Don’t Fall for these Scams, Top Tips, Tricks & Insights to Keep You Safe & Secure in Web3 — Crypto Security Truths: Issue 19

Cyber Strategy Institute
15 min read5 days ago

--

Weekly Review of Top Cybersecurity Incidents, Topics, Tools and Issues in Web3, Crypto, and Blockchain Ecosystems

We have been capturing as much as we run across every week to find you clear examples of what not to do in the Cryptoverse in terms of risk, safety and security. We have captured a long list of topics this week in the following headings: Malware, Phishing, Scammers, Gaming, On-Chain, & News, so buckle up and learn how to protect yourself better in Crypto.

Our top thought leaders capture their own perspective for each category as an Analyst Notes.

1 Nov 24–8 Nov 24

Don’t forget you can vote up to 50-times a day for your favorite articles. We accept more than 1-vote.

Introduction

In a world where digital defenses are constantly tested, this week’s “Crypto Security Truths” delves into the complex and increasingly dangerous tactics targeting the crypto and cybersecurity landscapes. From hacker collectives launching sophisticated attacks to scammers deploying relentless phishing campaigns, the insights shared here highlight emerging threats that demand proactive, resilient defenses. Our analysts have dissected the latest incidents, shedding light on hidden motives, exposing new vulnerabilities, and assessing the resilience of current defense systems. Get ready for an in-depth look at what’s unfolding in this high-stakes arena, where each revelation signals an urgent call to action.

Malware

Crypto Developers Targeted by InfoStealer Malware

In a recent scam, a crypto development team fell prey to InfoStealer malware disguised in a project file from Bitbucket. This malware extracted sensitive data and installed a backdoor on the team’s system. InfoStealers typically target cryptocurrency wallets, credentials, and personal information, often hidden within seemingly legitimate files. To combat these threats, solutions like Warden offer enhanced protection through Default Deny technology and Kernel API Virtualization, which isolates malicious code and prevents unauthorized access to sensitive data. Developers are encouraged to adopt rigorous code verification practices and use advanced security tools to mitigate risks. [ Cyber Strategy Institute blog on Medium ]

Keylogger Malware Hidden in Chrome Extensions

Cybersecurity experts warn users about potential keyloggers in browser extensions, highlighting a project by researcher @thoughtfault that demonstrates how extensions can secretly capture keystrokes. This serves as a reminder of the need to carefully assess permissions granted to browser add-ons. By maintaining vigilance over installed extensions, users can mitigate the risk of hidden malware accessing sensitive information. [ IntCyberDigest on ]

Digest on X ]

New Malware “EdtiProAI” Targets Crypto Users via X Ads

The malware “EdtiProAI” has surfaced as a major threat to crypto users, spreading through ads on X (formerly Twitter) and compromising users’ private keys. Once installed, this malware scans devices for wallet data, collects sensitive information, and transmits it to attackers, leaving victims’ assets vulnerable. Scam Sniffer, a Web3 anti-scam group, advises users to protect their holdings by using hardware wallets and keeping high-value assets offline to avoid becoming a target. [ The Scam Sniffer on X ]

Analyst Takeaway: The malware landscape targeting crypto has reached new heights with creative infiltration methods. Attacks like InfoStealers hidden in Bitbucket files and “EdtiProAI” disguised in ads show an evolution towards tailored, sophisticated entry points, while keyloggers in Chrome extensions emphasize the dangers of browser vulnerabilities. Developers and crypto users must prioritize top-tier security solutions, including hardware wallets and containment tools like Warden’s Default Deny technology. Vigilance is crucial, as threat actors are constantly adapting to evade detection and exploit weak points.

Phishing

Sophisticated Coinbase Spear Phishing Attempt

A recent spear phishing attempt targeting a Coinbase user showcased highly advanced social engineering tactics, simulating a legitimate security call. The attackers used multiple tactics to build trust, including a simulated fraud alert call, a follow-up from a “security team member” with fluency and professionalism, and even accurate geolocation information. The phishing scheme incorporated authentic-seeming SMS messages and scheduled callbacks. However, the target, a security professional, recognized inconsistencies, avoiding potential compromise by not clicking a suspicious link. The incident emphasizes caution when engaging with inbound security calls and the importance of independently verifying security alerts. [ Charles Heaton post on LinkedIn ]

Phishing Campaign Targeting IOC

A recent phishing campaign targeted the IOC with a well-crafted email impersonating Microsoft. The email contained various red flags, such as an unrecognized sender and suspicious URLs. Testing the link in a virtual environment revealed potential for malicious payload execution. Warden’s automatic containment capabilities are recommended to protect against such threats, as they prevent unauthorized actions regardless of detection, enhancing user security and offering peace of mind. [ Intel on Chain on X ]

Analyst Takeaway: Phishing threats are now crafted with unprecedented sophistication, evident in the Coinbase spear phishing incident and the Microsoft-impersonating emails targeting the IOC. Attackers’ use of social engineering is so polished that even seasoned professionals could be misled if they’re not extremely vigilant. This highlights the need for cybersecurity solutions capable of containing unknown threats in real time, ensuring that, even if an employee missteps, potential damage is minimized.

Scammers

Gary “Vee” Vaynerchuk Exposed: The VeeFriends $200M Scam

Gary Vaynerchuk, widely known as Gary Vee, allegedly extracted over $200 million through deceptive practices in the NFT market between 2021 and 2023. This investigation, led by Mario Longtin, unveils Vaynerchuk’s purported misconduct through his VeeFriends brand, detailing numerous cases of market manipulation, insider trading, artificial demand creation, and conflicts of interest. By comparing Vaynerchuk’s actions to other high-profile NFT scandals — Impact Theory, Stoner Cats, and OpenSea insider trading — Longtin highlights the severity of Vaynerchuk’s influence on the market. The report provides evidence of fraudulent marketing, misrepresentation, securities fraud, and ethical breaches, outlining a web of exploitation aimed at enriching Vaynerchuk and his close associates at the expense of VeeFriends investors and the broader NFT community. [ MariotLongtin on X and his Substack Article ]

MrBeast & Kevin Rose Critique VeeFriends Series 2

In a discussion led by Mario Longtin, prominent figures MrBeast and Kevin Rose publicly criticized VeeFriends Series 2, accusing it of questionable practices like sell-shaming and price anchoring. Longtin’s commentary questions the motives behind these tactics and promises transparency on controversial aspects surrounding VeeFriends, aiming to inform investors of potential red flags. [ MariotLongtin on X ]

Virtue Signaling in the NFT Space

Mario Longtin labels recent promotional practices within the NFT community as “virtue signaling.” He calls attention to the disconnect between public statements and actual behaviors, urging followers to discern between genuine values and self-serving displays in NFT marketing. [ MariotLongtin on X ]

Gary Vee’s Alleged Art Theft Scandal

Longtin exposes claims of art theft involving Gary Vee, alleging he launched a competition, pumped selected NFT projects, and then used the creative submissions for his own projects without proper credit. This revelation has sparked debate, with investors questioning Gary Vee’s integrity and intent. [ MariotLongtin on X ]

Remember When Pixelmon NFT Scam and Investor Fallout Happened?

In a thread by okHOTSHOT, the Pixelmon NFT project, spearheaded by creator Syberer, is examined as a deceptive venture that raised $70 million through exaggerated claims and misrepresentations. Despite promises of a groundbreaking game, Pixelmon investors faced severe losses, leading to significant backlash and media coverage. OkHOTSHOT’s analysis highlights the risks of hype-driven NFT investments and underscores the importance of transparency in blockchain ventures. [ NFTherder on X ]

Rug Pull Accountability in Web3

In a call for justice, DefiMike highlights the need to hold NFT rug-pull perpetrators from 2020–2022 accountable as the truth about fraudulent actors inevitably comes to light. With growing awareness among new and seasoned Web3 participants, there’s a shared goal of exposing and excluding scammers from the space. Responding, okHOTSHOT echoes the sentiment, suggesting the community name known frauds to prevent further damage. [ DefiMike on X ]

