Since launching its operation in 2018, a previously unknown investment scam group named “CryptosLabs” has stolen up to 480 million euros ($505 million) from victims in France, Belgium and in Luxembourg.

According to a report by cyber-intelligence firm Group-IB, “CryptosLabs” is one of the most organized criminal groups of its kind, with kingpins, sales agents, developers and call center operators.

The criminal group uses its own scam kit to create websites that impersonate more than 40 well-known European companies engaged in financial technology, cryptocurrency and NFT investments, asset management and banking services.

Group-IB mapped the CryptosLabs network of malicious domains, reporting over 300 websites hosted on 70 servers.

These websites are used in “pig butcher” scams, tricking victims into believing they are making investment profits, extending the fraud period and potential financial gains for the scammers.

Pigs get slaughtered

The CryptosLabs investment scam targets French-speaking Internet users, luring them to the fake investment sites via malicious advertisements on Google Ads and social media platforms and posts on social media and investment sites.

Posts and advertisements promote investment opportunities that guarantee high returns with virtually no risk of losing your money.

When victims click on the ads, they are redirected to a landing page where they are asked to enter their details. Call center operators then use this information for the follow-up contact.

At this point, the call center agent provides the victim with credentials to access the fraudulent investment platform.

The 300 sites used in this scam feature different models but similar code and JavaScipt files, indicating that the same group is behind each of them.

When the victim logs in for the first time, they deposit between €200 and €300 ($315) into a virtual balance. The victim then sees his investment grow exponentially and rapidly, this increase being reflected in falsified dashboards.

The CryptosLabs scam kit, used to automate the deployment of these websites, also includes a CRM platform that allows operators to get an overview of their campaigns, view victim profiles and communicate with them via IP telephony or chat.

As the victims see a rapid increase in profits, the scammers use other social engineering tactics to trick the victim into investing even more money.

The victims (the “pigs”) continue to invest more until they realize that they cannot withdraw any funds even by paying the “release fee”, which is just a last grip. ‘silver.

This is when the scam ends, with the victim losing significant sums in the process, hence the name “Pig Butchering”.

“The Group-IB team is aware of at least 20 French victims who registered on the same trading platforms and collectively handed over €280,000 to the scammers,” comments Anthony Abihssira, IB Group Analyst.

“Based on Group-IB’s rough estimates, CryptosLabs’ all-time revenue could be as high as €480 million.”

Group-IB informed the spoofed brands of the fraudulent sites and shared its findings with law enforcement authorities in France, but the CryptosLabs campaigns are still ongoing.

To minimize the risk of losing money to investment scams, treat promises of guaranteed returns as a red flag and check the legitimacy of investment platforms before depositing money.