$1 million stolen by scammers promoting fake $SpaceX coin “created” by Elon Musk

by | June 30, 2021 | Cybersecurity News

Lately, YouTube fans have been swindled out of almost $1 million thanks to a convincing fake SpaceX crypto-coin campaign through a popular decentralized finance protocol called Uniswap.

Who started the fake SpaceX coins ads?

This year in early May, many scammers compromised Twitter and YouTube accounts to promote a series of cryptocurrency scams ahead of SpaceX and Tesla founder Elon Musk. As a result, they manage to steal over $10 million in Bitcoin, Ethereum, and Doge tokens. The most successful scams were promoted on YouTube, resulting in a theft of over $9 million.

Since the end of May, scammers have advertised fake SpaceX coins claimed to be created by Elon Musk. In addition, the attackers bought advertising space on YouTube cryptocurrency videos, stealing more than $430.000 in cryptocurrency from unsuspecting users.

How did the ad appear so convincing?

The advertisements were three to five minutes long and featured a template that shows a falsified tweet at the top from Elon Musk, claiming that he’s launching his own cryptocurrency called $SpaceX.

Fake SpaceX cryptocurrency tweet.
The fake SpaceX template used by scammers

In the same advertisement, appears a description section with the Tesla logo. The description said that “Elon Musk is launching his own cryptocurrency, $SpaceX.” The scam advertisement claims that the coin’s purpose is to “take everyone to mars and make human life possible there.” To spice everything up, the ads note that for each transaction involving the SpaceX coin, a donation will be made “towards space-research companies” to “help Elon’s mission.”

Meanwhile. a video plays random clips of Musk interviews, including one for the Computer History Museum and KQED’s “Revolutionaries” from 2013.

Although it’s quite easy to notice that the ads were hosted on compromised YouTube accounts when the ad appears, the user’s name associated with the advertisement is visible.

Furthermore, when you click the user’s profile, you can see it joined YouTube in August 2011. Also, there are no other videos associated with the account, except for the one used in the scam advertisement.

A screenshot of the fake SpaceX ad that ran on YouTube
A screenshot of the fake SpaceX ad that ran on YouTube

According to Tenable’s research, the websites included step-by-step directions on installing the browser-based cryptocurrency wallet called MetaMask on their devices. The pushed version of MetaMask is a legitimate application/browser extension used by millions of coin lovers and is unlikely to attract victims’ attention. The next step is to guide victims to use a custom Uniswap link that allows them to import SpaceX coins. Therefore, UniSwap is a DEX (decentralized exchange) in the world of Defi (decentralized finance).

By being a Defi protocol, Uniswap allows cryptocurrency holders to exchange tokens on the platform without a centralized entity being involved. Therefore, the lack of a central authority is one of the reasons why these scams are successful.

However, SpaceX coins don’t actually exist as a real currency; Uniswap doesn’t block the transaction. Instead, it surfaces a warning that the supposed SpaceX currency does not appear on the active token list(s) and tells the user to make sure that “this is the token that you want to trade.”

The walkthrough also contains several screenshots on how users can swap their Ethereum token in exchange for the “so-called” SpaceX coin. Besides that, it includes guidance on how to ensure the coins are visible in the MetaMask wallet.

How did users end up with worthless tokens?

Typical cryptocurrency scams ask users to send cryptocurrency to a specific address to “double” their money, which actually never happens. This scam, however, is actually quite evil. It creates a sense of legitimacy by using a DEX platform like Uniswap, an actual token smart contract, and the visual confirmation of tokens appearing in the user’s MetaMask wallet.

To list and facilitate trading the fake SpaceX coin on Uniswap, the scammers have to provide some liquidity. According to the study made by Tenable, scammers provided total liquidity of 60 Ethereum coins (20 for each contract) at a combined value of $146,300.44.

As users purchase the coins on Uniswap, they add to the liquidity of the SpaceX contract. However, at some point, the scammers will remove the liquidity from the contract, making the coins worthless by “pulling the rug”( malicious maneuver in the cryptocurrency industry where crypto developers abandon a project and run away with investors’ funds).

Recently, a user that purchased SpaceX coins posted on the Uniswap subreddit saying he wasn’t able to swap their coins back to Ethereum. This concept is known as honey potting in the cryptocurrency space.

In this context, it means that unsuspecting users are drawn into investing in this fake SpaceX coin, but the contract created by the scammers was designed to prevent users from being able to change their coins back to Ethereum. Only the creator is capable of moving funds out of the contract.

Users complain of the SpaceX scam on Reddit
Users complain of the SpaceX scam on Reddit

Why did the campaign stand out?

This one campaign stands out because it didn’t rely on promotion through Telegram channels or social media but through YouTube. It did so by using the existing infrastructure of YouTube ads to identify their target demographic of cryptocurrency enthusiasts and get their ads in front of thousands of viewers.

How to protect yourself from fraudulent coins?

  • Remember to Do Your Own Research (DYOR)– potential investors need to do their own research before investing in any asset, especially cryptocurrency.
  • Be aware of cautionary signs when using a DEX– the fact that Uniswap displays a warning about the token not appearing on the active token list or that it adds a banner of “unknown source” when displaying the address of the contract should be seen as a red flag for potential investors.
  • Be aware of fake coins for real projects-Look for official announcements from the creators of these projects.
  • Stay away if having the slightest doubt-it’s better to miss out on a potential opportunity than to find yourself holding onto worthless tokens in your wallet.

Attribution:

Feature Image: Photo by SpaceX on Unsplash

by ATTACK Simulator

April 2021 Release
April 2021 Release

Our latest release comes packed with amazing features, like SMiShing simulations, Sender Identity and many more.

There’s no reason to postpone training your employees

Get a quote based on your organization’s needs and start building a strong cyber security infrastructure today.