The Age of Grifters

Mario Longtin suggests the current climate in Web3 is leading to an “age of grifters,” as opportunistic behaviors seem to flourish. He humorously notes Tom had already called this out a year prior, underlining how grift-like activities have become widely recognized yet persist in the crypto space. [ MariotLongtin on X ]

Rising Crypto Scam Steals 90 ETH in a Month

A scam promising passive crypto income has lured in numerous victims, with reports of people losing up to 2 ETH each, all in exchange for a deceptive scheme supposedly generating “1.2 ETHs Daily.” According to Scam Sniffer, an analysis of malicious addresses shows that in the last 27 days, scammers have drained approximately 90 ETH through 500 malicious contracts. This scam, often promoted on platforms like YouTube, continues to exploit those seeking easy profits in the crypto space. [ The Scam Sniffer on X ]

Fake Web3 Job Offer Scam Exploits Social Engineering

In a cautionary tale about social engineering scams, a user shared their experience of being defrauded after downloading a file related to a fake job offer from the account @digicatsdoteth. The incident underscores the vulnerability and emotional toll of such scams, with the user describing feelings of anger and betrayal. This story serves as a reminder of the importance of verifying unknown files before downloading to prevent similar incidents. [ yourreplyguy on X ]

Short-Lived $MEMECOIN Scam Warning

Crypto Rug Muncher warns that $MEMECOIN is another scam project orchestrated by known accounts @og99official and @UndisputedCallz, notorious for running crypto projects that vanish within 24 hours. While early investors may see quick profits, the platform urges caution, emphasizing that any gains from such schemes are likely temporary. Investors are advised to cash out early and remain vigilant, as these scams exploit fleeting hype to entice victims before disappearing. [ CryptoRugMunch on X ]

Fake Job Offer Leads to Potential Malware Trap

Milbury shared a close call with a scam that began with a suspicious job offer message from a supposed moderator recruiter. After investigating, Milbury found several red flags, including unusual account activity, name changes, and inconsistencies in the recruiter’s game project. The offer was likely a ruse to persuade Milbury to download malware under the guise of a legitimate game. This experience serves as a reminder to verify job offers and avoid clicking suspicious links to prevent falling victim to phishing or malware scams. [ MilburyNFT on X ]

Web3 Recruitment Scam Tactics Exposed

User @maskobiz outlined their encounter with a suspicious Web3 job offer that lacked standard recruitment processes, featured questionable online engagement, and showcased telltale signs of a scam, such as spammy comments and mostly fake users in the project’s Discord. Further investigation revealed a lack of genuine documentation, no clear update process, and fake endorsements. This account highlights the importance of due diligence (DYOR) before engaging with Web3 job offers or downloading related content to avoid scams that exploit naive users seeking opportunities in the crypto and Web3 sectors. [ maskobiz on X ]

Analyst Takeaway: The Web3 space is flooded with exploitative schemes, from high-profile scams like Gary Vee’s alleged NFT manipulations to social engineering tactics in fake job offers. Scammers have shifted towards complex, layered schemes that play on psychological triggers and market hype, making it essential for users to exercise rigorous due diligence. As Web3 grows, community-driven accountability and transparent investigative efforts must persist to expose fraudsters and warn newcomers about the realities of digital grifting.

Gaming

Pay-to-Win Gaming Algorithms

Mario Longtin critiques ‘Free-to-Play’ (F2P) games, stating that algorithms often favor paying players. This practice leads to a cycle where non-paying players are encouraged to watch ads and lose, while paying players win more often, sustaining the revenue model. This insight sheds light on the mechanics of F2P games and their impact on player experience. [ MarioLongtin on X ]

Analyst Takeaway: Free-to-play gaming, once a novelty, is now a carefully tuned mechanism designed to extract revenue from players through subtle psychological levers. The ‘pay-to-win’ dynamics embedded in these games not only impact user satisfaction but also set a troubling standard for the industry. Understanding the mechanics of F2P games reveals a larger truth about the trade-offs between enjoyment and monetization, and how players must navigate a market where victories often come at a price.

