- This topic has 0 replies, 1 voice, and was last updated 1 week, 4 days ago by .
-
Topic
-
Type of Scam: Cryptocurrency Investment Scam
URL of Scam: friri.net
Victim Description: The victim engaged in cryptocurrency transactions on friri.net, initially conducting arbitrage trading. Subsequently, the platform locked withdrawals, demanding an “insurance payment” for an Anti-Money Laundering (AML) investigation to clear funds, which raises suspicions of a potential rug pull scam.
Crypto Addresses:rKKbNYZRqwPgZYkFWvqNUFBuscEyiFyCE
0x4180b6dae302793dfB825396142Aa8d6A1e0CDAd
0x036F628e7219962c93E5e86ca43d2F5D7ee9CD29
Amount Loss: $40,423Open-Source Intelligence Analysis: Preliminary Findings on Fraudulent Activities Associated with friri.net
Current Website:
The website friri.net, reviewed on October 10, 2024, presents itself as a platform for cryptocurrency trading, including features such as arbitrage. However, the requirement of an additional payment under the guise of AML compliance after initial investments is a significant red flag, suggesting deceptive practices aimed at extorting more funds from users.Domain and Hosting Information:
Registrar: Namecheap, Inc.
Nameservers:aurora.ns.cloudflare.com
micah.ns.cloudflare.com
(Hosted by Cloudflare, Inc.)
MX Records: mail.mailxnew.com
ISP: Cloudflare, Inc.
Technical Analysis and Subpoena Recommendations:Domain Registrar: Namecheap, Inc.Recommendation for Subpoena: Secure comprehensive registration and ownership details.
Nameservers: Managed by Cloudflare, Inc.Recommendation for Subpoena: Access detailed DNS logs and configurations to identify domain activities and potential linkages to other malicious operations.
ISP: Cloudflare, Inc.Recommendation for Subpoena: Obtain IP address logs and traffic data that could trace the scam operators’ location and operational tactics.Key Observations:
The platform’s use of Cloudflare services not only boosts its performance and security but also complicates tracking the actual server locations. The presence of a specific mail exchange server indicates organized email communications, which might be leveraged to interact with victims or coordinate within the scam network.Conclusion:
The dubious requirement of additional “insurance” payments on https://friri.net/en to release funds already invested by the victim, coupled with locked withdrawals, characterizes this operation as a classic rug pull scam. Legal and investigative measures are urgently recommended to trace and dismantle the network behind this scam, potentially aiding in the recovery of lost funds.