Viewing 1 results (of 1 total)
Reported As Possible Scam

See Warnings

No data found.
  • Author
    Search Results
  • November 25, 2024 at 12:35 pm #4298

    Topic: Sophisticated Phishing Scam Targeting Arculus Wallet Users via Arculus.at

    in forum Investment Scams
    Manju Ram
    Participant

      Type of Scam: Investment (Phishing)
      URL of Scam: arculus.at
      Victim Description: The victim, Himanshu, fell prey to a sophisticated phishing attack that impersonated “ARCULUS,” the brand of a hardware wallet he uses. The phishing email, which was cleverly personalized with his name, directed him to a fraudulent website that mimicked an official Arculus service. Unaware, he entered his 12-word recovery phrase on this site, leading to the immediate draining of his wallet containing significant amounts of cryptocurrency.

      Crypto Addresses:

      0x7D1AfA7B718fb893dB30A3aBc0Cfc608AaCfeBB0 📋
      0x514910771AF9Ca656af840dff83E8264EcF986CA 📋
      0x3B950a8154Bed8713D71d5e214416b5ad6df0051 📋
      bc1qh6yzx4ynjft745ya2hxw0esgq6agqtxrqstwjy 📋
      0x0D8775F648430679A709E98d2b0Cb6250d2887EF 📋
      0xc944E90C64B2c07662A292be6244BDf05Cda44a7 📋
      0x0F5D2fB29fb7d3CFeE444a200298f468908cC942 📋
      0xa0Bb13B2A0D14ab281a24c6B0b7B975f5471D9db 📋

      Amount Loss: $102,818.00

      Open-Source Intelligence Analysis: Preliminary Findings on Fraudulent Activities Associated with arculus.at

      Current Website:
      The website arculus.at is currently down, but it was involved in a phishing attack, using the reputable name of “ARCULUS” to deceive victims into disclosing sensitive recovery information.

      Domain Information:

      Domain: arculus.at
      Registrar: Key-Systems GmbH
      Nameservers: ns1.dispute.finedomain.at, ns2.dispute.finedomain.at

      Technical Analysis and Subpoena Recommendations:

      Domain Registrar: Key-Systems GmbHRecommendation for Subpoena: Obtain registration details, historical DNS records, and any available logs that might reveal identities or trace the phishing activities.
      Nameservers: Managed under dispute resolution, suggesting post-attack remediation or investigation.Recommendation for Subpoena: Investigate the nameservers’ logs for clues on the domain’s operational history and any associated malicious activities.

      Key Observations:
      The targeted phishing attack employed an email spoofing strategy that included personalized details, making the communication appear credible. The use of a temporarily active, authentic-looking website to collect sensitive security information is indicative of a high-level organized cybercrime operation.

      Conclusion:
      The phishing scam at arculus.at targeted users of the Arculus hardware wallet, leveraging detailed personal information and sophisticated mimicry of legitimate services to execute theft. Immediate legal actions, including detailed subpoenas to the domain registrar and an examination of associated nameservers, are essential for tracing the perpetrators and addressing the domain’s misuse in the scam.

    • Author
      Search Results
    Viewing 1 results (of 1 total)
    Scroll to Top