3r33180. 3r3-31. There are scammers in the ICO market. With this fact it is difficult to argue. The US Securities and Exchange Commission (SEC) even launched 3r to 32r. dummy ICO 3r3144. , to show potential investors how they can be deceived and what things need to be paid attention to. There are many methods. For example, you can hack the site and change the wallet number. Or go phishing in Telegram, where almost every project has its own chats with investors. By estimated experts, in 201? hackers could steal in a similar way $ 300 million 3r31616.  3r33180. 3r3167.  3r33180. The portfolio company of FRIA Metascan, which specializes in cybersecurity, checked how protected ICO-projects from hackers, scammers and unscrupulous competitors. A total of 91 projects with Russian-speaking founders were evaluated, but Metascan will continue to explore new projects in real time. 3r3167.  3r33180. 3r3167.  3r33180. 3r314. 3r3167.  3r33180. on the website Metascan 3r3145. 3r3167.  3r33180. 3r3158. Why is bad security of ICO projects a problem? [/b] August 2018: Hackers kidnapped 3r3144. data of 26?000 users of the Atlas Quantum cryptocurrency investment platform - names, phone numbers, mail addresses, balance sheets. July 2017: CoinDash
project. not counted 3r3144. $ 7 million after the start of ICO due to the fact that hackers have replaced the number of crypto wallet on the site. August 2017: hackers made a fake newsletter on behalf of the founder of the Enigma project and collected about $ 50?000. And this is not all cases. 3r3167.  3r33180. 3r3167.  3r33180. 3r3142. Why do you need this rating? 3r3145. 3r3167.  3r33180. 3r3158. For investors 3r3159. - this is an opportunity to see how seriously the team approached their project, to assess the risks from investing in this or that ICO. As the Metascan experience shows, there is a direct correlation between the security of the project and its collections. Those projects that have large fees, conduct an audit of their sites, they have security advisors, code auditing, WAF or IPS. 3r3167.  3r33180. 3r3167.  3r33180. 3r3158. For entrepreneurs 3r3159. - This is an opportunity to see the gaps in the safety of their projects. “Project creators can fix vulnerabilities and flaws on their own or use our help. We will promptly update the rating as projects are corrected, ”said David Ordyan, founder of Metascan. 3r3167.  3r33180. 3r3167.  3r33180. 3r3158. For ecosystem. [/b] Such a rating will reduce the number of scam projects, and this, in turn, will positively affect the ICO ecosystem as a whole and the growth and value of cryptocurrencies. 3r3167.  3r33180. 3r3167.  3r33180. If you are interested in technical details of exactly how the checks were carried out, then the details are described below. And if you are too lazy to delve into the technical nuances, then send the link to your CTO. 3r3167.  3r33180. 3r3167.  3r33180. 3r3142. How was the rating made? 3r3145. 3r3167.  3r33180. Only ICO-projects with Russian-speaking founders got into the current edition of the rating. Finding project sites and their descriptions is not difficult, there are many resources with lists of upcoming or already undergoing ICOs. Projects themselves are interested in learning about them. Metascan monitors lists of ICOs constantly, about 150 new projects appear per month. 3r3167.  3r33180. 3r3167.  3r33180. 3r3158. Each project was tested on four parameters: 3r3159. 3r3167.  3r33180. 3r3167.  3r33180. 3r3158. The presence of a security adviser or your own specialist. [/b] Such information projects publish on the site and in their Whitepaper in the section on the team. 3r3167.  3r33180. 3r3167.  3r33180. 3r3158. Resistance site to DDoS-attacks. [/b] An absolute guarantee that the project site is resistant to DDoS attacks can be given only after a stress test. But for ethical reasons, such tests are never conducted without agreement. Vulnerability to DDoS-attack is detected heuristically by the presence of a sign of any protective mechanisms. Metascan checked this parameter by the presence of CDN and traffic filtering systems like Cloudflare, Qrator, Imperva. Traffic filtering can be carried out by the hosting provider, and it cannot be determined from the outside, then there may be inaccuracy at this point. If the projects have found such an inaccuracy in the rating, they can write to Metascan. 3r3167.  3r33180. 3r3167.  