Scammers Appeared On The Network Posing As Bitmain Sales Staff

Against the backdrop of a shortage of ASIC miners on the network, a fraudulent scheme has spread, targeting customers of Bitmain’s Bitcoin mining devices. This was reported by experts from Kaspersky Lab.

Attackers send e-mails to potential victims informing them that they are allegedly mentioned in a Google Docs file by a user under the pseudonym BitmainTech. Posing as employees of the sales department, the scammers announce the start of a limited pre-order for Antminer S19j equipment.

Data: kaspersky.com.

To dull the vigilance of users, the @docs (.) Google (.) Com domain is used to send emails.

The message also contains a Google Docs file with an active link that leads through a chain of redirects to the site bitmain (.) Sa (.) Com, registered in March 2021, which is a clone of the legitimate site bitmain (.) Com.

Data: kaspersky.com.

When you go to the site, the Antminer S19j ASIC miner at a price of $ 5017 is immediately sent to the buyer’s basket. Then the user is prompted to log in or register. Kaspersky Lab experts did not rule out that in this way the attackers create a database of addresses and passwords in order to further hack accounts.

At the next stage, the victim is asked to indicate the delivery address (presumably for the further sale of data) and the method of payment in cryptocurrency – Bitcoin, Bitcoin Cash, Ethereum or Litecoin.

After that, cybercriminals provide the data of their crypto wallet and warn about the need to complete the transaction within two hours, otherwise the order will be canceled.

As soon as the user completes the payment, the order data disappears from the personal account, and the buttons on the site become inactive.

Kaspersky Lab advises to always check the address bar when going to sites and to trust only the information posted on the official brand page.