DOJ shuts down ‘pig butchering’ domains responsible for $10 million in victim losses

The Justice Department announced on Monday that it seized seven domain names used in so-called “pig butchering” schemes, where cybercriminals develop relationships with victims before exploiting them.

The U.S. Attorney’s Office for the Eastern District of Virginia said five total victims lost over $10 million combined from at least May to August 2022 . 

Each of the domains pretended to belong to the Singapore International Monetary Exchange. The scams involved tricking the victims into believing that web addresses or emails were associated with the exchange when in fact they were controlled by hackers. 

“The scammers — using the confidence-building techniques described above — convinced the victims that they were investing in a legitimate cryptocurrency opportunity,” the Justice Department said. 

“After the victims transferred investments into the deposit addresses that the scammers provided through the seven seized domain names, the victims’ funds were immediately transferred through numerous private wallets and swapping services in an effort to conceal the source of the funds.”

Pig butchering schemes have grown in frequency in recent years. Scammers often find their victims through dating apps, social media sites and even random texts, according to the Justice Department. 

Scammers typically begin a relationship with a victim and gain their trust before pushing them to make some sort of financial investment or hand over account details. Many times scammers push victims to invest in cryptocurrency as well. 

From there, victims are directed to scammer-controlled websites or platforms where money can be extracted. 

The FBI published an advisory in October 2022 on such schemes, and according to the Global Anti Scam Organization (GASO), the average victim loses almost $122,000. About two-thirds of victims are women ages 25 to 40, according to GASO data. 

One man lost $1 million in a pig butchering scam involving hackers pretending to be an old co-worker. 

Last month, cybersecurity firm Proofpoint said it has observed an increase in “'pig butchering' fraud that initially starts on social media websites before pivoting to other services with the ultimate objective of stealing cryptocurrency.”

“Pig Butchering fraud highlights the lengths actors will go to socially engineer a target into falling victim to crime perpetuated by large cybercrime ecosystems,” said Sherrod DeGrippo, VP of threat research and detection at Proofpoint.

“The emotional manipulation, friendly tone, and sheer duration of the pre-exploitation phase allows genuine feelings to develop, and the actor exploits that emotion for financial gain, to the loss of sometimes millions of dollars.”