Between February 16 and February 18, Group-IB experts identified 36 fake YouTube posts dedicated to investing in cryptocurrencies. They brought in more than $ 1.6 million to the scammers.

The attackers edited videos from the old conversations of famous representatives of the cryptocurrency community and entrepreneurs. More often than others, images of Vitalik Buterin, Elon Musk, Brad Garlinghouse, Michael Saylor, Changpeng Zhao and Cathy Wood were used.

The fake broadcast with Buterin attracted more than 165,000 viewers. On average, the audience for such a stream is 3,000 to 18,000 people. At the time of publication, users were offered to transfer cryptocurrencies to the specified wallet and allegedly receive back in double volume.

In total, cheated viewers made 281 transactions worth over $1.68 million (at the February exchange rate). The most popular among scammers turned out to be Ethereum – $933,963.

To get an “additional bonus,” the attackers offered the investor to provide the seed phrase of their crypto wallet. If the victim agreed, the scammers withdrew all funds on them.

Group-IB has also identified YouTube streams targeting NFT buyers. The video’s description contained a link to a phishing site where customers were promised a token in exchange for a password and wallet core.

For three months, experts registered more than 580 domain names associated with fraudulent distributions. That’s three times more than the entire previous year.

Most of the domains included in the publications appeared through the Russian registrar Reg.ru from February 13. At the same time, several resources are saved for one person.

Group-IB experts recommend that you always check the information on investment conditions and under no circumstances disclose the wallet’s seed statement to third parties.

Recall that at the end of October 2021, Google blocked large-scale attacks of YouTube channels for bitcoin fraud.