On-Chain

Investigating Zach Testa’s Network

TruthLabs delves into Zach Testa’s on-chain network, drawing links to suspicious Ethereum Name Service (ENS) domains, questionable crypto associations, and military backgrounds of certain network members. Despite potentially coincidental findings, the connections raise concerns about Testa, founder of the $PEPE meme coin, and his possible affiliations, including indirect ties to public figures like Mr. Beast. The investigation, while speculative, underscores the complexity of tracing on-chain networks and finding patterns within blockchain data. [ Truth Labs on X ]

Alleged Corruption in Silk Road and Mt. Gox Investigations

TruthLabs (@BoringSleuth) details alleged corruption within the investigations of the Silk Road and Mt. Gox cases. The threads suggest that former FBI agents involved in these cases participated in unethical activities, including misappropriating Bitcoin linked to Silk Road and investing in crypto ventures funded by suspicious sources. Connections are drawn between these agents, prominent figures in Ethereum’s ICO, and significant players in the crypto space, implying a network of collusion. TruthLabs also discusses ties between Blake Benthall, the founder of Silk Road 2.0, and laundering of Ronin funds, along with accusations that former government agents became crypto venture capitalists after leaving their positions. [ Truth Labs on X ]

Ethereum and MyEtherWallet Links to Silk Road Funds

TruthLabs further claims that Ethereum’s ICO wallets and MyEtherWallet founder’s Bitcoin wallets were funded by Silk Road wallets. The accusation includes that these wallets later fueled Ethereum’s growth, suggesting deep, concealed links between Silk Road’s funds, ex-FBI agents, and high-profile individuals in the crypto space. TruthLabs accuses these figures of becoming crypto founders, aiding suspicious transactions, and taking investments from controversial groups like Lazarus Group and FTX. [ Truth Labs on X ]

Analyst Takeaway: On-chain investigations highlight the intricate web of connections in the crypto world, where financial, political, and even criminal networks intersect. The case of Zach Testa and the alleged corruption tied to Silk Road and Mt. Gox investigations illustrate how blockchain transparency doesn’t always mean simplicity. With on-chain data, patterns and affiliations often point to deeper, sometimes darker, relationships, reminding us of the importance of scrutiny and skepticism in high-stakes crypto dealings.

News

Cybersecurity Insights

Cyber Strategy (@CyberStrategy1) shares a philosophical view on cybersecurity: “The heart of cybersecurity beats strongest when it is not overwhelmed but renewed with each scan.” This reflects the importance of continuous vigilance and proactive defense in cybersecurity. [ CyberStrategy1 on X ]

Crypto’s Political Influence

Sam Kazemian (@samkazemian) points out the successful track record of pro-crypto candidates in the last election cycle, where 48 out of 48 candidates backed by a major crypto PAC won their elections. Kazemian suggests that embracing a pro-crypto stance is a winning political strategy, highlighting crypto’s growing influence in U.S. politics. [ samkazemian on X ]

Gary Wang’s Cooperation with the U.S. Government

NFTherder (@okHOTSHOT) references a report that Gary Wang, former CTO of FTX, has developed a tool to help the U.S. government track illegal activities on cryptocurrency exchanges. This cooperation may reflect an attempt to reduce his potential jail time following FTX’s collapse and investigations into its founders. [ NFTherder on X ]

Analyst Takeaway: Crypto’s political influence and involvement in regulatory affairs are solidifying as players like Sam Kazemian celebrate electoral wins for pro-crypto candidates. However, the community should remain aware of the nuanced implications of such alliances, especially as government cooperation in cases like Gary Wang’s points to a push for stricter oversight. These developments mark a critical juncture for crypto, as it seeks to solidify its place within the mainstream while facing pressures to conform to regulatory expectations.

