The Coinpanda-eth.com Story: How a Deceptive Website Stole from Users
This report examines the recent incident involving a fraudulent website, Coinpanda-eth.com , which has been impersonating the legitimate crypto tax solution platform, Coinpanda.?
Started as the preferred cryptocurrency portfolio tracker and tax solution in Scandinavia in 2019, Coinpanda has quickly grown to be recognized as one of the most robust, advanced, and easy-to-use software solutions for crypto and Web3 tax reporting and tax compliance worldwide today. Coinpanda enables consumers and businesses to seamlessly track their cryptocurrency portfolio, investment performance, taxes, and more across 800+ exchanges, blockchains, and services.
Unfortunately, the reputation of Coinpanda has been exploited by scammers who created a fraudulent website, Coinpanda-eth.com, to deceive unsuspecting users. This website is a malicious clone designed to mimic the real Coinpanda website, luring users into believing they are engaging with a legitimate service. This fraudulent site was used to collect sensitive information and steal funds from victims.
We will delve into the background of Coinpanda, the details of the event, the investigation process, and the current status of the fraudulent activity. By understanding the mechanics and impact of this scam, we aim to shed light on the importance of vigilance and the resources available to those affected.
Investigation
The domain was registered on 13th November 2023, as per the standard DNS checker.?
Checking the transfer information involving the address 0x7ea9b0445f7faa9e4a894d4d9ec3f9357b4b11f3 , it is observed that there is only one sender who fell victim to the fraud, however, the amount stolen was still quite large
(around 20 ETH).
?This indicates that the victim might be a business house rather than an individual investor, which adds up as Coinpanda is a firm that helps with taxation on cryptos and NFTs, and their primary consumers are business houses.?
To further consolidate the identity of the victim, the inflow and outflow records of the victim's address can be checked from the Bitquery Explorer. Also, it is notable to know that the user was already using the real Coinpanda, even before the incident.
Financial Impact
Around 20.61 ETH which is around 48333.31 USD worth of funds have been stolen in the fraud. Also, it could be seen that after falling victim to the trap no transaction has been made from the victim to date, meaning the business that fell for the fraud might now be shut.
.?
The number of transactions in the scam involving the suspicious address is very less, however, each of the transactions involves a great sum of money. The inflow amount is a huge sum of 20.61 ETH received from the victim, then the amount is transferred to two addresses, a smart contract and an EOA (Externally Owned Account).?
Out of the total amount received from the scam the suspicious address transferred 20 ETH to a smart contract address (0xd90e2f925da726b50c4ed8d0fb90ad053324f31b), about which further details would be shared in the Money Trail section. The remaining amount was transferred to another EOA, the activity of which during that period could be checked via Bitquery Explorer.?
领英推荐
It was noted that the account mentioned above was used to purchase different kinds of ERC20 tokens from various DEX, such as Uniswap, as seen here.?
Current Status
As of now the clone website has been taken down and both Bitquery Explorer and query don’t show any transaction record that involved the suspicious address. The last transaction involving the account in question was on the following timestamp ( 2024-01-13 13:10:47 ).
However, the market is still full of many such unethical users, who are trying to target other users in the crypto space, thus, scams like these have become a common occurrence. Although the Coinpanda clone fraud website has been taken down, it is essential to know that thousands of such frauds are still active and a user must be aware and manage their funds responsibly.?
And, if someone finds any suspicious website or activity in the future or if someone still wants to dig further into the details of the Coinpanda fraud and trace it, then they can use the Bitquery crypto investigation service.??
Money Trail
In this section, we will discover where the stolen funds have gone from the scammer’s wallet. As discussed earlier a small chunk of the stolen funds was transferred to another wallet address, but a major portion (20 ETH or $73321.30 by current market rate) has been transferred to a smart contract address (0xd90e2f925da726b50c4ed8d0fb90ad053324f31b).?
The smart contract could possibly be a router for the Tornado Cash Exchange based on the contract’s outflow, where each and every transaction from the contract is sent to the Tornado.cash. Upon further research, it came into the light that the address in discussion is an OFAC sanctioned address, i.e, the account is probably a mixer account.
Also, double-checking the details of the transaction mentioned in the outflow of the scammer’s wallet further ensures that the money went from the address to some other address via Tornado Cash Exchange.?
Mentions of Tornado Cash in Cyvers Alerts tweet also solidify the involvement of Tornado Cash as an effort to obscure the money trail, as Tornado Cash is infamous for providing a mask to the crypto transactions and making them completely anonymous and untraceable. Thus, we can conclude that the proprietor of the fraud was most likely using Tornado cash or a mixer to hide the origin of the funds.
The Coinpanda-eth.com scam is a stark reminder of the dangers lurking in the cryptocurrency space. As the number of victims and the financial impact continues to grow, users must remain vigilant and verify the authenticity of websites and services they engage with.
The information provided in this material is published solely for educational and informational purposes. It does not constitute a legal, financial audit, accounting, or investment advice. The article's content is based on the author's own research and, understanding and reasoning. The mention of specific companies, tokens, currencies, groups, or individuals does not imply any endorsement, affiliation, or association with them and is not intended to accuse any person of any crime, violation, or misdemeanor. The reader is strongly advised to conduct their own research and consult with qualified professionals before making any investment decisions. Bitquery shall not be liable for any losses or damages arising from the use of this material.?(edited)?