An extensive crypto scam affiliate program believed to be run by the Impulse Team, a Russian-language group that is notorious for running one of the largest such programs ever seen, has been exposed by researchers. More than a thousand fraudulent websites have been identified that offer similar content designed to deceive potential victims into creating a crypto account and paying upfront fees in anticipation of receiving a prize in cryptocurrency that never ultimately appears. The scam affiliate program, which has been called “Impulse Project”, was found to be a well-oiled, professional operation with some of its sites dating back to 2016. The affiliates who joined the program were provided with all the tools necessary to kickstart their own fraudulent franchise.
As per the report from Trend Micro, the fraudulent websites share similar content meant to mislead people into opening crypto accounts. Once accounts are created, fraudsters paid an upfront fee to claim a prize which promoters of the scam websites claimed would never materialize. Analysts at Trend Micro have been able to uncover the workings of the fraudulent scheme, which is intended to deceive people into investing their money into cryptocurrency accounts. The scheme is believed to have been carried out by a highly professional and mature operation known as the Impulse Project, which has been operational for a number of years.
According to the researchers, affiliates of the scam program were recruited via Russian-speaking cybercriminal forums. Those interested in becoming affiliates were asked to pay a fee to subscribe to the service, and to set up their own domain names before handing them over to the Impulse Team, who would then configure them with scripts used for CloudFlare services. The operation was reported to be highly sophisticated and designed to be difficult to detect. In addition, each affiliate was provided with their own database for their websites which meant that a single set of credentials would work on all the sites run by a given affiliate.
While the report from Trend Micro did not reveal precise details of the amount of money this scam program has generated, the researchers estimated that several thousand people had become victims of the program, making it potentially one of the largest-ever crypto scam campaigns. As a comparison, they cited OneCoin, which dates from 2014. That program is believed to have stolen over $4bn from approximately three million investors.
According to Karl Steinkamp, director of delivery transformation and automation at Coalfire, Impulse Project shows greater sophistication than OneCoin because it has been more strategic when selecting its targets. This cognitive approach proves the level of sophistication of the cybercriminals, citing their willingness to access fewer but more valuable targets among potential victims. Steinkamp added that the smaller the campaign size, the more detection it is hard to realize and the more efficient the approach is for the cybercriminals.
As Trend Micro exposed this crypto scam affiliate program, many affected people will undoubtedly be made aware of it. Affiliates such as Impulse Project could provide many people with a widely available scamming starter-pack. This demonstrates to security teams the need for awareness raising and of the importance of informing people about social-engineering techniques used by cybercriminals. Surfacing the tactics, techniques, and procedures used by fraudsters, such as Impulse Project, will aid in detection and prevention. Therefore, education and awareness around the growing issue of digital scams, similar to those highlighted by the Insight report, for example, is needed to ensure that people can identify and prevent such attacks.