Sophos uncovers liquidity mining cryptocrime

Scammers use direct or private messages to start a conversation on cryptocurrency that would eventually lead to lost investments. This is one of the findings of cybersecurity solutions firm Sophos in its research about “Liquidity Mining Scams Add Another Layer to Cryptocurrency Crime.”

Sophos conducted research to uncover the techniques of scammers who are riding on the popularity of cryptocurrency. The research found that “the complexity of cryptocurrency and decentralized finance (DeFi), which are the foundations of liquidity mining, create the ideal environment for criminals to camouflage and carry out their malicious intentions easily.”

Scammers relentlessly send direct messages via Twitter, What’s App, Telegram, and other social networking platforms to start conversations about liquidity mining. As soon as they start to gain the victims’ trust, scammers will escalate the swindle.

Sophos unveils cloud workload protection updates
Sophos uncovers Squirrelwaffle malware, financial fraud attacks

“The strategies behind the investments themselves are complex, and there’s no regulation beyond the ‘smart contract’ code embedded in the DeFi network’s blockchain — code that many people can’t easily interpret even when it’s publicly published,” said Sean Gallagher, senior threat researcher at Sophos.

Liquidity mining

Sophos explained that legitimate liquidity mining makes it possible for DeFi networks to automatically process trades using digital currency such as Ethereum, the preferred cryptocurrency for liquidity mining. Smart contracts built into the DeFi network must rapidly determine the relative value of the currencies being exchanged and execute the trade. Since there is no centralized pool of cryptocurrency for these distributed exchanges to pull from to complete trades, they rely on crowdsourcing to provide the pool of cryptocurrency capital required to complete a trade — a liquidity pool.

“The mechanics of liquidity mining in its legitimate form provide the perfect cover for old-fashioned swindles re-minted for the cryptocurrency age,” said Gallagher. “Criminal liquidity mining schemes, like traditional Ponzi schemes, give targets the illusion that they can pull their money out at any time — even allowing them to make withdrawals early on.”

Ethereum and Tether

To create the liquidity pool, which handles transactions between a single pair of cryptocurrencies, such as Ethereum and Tether, investors commit equal values of both cryptocurrencies to the pool. In exchange for lending that cryptocurrency to the pool, the investors get a reward based on a percentage of the trading fees associated with the DeFi protocol.

Investors also receive liquidity pool tokens (LP tokens) — a representation of their share of the pool. These tokens can be “staked,” or linked back to the exchange, further committing the original contribution, and earning the investor dividends in the form of another cryptocurrency associated with the DeFi project. The value of these reward tokens can vary widely.

“Scammers will continuously urge targets to keep investing and to ‘invest big’ by obscuring what’s really happening with fake applications, phony profit reports, and the promise of lucrative payouts,” Gallagher said. “In reality, scammers have gained control of their targets’ cryptocurrency wallets and are withdrawing currency whenever they want. Gradually, scammers empty the wallets, all while continuing to assure targets that everything is fine, and finally cut off communications.”