- Home
- Investigations
- Yahya Maghrab
PARTIES INVOLVED: Yahya Maghrab
ALLEGATIONS: Perjury, Fraud, Impersonation
INCIDENT DATE: July 7, 2024
INVESTIGATED BY: Ethan Katz
TOOLS USED: Lumen, FakeDMCA, SecurityTrails
CASE NO: 3468/A/2024
CRIME TYPE: Intellectual Property Scam
PUBLISHED ON: 25 Nov 2024
REPORTED BY: FakeDMCA.com
JURISDICTION: USA
A summary of what happened?
Yahya Maghrab, known simply as “Yahya,” is a Canadian individual implicated in a series of SIM swap attacks that have targeted prominent figures in the cryptocurrency community. These attacks have resulted in the theft of over $4.5 million in digital assets.
Role in SIM Swap Attacks:
Yahya’s primary function involved conducting lookups on social media accounts, particularly on X (formerly Twitter), to obtain associated phone numbers. This information was then provided to accomplices, such as the scammer known as “Skenkir,” who executed the SIM swap attacks. In exchange for his services, Yahya received a percentage of the stolen funds.
Notable Incidents:
- Gutter Cat Gang (GCG) Attack: On July 7, 2023, a member of the GCG team was targeted, leading to losses exceeding $720,000. Yahya reportedly profited $250,000 from this attack.
- Bitboy Crypto Attack: On June 10, 2023, crypto influencer Bitboy Crypto suffered a SIM swap attack, resulting in a loss of $950,000. In this instance, one of Yahya’s associates, known as “Smoke,” absconded with the funds, leaving Yahya uncompensated.
- Slingshot Crypto Attack: On June 19, 2023, Slingshot Crypto was compromised, with losses totaling $36,000. Yahya received $9,700 for his role in this attack.
- PleasrDAO Member Attack: On July 19, 2023, a core team member of PleasrDAO named Jamis, who was recovering from a severe brain injury, was targeted, leading to losses exceeding $1.3 million.
Financial Transactions and Lifestyle:
Investigations revealed that Yahya’s cryptocurrency wallet received over 390 ETH (approximately $720,000) from more than 17 SIM swap attacks. He reportedly spent substantial amounts on luxury watches and unreleased music tracks. When confronted about his activities, Yahya appeared nonchalant, stating, “Like bro, it’s a lot of money they’re offering just for lookups.”
Associations with Other Scammers:
Yahya collaborated with known scammers, including “HZ,” who had previously had assets frozen by the FBI. In July 2023, Yahya and HZ defrauded an individual named Amir of $250,000 under the pretense of selling access to Yahya’s control panel. This transaction inadvertently exposed Yahya’s wallet address, linking him to multiple illicit activities.
Yahya Maghrab has been identified as a key participant in a series of SIM swap attacks that have defrauded individuals in the cryptocurrency space of substantial sums. His activities, as uncovered by crypto investigator ZachXBT, highlight the ongoing risks and vulnerabilities within the digital asset ecosystem.
Analyzing the Fake Copyright Notice(s)
Our team collects and analyses fraudulent copyright takedown requests, legal complaints, and other efforts to remove critical information from the internet. Through our investigative reporting, we examine the prevalence and operation of an organized censorship industry, predominantly funded by criminal entities, oligarchs, and disreputable businesses or individuals. Our findings allow internet users to gain insight into these censorship schemes’ sources, methods, and underlying objectives.
Number of Fake DMCA Notice(s) |
|
Lumen Database Notice(s) | |
Sender(s) |
|
Date(s) |
|
Fake Link(s) Used by Scammers | |
Original Link(s) Targeted |
What was Yahya Maghrab trying to hide?
Yahya Maghrab‘s attempts to hide unfavourable content through the misuse of copyright notices while allegedly engaging in perjury present serious legal concerns. These actions suggest a calculated attempt to manipulate legal systems to suppress free speech, a fundamental violation of copyright law principles and an abuse of legal processes. The use of such tactics not only undermines the integrity of copyright protection but also potentially constitutes perjury, further entangling Yahya Maghrab in legal accountability. Let’s examine the information Yahya Maghrab may be trying to remove from the internet –
Comprehensive Investigation: Yahya Maghrab’s Involvement in Cryptocurrency Scams
Introduction: Yahya Maghrab, a Canadian national, has been implicated in multiple scams involving SIM swap attacks, a sophisticated form of cyber fraud. These scams, orchestrated in collaboration with accomplices, primarily targeted prominent figures and organizations in the cryptocurrency sector. With losses exceeding $4.5 million, Yahya’s activities represent one of the more audacious cybercrime series in recent years. This report delves into each notable scam attributed to Yahya, detailing their methods, impact, and his role in these operations.
