactly an obvious scam like that would be set up.

World, meet “Nathan”:

Nathan tells me to create an account at crypto-fast dot info, let’s inspect that site a bit and see any of the common red flags that help detect and avoid Bitcoin scams.

The crypto-fast info website is an obvious Bitcoin scam, and this is how you tell a scam:

The domain is less than a month old, and was created on 2018-09-08 using a Russian registrar REG.RU:

http://whois.domaintools.com/crypto-fast.info

The site is not real. It’s just an HTML page with bits and pieces that look like a real site but nothing works. There are no terms and conditions, all buttons are fake, even the e-mail verification is fake:

To someone who’s not attentive or is not internet-savvy at al this might look like the real deal.

The scam website crypto-fast.info has literally no functionality. Buttons don’t work, the “profile” will save anything as a BTC wallet, etc. At the same time some effort was put into this – e.g. there’s an API page with some parameter for generating API keys. Nothing works there either obviously.

Back to Nathan! I agree to help him out and he wants to send me some BTC so that I trusted him. Cool!

Since the crypto-fast.info domain is registered by a Russian registrar I figured the scammer likes Putin’s cock… I wasn’t wrong.

The scammer then edited the HTML file I was seeing to reflect the 100 satoshis he “sent” me:

Obviosly, it’s all just plain HTML code, not any script or a variable:

OK Nathan, let’s see how your scam operates further:

To “withdraw” to my Bitcoin wallet I had to add it to my profile. Obviously the field accepted anything, not just legitimate Bitcoin wallets, so I used Putin’s cock again:

Once you click “withdraw” you finally get to the point at which the crypto-fast.info scam makes their money:

“In connection with EU adopts rules to reduce anonymity for crypto users 15 May 2018, we were forced to reduce the number of bots and alter the exchange system. Your balance of has been frozen until you make a deposit. Need to make a Deposit in the amount of 0 / 0.01 BTC”

Alright, the pieces fit now. Users get this message, and because of their GREED they deposit REAL BTC to save their fake 1.34 BTC balances. This is the address they want the “deposit” sent to:

1PTAaVk6onxkgU1ZXxMfcPG9txgQ6rYVef

UPDATE

Nathan is worried about “his money”.

I told him I sent it all to his address and he kept asking for screenshots, so I had to edit the code of the site (by inspecting the HTML elements in the browser) and turning the fake error message into a fake success message:

It seems to work for now:

Hopefully this will keep the fucker busy debugging his little scam website all night and possible go insane.

Stay safe!

UPDATE 2

The same group of scammers has been running multiple websites doing the same thing.

Please watch out for these and similar sites:

https://neocrypt.info/

westcrypt.info (westcrypt dot info is the same scam website)

http://mycryptoash.com

http://good-presentation.ru/profile

https://cryptogot.org

http://coinhits.com

What these scammers do is ask people to help withdraw their BTC, then direct to a fake exchange website which would in turn ask the person to submit 0.01 to unlock fake funds.

Here’s how the scam websites look, the design imitates the fully legitimate exchange Cex.io: 

–=== Support CoinVigilance ===–

Like what we do but hate ads? Consider donating!
BTC address for donations:
14bAqBDstxazut2PaLVunD4jP8GERLRRQP