Istvan Cocron
CEO and Founder of
Cyber Fraud and Financial Crime Law – a report on behalf of a client.
CLLB represents harmed victims whose funds were stolen by crypto exchanges via the “Simplyfywallets.com” app and other phishing apps.
The Resulting Situation
On Friday the 23rd of November, 2018, a CLLB client downloaded the iPhone Tether wallet app from “Simplify” which was published using the false corporate name of “Global Blockchain Mining Corp”. It turned out that the app was used as an illicit means for theft and money laundering scheme via Binance and Bittrex accounts. A total of $22,436 USDT was stolen from said client’s wallet. The laundering techniques were not particularly complicated and the funds were fairly easy to trace. In the case of
- Find the toxic wallet app listed in Apple Store here, and
- their mostly defunct website is listed here.
Warning: Researches of CLLB showed that the fictitious company Global Blockchain Mining Corp has also released iPhone wallets for Iota and Neo and claims to be in the process of releasing other wallets too. CLLB believes these are all scam wallet apps.
Our client downloaded the toxic wallet from iTunes App store on November 23rd, 2018. Private keys were given to him for the wallet (and note he lives alone and did not share this with anyone until now). The wallet has been verified as drained of all funds. The client sent a complaint email to [email protected] before the wallet was hacked that he was unable to send money using the wallet(there was no response initially). One hour later at 12:22 pm on November 25th the total amount of more than USD 22,000.00 was stolen from the wallet. Our client, the victim, took a screenshot of the phone – it showed an unauthorized transaction to an unknown wallet. Note that all the received funds were from gate.io and his attempts to send money back were only to gate.io as he was going to sell some USDT there. The client has no accounts with Bittrex or Binance. The client then immediately contacted the police and subsequently CLLB.
The Incident
Our client downloaded the toxic wallet from
One hour later at 12:22 pm on November 25th the wallet was hacked and the total amount of more than USD 22,000.00 was stolen. Our client, the victim, took a screenshot of the phone – it showed an unauthorized transaction to an unknown wallet. Note that all the received funds on the wallet came from gate.io. The client has no accounts with Bittrex or
Follow up complaints were sent to the email address above. Surprisingly the client received a response but claiming only they could have sent the money. This is almost certainly false given the previous attempts to send USDT from the app and email above claiming the send function wasn’t working as well as the other cases of fraud committed by this app (see press article below).
Evidence That iPhone App is Fraud
The following article on Market Watch was released by Global Blockchain Mining Corp (Subsidiary ofGlobal Blockchain IO) disclaiming ownership of the app and that they
Global Blockchain Mining Corp.: Cautionary Warning Regarding Suspected Phishing by Tether Wallet Application
“We are appalled to discover that our Company’s name and goodwill has been misused for fraudulent purposes, and we are actively investigating this, with the immediate priority being the removal of this application from the App Store, to ensure no additional persons are defrauded,” said Shidan Gouran, President and CEO of FORK
Money Laundering Evidence
Money laundering tends to follow certain patterns. For instance, money is often transferred between intermediate accounts in distinct increments over a short period of time to a final destination account instead of simple direct large sum transfers. As an example, $5k transfers were made between intermediate wallets and Bittrex exchange multiple times – 3 times between one wallet and another and then 3 times again from that wallet to the exchange. This implies coordination between the wallets and a desire to quickly move money but not in too high amounts or simply for obfuscation.
Figure 1 below shows the flow of laundered funds which CLLB has verified using transactions from the Omni Network. The movement of funds is illogical from an ownership perspective while the symmetry of movement between accounts strongly suggests coordination of the wallet/account owners. This all took place in under a day from 12:22 PM on November 25th to 6:58 AM on November 26th2018 looking at the time stamp of transactions. One tranche made its way to Bittrex and another to
Follow Up by CLLB
In the case of Bittrex, under US law stolen and/or laundered money is subject to seizure and return to the rightful owner regardless of the receiving account. Banks that carry laundered money can have their funds seized and forcibly returned regardless if those stolen funds still exist in the bank as the bank took the laundered money and obfuscated it with other funds. This is the risk cost of doing business with customers who were not properly vetted (“Know Your Customer”). Because Bittrex supports crypto-to-USD conversion it is effectively a bank. Because USDT (which is equivalent 1-to-1 with USD) was laundered there it means it is treated as good as cash. Therefore, the money should be returned.
In the case of Apple, a legal case has been initiated. Contacting support to ask them to remove the application has been unsuccessful and it still remains on their suggested list of Tether wallets sitting at #2. The truth is that Apple may no longer be a trusted source for mobile apps particularly regarding crypto wallets. This is somewhat of a new precedence as Apple has maintained in the past that it would always vet iPhone apps to
Other exchanges, including U.S.-based Bittrex, say they follow federal guidelines. Among other things, Bittrex says it examines where funds originated and how many intermediary wallets they passed through before arriving.
Still, the Journal found that $6.3 million in funds from apparent criminal activity flowed into Bittrex. Some of that was confiscated by law enforcement, for example in the case of a man who recently pleaded guilty to selling drugs and laundering money.”
www.wsj.com: How Dirty Money Disappears Into the Black Hole of Cryptocurrency (link)
This case marks a new precedence in crypto crime and money laundering that should warrant more scrutiny from regulatory and police authorities. The scammers and criminals are getting more aggressive with each passing year and there may be collusion that is not yet fully understood. Consumer protection is non-existent in spite of the traceability of the stolen funds. Naturally, there is a lesson here regarding the susceptibility of software wallets to phishing however we will continue to pursue the matter along with police and regulatory agencies until a full refund is given due to the bold nature of the crime and liability on the part of Apple,
Get in Contact
In case you would like to get in contact with the author and lawyer Istvan Cocron: