An investigation by a teen has exposed a network of over 1,200 fake gaming sites. [Image: Shutterstock.com]
Network exposed online
A former longtime computer security reporter for The Washington Post has revealed that an investigation by a teen has exposed a network of over 1,200 fake gaming sites.
On Wednesday, Brian Krebs revealed the mass scam via his website Krebsonsecurity after a 17-year-old developer and web designer, going only by Thereallo, approached the investigative journalist with their findings.
scam using Discord and other social media channels
Krebs confirmed Threallo had uncovered a scam using Discord and other social media channels to promote a network of over 1,200 fake gaming sites with “a single backend powering all domains.”
The fake sites post ads offering a $2,500 bonus at a crypto casino, but lure users to make a verification deposit of $100 in crypto to access the bonus.
To pass off as genuine, licensed gaming sites, the scammers used unlicensed ads that look like they are from online influencers, including MrBeast.
Slick games
According to Thereallo’s blog post on cracking the network, the promo images always followed the same modus operandi. Namely, a “carefully faked screenshot of a tweet from a big name like MrBeast or Elon Musk” endorsing a crypto casino and the free bonus.
Krebs’ article on the expose stated that “extremely polished video games” like B-Ball Blitz, in which you play as a pro basketball player and bet on your ability to sink free throws, allow users to rack up winnings. Users trying to cash out, however, are scammed by being asked to register for $100.
Those who pay the fees or believe they’ve won will never, according to Krebs, “ever see their money again.”
Thereallo runs multiple Discord servers that he set to search deeper after users of the social media platform started complaining of being drowned in misleading spam messages advertising the sites.
bigger than anything I could handle alone”
The young web developer stated: “I knew this was bigger than anything I could handle alone. This wasn’t just a scam, but an entire infrastructure. I probably uncovered a massive, organized criminal enterprise.”
That was the point Thereallo compiled screenshots and technical detail of the scale of the scam in a report he then sent to Krebs. Thereallo added that Krebs used his own resources to “validate my findings” and expose the true scale of the scam.
Pig butchering casino style
In his summary of the fake sites, Krebs stated the strategy borrows from “the playbook of ‘pig butchering’ schemes.”
These schemes, championed by the scam compounds of Southeast Asia, are a far more elaborate and dangerous crime in which people are scammed into involuntarily working for the crime network and used to scam other people online via romance or crypto investment ruses.
Krebs states that the MrBeast-like pig butchering scheme steals far less money from victims, but that their wide approach “may enable their operators to extract payments from a large number of people in far less time,” complete with considerably less financial outlay and risk.
Silent Push’s Senior Tech Researcher Zach Edwards, meanwhile, said the scam exposed “a very odd type of pig butchering network and not like what we typically see, with much lower investments in the sites and lures.”
figure out who’s throwing rocks and go take their rocks away”
Thereallo ended his blog by saying that cracking the network: “proved that sometimes, the best way to protect your community isn’t to just build higher walls. It’s to figure out who’s throwing rocks, and go take their rocks away.”
(Except for the headline, this story has not been edited by PostX News and is published from a syndicated feed.)