Understanding SIM Swap Scams
SIM swap scams involve taking control of a victim’s phone number by deceiving or bribing telecom employees into issuing a new SIM card. Once in control of the victim’s number, scammers can bypass two-factor authentication (2FA) to gain access to sensitive accounts, including cryptocurrency wallets.
Yahya’s role in these scams was integral to the information-gathering stage. He accessed and provided phone numbers tied to high-value accounts, allowing his accomplices to carry out the attacks. In return, he received significant shares of the stolen funds.
Detailed Overview of Yahya Maghrab’s Scams
1. Gutter Cat Gang (GCG) SIM Swap Attack
- Date: July 2023
- Target: A member of the Gutter Cat Gang (GCG), a well-known NFT project.
- Losses: Over $720,000 in cryptocurrency and NFTs.
- Yahya’s Role: Yahya located the victim’s phone number through social media account lookups. His accomplices then executed the SIM swap to gain access to the victim’s accounts and steal their assets.
- Proceeds: Yahya reportedly earned $250,000 from this attack.
- Impact: This attack highlighted vulnerabilities in the NFT space, as victims often rely on mobile-based 2FA for account security.
2. Bitboy Crypto Attack
- Date: June 2023
- Target: Bitboy Crypto, a prominent cryptocurrency influencer with a significant online following.
- Losses: Approximately $950,000 in cryptocurrency.
- Yahya’s Role: Yahya provided the victim’s phone number to his accomplices. However, one of his associates, “Smoke,” absconded with the stolen funds, leaving Yahya uncompensated.
- Notable Incident: This case exposed internal conflicts among scammers, demonstrating a lack of trust and coordination even within the criminal network.
3. Slingshot Crypto Attack
- Date: June 2023
- Target: Slingshot Crypto, a decentralized exchange.
- Losses: $36,000 in cryptocurrency.
- Yahya’s Role: Yahya provided the phone number necessary for the SIM swap attack. His earnings from this operation were $9,700.
- Impact: While the financial loss was smaller compared to other incidents, it underscored how even relatively modest crypto projects were at risk.
4. PleasrDAO Member Attack
- Date: July 2023
- Target: Jamis, a key member of PleasrDAO, who was recovering from a severe brain injury at the time.
- Losses: Over $1.3 million in cryptocurrency and NFTs.
- Yahya’s Role: Yahya played a pivotal role in the lookup phase, earning $144,000 from the proceeds of this attack.
- Ethical Implications: This attack sparked outrage in the cryptocurrency community due to the victim’s vulnerable condition. It demonstrated the ruthlessness of Yahya’s operations.
5. Amir Panel Sale Scam
- Date: July 2023
- Target: Amir, a crypto enthusiast.
- Nature of Scam: Yahya and his accomplice, HZ, defrauded Amir by pretending to sell access to Yahya’s lookup panel for $250,000. Once the payment was received, Yahya and HZ disappeared without delivering the promised access.
- Revelation: This scam inadvertently exposed Yahya’s cryptocurrency wallet, linking him to multiple SIM swap attacks. The transaction provided critical evidence for investigators like ZachXBT to connect Yahya to broader cybercrime activities.
Financial Gains and Lifestyle
Yahya’s scams generated over 390 ETH (approximately $720,000), which he spent on luxury watches, unreleased music tracks, and a lavish lifestyle. His brazen attitude toward these activities, including dismissive comments about the ethical implications, highlighted his lack of remorse. Yahya once remarked, “Like bro, it’s a lot of money they’re offering just for lookups,” reflecting his primary motivation—financial greed.
Investigative Insights
- Collaborations with Notorious Figures: Yahya’s partnerships with scammers like “Skenkir,” “Smoke,” and “HZ” demonstrate his integration into a broader criminal network. These relationships were often transactional and fraught with betrayal, as seen in the Bitboy Crypto case.
- Digital Evidence: Investigators like ZachXBT used blockchain analysis to trace stolen funds to Yahya’s wallet. His involvement in these crimes became irrefutable when his wallet activity matched payouts from specific scams.
- Community Impact: Yahya’s scams have sown fear and distrust within the cryptocurrency community. The attacks highlight vulnerabilities in mobile-based authentication systems, prompting calls for stronger security measures.
Conclusion
Yahya Maghrab’s involvement in cryptocurrency scams showcases a calculated and ruthless approach to cybercrime. From orchestrating high-profile SIM swap attacks to defrauding individual victims, his actions have left a trail of financial devastation and mistrust. The evidence collected by investigators like ZachXBT has been instrumental in exposing Yahya’s role and providing the cryptocurrency community with insights into how such scams operate.