3r33180. 3r3158. The presence of vulnerabilities in the web application. [/b] One of the Metascan products is a vulnerability scanner. It can be used independently by any site owner at the address metascan.ru. With the help of it and scanned landing projects. True, Metascan notes that this check only reveals vulnerabilities lying on the surface. Pentest or a deeper analysis allows you to detect the full range of vulnerabilities or to ensure their absence. But a deeper audit requires coordination with resource administrators. 3r3167.  3r33180. 3r3167.  3r33180. 3r3158. The presence of fraudsters in the Telegram-chat project. [/b] How do fraudsters work? They pretend to be members of the ICO team, write private messages to investors and offer to send money to their wallet to receive tokens with a big discount. It is because they communicate with investors one-on-one-one, that there is no point in scammers blocking the general ICO chat. Losses from fraudsters are approximately 5 ETH for each day of the crowdsale. At the same time, fraudsters monitor the emergence of new ICOs and create in advance accounts simulating the accounts of the project founders and group administrators. 3r3167.  3r33180. 3r3167.  3r33180. 3r3167.  3r33180. 3r3167.  3r33180. 3r3158. What does Metascan do with such fraud? [/b] The team has developed tools and mechanics that allow you to identify such fraudsters. Metascan collects data about the used wallets, location and equipment of the attacker. After that, their accounts are permanently deleted, and the numbers are banned: Metascan is one of the few, if not the only company that provides services not only for detecting fraudulent accounts, but also for their removal from the Telegram messenger. 3r3167.  3r33180. 3r3167.  3r33180. In 3r3118. public list 3r3144. there are already 124 fraudulent cryptographic boxes, and the base of the Metascan antifraud system contains more than ?500 unique Telegram accounts used for fraud in the ICO field. 3r3167.  3r33180. 3r3167.  3r33180. Most of the intruders "live" in Nigeria, working from mobile devices. 43% of all scammers cheat investors with the iPhone, and 57% of scammers use Android phones, preferring 4 and 7 versions of this OS. 3r3167.  3r33180. 3r3167.  3r33180. 3r3158. Here is an example of a real case of struggle with Telegram-fraudsters: [/b] 3r3167.  3r33180. 3r33132. One of the clients during the marketing campaign sharply increased the scale of fraud. If, prior to its launch, we found and deleted one or two per day, then after several dozens of accounts appeared at the same time, pretending to be members of the project team in a Telegram. 3r3167.  3r33180. 3r3167.  3r33180. For each, we promptly took action, fixing the data and deleting it. It happened that the persistent fraudster registered new accounts, but after 3-5 deletions he gave up and left. In addition, there were constantly fake emails from the organizers, fake Google registration forms, and phishing ads. Around the clock, we were engaged in responding and removing fraudulent content. 3r3167.  3r33180. 3r3167.  3r33180. As a result, during the countering phishing company, 36 scam accounts were deleted. 3 domains are divided. 1 advertising campaign in AdWords and 2 phishing forms in Google Forms were blocked. 3r3141. 3r3142. More information about the fight against fraudsters in Telegram can be read 3r3143. in the Metascan report 3r3145. 3r3167.  3r33180. Contact Metascan:
 3r33180. +??? 1337 3r3r1616.  3r33180. [email protected]
 3r33180. @david_ordyan (Telegram)
 3r33180. 3r3167.  3r33180. 3r3158. Example correspondence with fraudsters: [/b] 3r3167.  3r33180. 3r3167.  3r33180. 3r3164. 3r3167.  3r33180. 3r3167.  3r33180. 3r3176. 3r33180. 3r33180. 3r3173. ! function (e) {function t (t, n) {if (! (n in e)) {for (var r, a = e.document, i = a.scripts, o = i.length; o-- ;) if (-1! == i[o].src.indexOf (t)) {r = i[o]; break} if (! r) {r = a.createElement ("script"), r.type = "text /jаvascript", r.async =! ? r.defer =! ? r.src = t, r.charset = "UTF-8"; var d = function () {var e = a.getElementsByTagName ("script")[0]; e.parentNode.insertBefore (r, e)}; "[object Opera]" == e.opera? a.addEventListener? a.addEventListener ("DOMContentLoaded", d,! 1): e.attachEvent ("onload", d ): d ()}}} t ("//mediator.mail.ru/script/2820404/"""_mediator") () (); 3r3174. 3r33180. 3r3176. 3r33180. 3r33180. 3r33180. 3r33180.