URL of Scam: easycryptobase.com

Type of Scam: Investment
Calculated Amount Loss: $21,642.00

Victim Description:
The victim was contacted by a person on Facebook who appeared to be a friend (Kris Denison) claiming to have started a new job and experiencing significant financial success with investors. The victim was persuaded to invest in easycryptobase.com, a platform that promised 186% returns weekly without any risk. The victim transferred a total of $21,279 in Bitcoin to the platform after being assured of high returns. However, upon further communication with the individual, the victim realized they were no longer talking to their actual friend and became suspicious. The victim attempted to withdraw funds but was unable to do so.

The transactions are as follows:

13 December 2023, 9:26:48 from Coinexx.com: $12,500 in Bitcoin was sent to:
bc1q2nruzwvqh8la3gcap49puyg6zywts7cfv8wdge
12 December 2023, 3:13:56 PM from Crypto.com: $8,778.93 in Bitcoin was sent to:
bc1q2nruzwvqh8la3gcap49puyg6zywts7cfv8wdge
The victim is concerned that the website may be fraudulent, as they can no longer access their funds or withdraw them.

Wallet Address:bc1q2nruzwvqh8la3gcap49puyg6zywts7cfv8wdge

Open-Source Intelligence Analysis: Preliminary Findings on Fraudulent Activities Associated with easycryptobase.com

Current Website:
easycryptobase.com is a fraudulent investment platform that claims to offer high returns on cryptocurrency investments. The site promotes an unrealistic 186% weekly return with no risk, which is a major red flag. The victim was initially approached through a Facebook connection, with the individual claiming success with investments on this platform. After transferring funds, the victim was unable to withdraw their Bitcoin, and the platform’s true nature as a scam became apparent.

Domain and Hosting Information:

Registrar: HOSTINGER operations, UAB
Registered On: October 3, 2023
Expires On: October 3, 2025
Updated On: October 2, 2024
Status: client Transfer Prohibited
Nameservers: ns1.dns-parking.com, ns2.dns-parking.com

Technical Analysis:

Frameworks: The website uses basic frameworks, which are typical for fraudulent sites looking to appear professional without investing in long-term credibility.
DNS Hosting: The nameservers (ns1.dns-parking.com, ns2.dns-parking.com) are hosted by a service that is often used for temporary or parked domains, which is a common tactic for scam operations to mask their true intent and location.
Domain Status: The domain is under “clientTransferProhibited,” which indicates that the domain is locked to prevent transfer. This is often a method used by scammers to avoid having their domain traced or shut down.

Key Observations:
The domain’s use of nameservers from a service like “dns-parking.com” is indicative of a site with little to no actual operational infrastructure, which is common in scams. The “clientTransferProhibited” status indicates that the domain owner is taking steps to delay any investigation or takedown actions.

Recommendations:
HOSTINGER operations, UAB: A subpoena should be issued to gather information about the domain registration and any associated owner details.
Blockchain Forensics: Track the wallet address bc1q2nruzwvqh8la3gcap49puyg6zywts7cfv8wdge to see if the funds have been moved or linked to any other fraudulent activities or exchanges.
Nameserver Investigation: Investigate the “dns-parking.com” nameservers and the associated hosting infrastructure to find connections to other scam websites or identify the perpetrators behind the platform.

Conclusion:
easycryptobase.com is an investment scam that deceives victims by promising unrealistic returns on cryptocurrency investments. The victim in this case was approached through social media by a fraudulent contact claiming financial success on the platform. After sending Bitcoin to the site, the victim was unable to withdraw funds, and the platform’s true nature was revealed. The use of parked domain nameservers and the “clientTransferProhibited” status suggest that the operators are taking steps to shield their identity and avoid detection.

Immediate actions, including subpoenaing the registrar and conducting blockchain analysis, are recommended to trace the funds and uncover the individuals behind this fraudulent scheme.