Cybercriminals have set up fake websites, supposedly selling initial access to victim devices, to cash in other beginner crooks.
At least 20 fake initial access marketplaces were set up to lure money out of users flirting with the idea of joining the cyber underground, researchers at cybersecurity firm Sophos revealed.
Sophos’ team came across this revelation after stumbling upon a clearnet site named Genesis Market that looked nothing like the original website.
Genesis Market is a go-to underground market for easy access to other people’s data, such as credentials, web platform vulnerabilities, cookies, and other information hackers could use to carry out an attack.
Researchers soon noticed that the fake website demands users pay a $100 deposit to create an account, while the original site is invitation-only.
Following the crumbs crooks left behind, Sophos researchers found other lookalike websites that operate similarly. All fake websites imitate existing or defunct criminal marketplaces and ask for an activation deposit of $100.
“All in all, we found twenty sites, registered between August 2021 and June 2022, which we assess with high confidence are operated by the same individual or group,” researchers said.
The scam appears to have been quite successful. Crypto coin addresses the scam operator left pro paying the deposit netted over $132,000. The operator withdrew the majority of the funds.
Researchers believe they even found the culprit behind the scam. A user on criminal marketplace Dread, going by the nickname of waltcranston. The name is likely a play on the lead character in the Breaking Bad series, Walter White, portrayed by Bryan Cranston.
“waltcranston is a self-proclaimed methamphetamine dealer on both Dread and other marketplaces such as Alphabay. By their own admission they’re based in the US,” researchers said.
However, the Sophos team added that most of the evidence is circumstantial, and there’s no definite way to say that the person behind the nickname operates all fake websites.
Recently, Sophos have noticed another instance of scammers scamming scammers, with threat actors losing at least $2.5 million to each other.
More from Cybernews:
Subscribe to our newsletter