Boxing Clever: Uncovering a $1M Task Scam Cluster Exploiting Major Brands
Essential information
- Published
- 26/08/2025 16:14
- Modified
- 26/08/2025 19:09
- Tags
- 2025-08-26 brand impersonation cryptocurrency dominet task scam
- Related entities
- 7 observables, 3 techniques (mitre), 4 others
Description
A sophisticated task scam cluster has been discovered, exploiting major brands like Delta Airlines, AMC Theatres, and Universal Studios. The scam uses API-driven templates and cryptocurrency payments, with over $1 million in attributable transactions. Victims are lured into 'earning' money by completing tasks such as booking flights. The scam requires initial cryptocurrency deposits to become a 'VIP' member. The infrastructure utilizes domains registered through Dominet, Alibaba Cloud's registrar, with a distinct registrant pattern. Multiple wallet addresses across different cryptocurrencies have been identified. The scam's configuration files reveal its adaptability across various brands and industries.