Bitcoin giveaway scam ‘Motherload’ steals $1M in one week

giveaway, bitcoin

A complex network of Bitcoin giveaway scams has stolen 22.95 BTC ($1 million) from crypto investors in the last six days alone.

In total, the campaign appears to have phished 175.96 BTC ($8.2 million) in just six months.

Averaged out, that means these fraudsters have earned $1.36 million in Bitcoin per month since August 2020 — when they activated the scam’s “Motherload” address.

The Bitcoin-fuelled cyberattack on Twitter just three weeks prior to the Motherload’s first transaction likely inspired this particular campaign.

  • Motherload’s biggest deposits this week were 8.35 BTC ($394,000) and 5.5 BTC ($262,000).
  • Most was phished via fake Bitcoin giveaways featuring likenesses of billionaires Chamath Palihapitiya and Elon Musk.
  • Linked addresses were first used in February, which indicates those behind the campaign are creating new scams almost daily.
One of the many giveaway scams connected to the Motherload.

The Motherload giveaway database

Protos first uncovered the Motherload last week after investigating a Twitter botnet sharing and liking links to fraudulent Chamath-themed “giveaways.”

Considering the campaign’s growing effectiveness, we’re now maintaining a database of Bitcoin addresses tied to the Motherload. 

Protos will update the searchable table below as we continue to analyze the phishing network. 

[Read more: Motherload — Bitcoin giveaway scam network steals $6M in 6 months]

Addresses labelled “suspected” have interacted with the Motherload but aren’t yet flagged by fraud trackers BitcoinAbuse.

  • More scams use Chamath than any other billionaire — by far — and they appear to be the most effective.
  • Elon Musk is still a favorite for phishers. We’ve so far connected five different ‘Musk giveaway’ domains to the Motherload.
  • Tyler and Cameron Winklevoss also feature in some, but they’re nowhere near as effective as those leveraging Chamath and Musk’s popularity.

What’s curious is the Motherload has never made a withdrawal. Instead, the fraudsters seem content to heap their stolen Bitcoin into a pile.

For what it’s worth, we determined the Motherload’s first transactions came from the inexplicably-headquartered crypto exchange HitBTC.

This might provide a clue as to where the stolen Bitcoin might end up when it’s time to cash out.

Bitcoin holders are falling victim to this particular giveaway scam every day, and the only way to combat the campaign is by raising awareness.

So, it’s important to share this analysis as widely as possible.

BitcoinAbuse is filling up with reports from the Motherload’s victims.

Was this article interesting? Share it