- This topic has 0 replies, 1 voice, and was last updated 1 week, 5 days ago by .
-
Topic
-
URL of Scam: byokcrypto.co
Type of Scam: Investment
Calculated Amount Loss: $44,797.00Victim Description:
The victim had questions regarding a cryptocurrency platform they were involved with, specifically byokcrypto.co. The platform led the victim to make substantial investments, but once the funds were deposited, they were unable to withdraw any profits or principal. The platform likely used deceptive tactics, offering promises of high returns but ultimately seizing the victim’s funds. The victim reported a total loss of $44,797.00 and has not been able to access the deposited funds since making the transaction.Wallet Addresses:
0xa5e6bb93371e2c8FB3BFb68Cb2B0996e7792D93a
Open-Source Intelligence Analysis: Preliminary Findings on Fraudulent Activities Associated with byokcrypto.coCurrent Website:
byokcrypto.co is an investment platform that falsely claims to be involved in cryptocurrency trading. The victim was led to invest substantial amounts in the platform, but after sending the funds, they were unable to withdraw them. The site presents itself as a legitimate crypto trading platform but is, in fact, a scam designed to steal users’ funds. The platform likely used persuasive marketing tactics to lure in victims by promising lucrative returns, only to trap them once the funds were deposited.Domain and Hosting Information:
Registrar: Spaceship, Inc.
Registered On: November 26, 2024
Expires On: November 26, 2025
Updated On: November 26, 2024
Status: clientTransferProhibited, serverTransferProhibited, addPeriod
Nameservers: yangyang.ns.giantpanda.com, lunlun.ns.giantpanda.comTechnical Analysis:
Frameworks: The website uses modern web frameworks that make it appear professional and legitimate, which is a common tactic in scams to avoid suspicion.
DNS Hosting: The nameservers (yangyang.ns.giantpanda.com, lunlun.ns.giantpanda.com) are hosted by an obscure provider, “giantpanda.com,” which is often used by scammers to hide their true infrastructure and obfuscate the origin of the site.
Domain Status: The use of “clientTransferProhibited” and “serverTransferProhibited” status means that the domain is locked, making it difficult for authorities to transfer or modify the domain registration, a tactic often used to avoid detection.
Key Observations:
The website’s use of obscure nameservers and a newly registered domain (November 2024) suggests the scammers are attempting to maintain anonymity. Additionally, the “clientTransferProhibited” and “serverTransferProhibited” statuses indicate a deliberate effort to keep the domain and hosting secure from investigation or transfer.Recommendations:
Spaceship, Inc.: A subpoena should be issued to obtain detailed information about the domain’s registration and the identity of the domain owner.
Blockchain Forensics: Investigate the wallet addresses involved in this scam to trace any movement of funds and identify further links to other fraudulent activities or victim wallets.
Nameserver Investigation: Investigate the “giantpanda.com” nameservers and the associated infrastructure to gather more information on the scammers’ hosting arrangements.Conclusion:
The website byokcrypto.co is a fraudulent cryptocurrency investment platform that deceives victims by promising high returns. After the victim deposited funds, they were unable to withdraw their money or receive any promised returns. The use of newly registered domain details and obscure nameservers is a tactic commonly used by scammers to hide their operations. Immediate action should be taken to subpoena the domain registrar and investigate the wallet addresses and hosting provider.