A Bitcoin fraudster claims to have made 200 BTC, the equivalent of around $760,000, through dark web domain squatting.
In the cybercriminal ecosystem, this criminal activity is also known as "typosquatting." It is a known problem in the dark web world and this particular scammer alleges to have accumulated his profits over the past four years.
The Problem of Dark Web Typosquatting
A form of cybersquatting, typosquatting basically means sitting on a particular website under a brand that already exists.
These kinds of websites mostly target users who mistype their destination website address, such as mistaking faceboook.com for facebook.com.
When this happens, the users are brought to a look-alike website run by a different operator than the original.
This allows whoever is behind this spoof website to profit from the domain.
The visitors, on the other hand, are not even aware that they are visiting or making purchases on a fake site.
Digital Shadows is the company that discovered the scammer's claims.
The firm's strategy and research analyst, Harrison Van Riper, made the initial investigation into the typosquat and published his findings on March 21, 2019.
Using their investigation tool, Shadow Search, Van Riper came across a wide network of typosquat dark web domains.
According to his research, over 200,000 pages on the dark web proved to contain strings from the scam note.
This number only goes to show how significant the number of duplicated websites on the dark web is.
These copies act like mirrors to the authentic version of the sites that offer services on the dark web.
The Fraudster's Allegations
While it cannot be proven that everything the fraudster claimed is true, this can serve as a great example to be more cautious when visiting websites on the dark web.
There are multiple ways that scammers can monetize a domain through typosquatting.
However, as Digital Shadows noted that some of the websites utilized their own Bitcoin wallets to receive payments and donations, and the scammer boasted over his use of a self-made payment processor, it's likely that some purchasing was taking place.
In his public boast, the scammer revealed that more than 800 onion domains were used in order to steal from dark web visitors.
Due to their ability to find approximately 500 domains following the search of several directories, the figure did not sound too far-fetched to the Digital Shadows researchers.
The fraudster claimed to have made 200 BTC through dark web domain squatting, which is a lot of money.
This, as Van Riper said, only proves how profitable domain squatting and brand impersonation can be.
In the original message, the Bitcoin scammer admitted that he never expected his endeavor to be so successful.
Subsequently, he asked visitors of the page if they were stupid enough not to have verified the URLs of the pages they had been trying to reach.
Ending with the announcement of his retirement, the fraudster gave users a small "farewell gift" of the actual dark web URL that they had tried to visit.
The claims of the scammer remain unverified.