Tools

Phantom Wallet Enables Crypto Purchases with Venmo

Phantom Wallet, a popular digital wallet primarily known for Solana-based transactions, now allows users to buy cryptocurrency using Venmo. This integration could mark a significant shift in accessibility, simplifying the process for users in the U.S. to enter the crypto market by linking with Venmo, a familiar and widely-used payment method. The integration also highlights Venmo’s growing support for crypto, reflecting broader mainstream adoption. [ Arcanic on X ]

Web3 Vendor Lockin? DEGEN L3 Faces Rollup Migration Struggles with Conduit

DEGEN L3, a blockchain project, is struggling to move away from Conduit, a Rollup-as-a-Service (RaaS) provider, due to locked rollup keys that prevent migration. This situation exposes the potential pitfalls of vendor lock-in within the RaaS space, as projects relying on third-party providers may face challenges or even lose access to their user funds. Community members and experts express concerns over decentralization, as this issue highlights the control these providers can exert. If such lock-ins persist, it could lead to reputational damage for Conduit and other RaaS providers. [ 0xngmi and Andre Cronje on X ]

Microsoft Adds AI Tools to Paint and Notepad on Windows 11

Microsoft’s decision to integrate AI-powered tools like “Rewrite” into Notepad on Windows 11 has generated mixed reactions. While the new feature allows users to rephrase, adjust tone, and tailor the length of their text, some worry that it may complicate Notepad’s appeal as a minimalistic, lightweight editor. For decades, Notepad has been valued for its simplicity, offering essential functionality for quick edits, coding, and note-taking. Adding AI features introduces potential downsides, including concerns about privacy and data collection — particularly if text or image processing occurs in the cloud. Furthermore, AI tools could increase resource demands, making Notepad slower and less efficient, especially on lower-end devices. Many users also fear a move toward subscription-based monetization, which could turn Notepad from a free, basic utility into a product with upsells. Overall, while these new AI features bring fresh possibilities, they risk detracting from the straightforward design that has made Notepad so popular over the years. [ vxunderground on X ]

Analyst Takeaway: Recent innovations in crypto access tools, like Phantom Wallet’s integration with Venmo, are bringing crypto closer to everyday transactions, simplifying the user experience. However, DEGEN L3’s struggles with rollup migration reveal a cautionary tale about vendor lock-in risks in blockchain infrastructure. As user adoption grows, the industry must address both the accessibility benefits and the potential risks of centralized dependencies to ensure a healthy, decentralized ecosystem.

Conclusion

Our analysts’ takeaways from this week emphasize three major themes: the vital importance of vigilance, the need for proactive defenses, and the shifting tactics of attackers exploiting increasingly complex methods. As threats to crypto systems grow, the analysis underscores that defenders must stay ahead of the curve, adapt quickly, and implement layered security approaches to outpace adversaries. Readers are left with a clear message: as these challenges evolve, only the most prepared and proactive will withstand the relentless wave of cyber threats.

Thanks for getting this far in our article. Don’t forget that you can vote up to 50-times a day for your favorite articles on Medium. We accept more than 1-vote, as it helps us spread the Cybersecurity insights into Crypto. The more people that see this information, the more people we can help. We should share information about criminals and scammers to help protect each other, just like we pick up stray trash and put it in the trash can.

Further Resources about Cyber Strategy Institute:

If interested in other analysis, checkout our other Medium articles, our Indpeth Analysis Articles and for more of a daily understanding of the Cryptoverse follow our Twitter account. Relying on a dying Cybersecurity model is not a foundation for success; that is what Warden changes for the good!

Warden

It is designed leveraging a Zero Trust model, stopping all known bad and unknown malicious threats. This starts by defending at the kernel level, so that any software does not know it’s been placed into a sandbox. We call this the “Inception Protection” model, which will not allow any program to impact your systems. No other system can do this on the market today. Protect your digital life, your families or your organization today with Warden!

If you want a 50% Discount on your purchase, then sign up for our newsletter, and we will send you the code for your support. Just reply to your first email saying you would like a discount.

Cyber Strategy Institute

Medium: https://cyberstrategy1.medium.com/

Twitter: https://twitter.com/CyberStrategy1

X: https://x.com/Warden_Secure

Website: https://cyberstrategyinstitute.com

Protect Yourself, Family or Business Today with Warden!

https://cyberstrategyinstitute.com/personal-protection-warden

--

--

Cyber Strategy Institute
Cyber Strategy Institute

Written by Cyber Strategy Institute

Crypto Security Truths - Scam Hunter, ZeroTrust Endpoint Defense & writing about all things Crypto Security. Stay up-to-date on latest Threats by following us!