InfoNesia.xyz – The blockchain security company, CertiK, has discovered a new scam strategy employed by cryptocurrency fraudsters as the sector continues to develop its fraud detection tools. The blockchain security company found that cryptocurrency scammers could access a “cheap and easy” black market of people willing to put their name and face on fictitious projects — all for the low price of $8.
CertiK: The “Professional KYC actors” trick projects into hacks
These people, who CertiK refers to as “Professional KYC actors,” would occasionally voluntarily accept the position of the verified face of a cryptocurrency project to win over the community’s trust before an “insider hack or exit scam.” These KYC actors can also create bank or exchange accounts for bad guys using their identities.
In a blog post published on November 17, CertiK analysts claimed that they had discovered over 20 underground marketplaces where KYC actors could be hired for as little as $8 to complete straightforward “gigs,” such as meeting the KYC requirements “to open a bank or exchange account from a developing country.”
More expensive tasks have the KYC actor placing their name and face on a phony enterprise. According to CertiK, most performers appear to be being taken advantage of because they are headquartered in underdeveloped nations “with an above-average concentration in South-East Asia” and receive salaries of $20 to $30 for each job.
Furthermore, if the KYC actors are citizens of nations with minimal money laundering risks, more demanding criteria or verification procedures could command an even higher asking price.
According to CertiK, the market for KYC actor jobs was “small” compared to the demand for previously KYCed bank and cryptocurrency exchange accounts. However, certain positions are paid up to $500 per week if an actor assumes the part of CEO for a malicious enterprise.
Lack of equipment and expertise by firm teams leads to hacks.
“Over 40 websites purport to assess cryptocurrency projects and provide KYC badges, “according to CertiK,” but the services are worthless because they are too shallow to identify fraud or just too amateur to uncover insider threats.”