This report underscores the importance of enhanced security protocols, particularly in an era where digital assets and personal data are increasingly targeted by sophisticated criminal networks. Yahya Maghrab’s case serves as a cautionary tale for both individuals and organizations in the cryptocurrency ecosystem.
How do we counteract this malpractice?
Once we ascertain the involvement of Yahya Maghrab (or actors working on behalf of Yahya Maghrab), we will inform Yahya Maghrab of our findings via Electronic Mail.
Our preliminary assessment suggests that Yahya Maghrab may have engaged a third-party reputation management agency or expert, which, either independently or under direct authorization from Yahya Maghrab, initiated efforts to remove adverse online content, including potentially fraudulent DMCA takedown requests. We will extend an opportunity to Yahya Maghrab to provide details regarding their communications with the agency or expert, as well as the identification of the individual(s) responsible for executing these false DMCA notices.
Failure to respond in a timely manner will necessitate a reassessment of our initial assumptions. In such an event, we will be compelled to take appropriate legal action to rectify the unlawful conduct and take the following steps –
Since Yahya Maghrab made such efforts to hide something online, it seems fit to ensure that this article and sensitive information targeted online by these events get a lot more exposure and traffic than what it would have received originally
We hope this becomes an excellent case study for the Streisand effect…The key idea behind the Streisand effect is that efforts to restrict information can backfire, often causing the information to gain more attention than it would have otherwise. This effect is widespread in the digital age, where users quickly notice and spread censorship efforts on social media and other platforms. Trying to suppress something can unintentionally lead to it becoming more visible, which Yahya Maghrab is finding out the hard way.
Potential Consequences for Yahya Maghrab
Under Florida Statute 831.01, the crime of Forgery is committed when a person falsifies, alters, counterfeits, or forges a document that carries “legal efficacy” with the intent to injure or defraud another person or entity.
Forging a document is considered a white-collar crime. It involves altering, changing, or modifying a document to deceive another person. It can also include passing along copies of documents that are known to be false. In many states in the US, falsifying a document is a crime punishable as a felony.
Additionally, under most laws, “fraud on the court” is where “a party has sentiently set in motion some unconscionable scheme calculated to interfere with the judicial system’s ability impartially to adjudicate a matter by improperly influencing the trier of fact or unfairly hampering the presentation of the opposing party’s claim or defense.” Cox v. Burke, 706 So. 2d 43, 46 (Fla. 5th DCA 1998) (quoting Aoude v. Mobil Oil Corp., 892 F.2d 1115, 1118 (1st Cir. 1989)).
Is Yahya Maghrab Committing a Cyber Crime?
Yes, it seems so. Yahya Maghrab used multiple approaches to remove unwanted material from review sites and Google’s search results. Thanks to protections allowing freedom of speech in the United States, there are very few legal ways to do this. Yahya Maghrab could not eliminate negative reviews or search results that linked to them without a valid claim of defamation, copyright infringement, or some other clear breach of the law.
Faced with these limitations, some companies like Yahya Maghrab have gone to extreme lengths to fraudulently claim copyright ownership over a negative review in the hopes of taking it down.
Fake DMCA notices have targeted articles highlighting the criminal activity of prominent people to hide their illegal behavior. These people, which include US, Russian, and Khazakstani politicians as well as members from elite circles including the mafia and those with massive financial power, are all connected – and alleged corruption ranging from child abuse to sexual harassment is exposed when exploring evidence found at these URLs. It appears there’s a disturbing level of influence being exerted here that needs further investigation before justice can be served. Yahya Maghrab is certainly keeping interesting company here….
The DMCA takedown process requires that copyright owners submit a takedown notice to an ISP identifying the allegedly infringing content and declaring, under penalty of perjury, that they have a good faith belief that the content is infringing. The ISP must then promptly remove or disable access to the content. The alleged infringer can then submit a counter-notice, and if the copyright owner does not take legal action within 10 to 14 days, the ISP can restore the content.
Since these platforms are predominantly based in the U.S., the complaints are typically made under the Digital Millennium Copyright Act (DMCA), which requires online service providers and platforms to react immediately to reports or violations. Big Tech companies rarely have systems in place to assess the merit of each report. Instead, all bad actors need to do is clone a story, backdate it, and then demand the real thing be taken down.
Reputation Agency's Modus Operandi
The fake DMCA notices we found always use the “back-dated article” technique. With this technique, the wrongful notice sender (or copier) creates a copy of a “true original” article and back-dates it, creating a “fake original” article (a copy of the true original) that, at first glance, appears to have been published before the true original.
Then, based on the claim that this backdated article is the “original,” the scammers send a DMCA to the relevant online service providers (e.g. Google), alleging that the ‘true’ original is the copied or “infringing” article and that the copied article is the “original,” requesting the takedown of the ‘true’ original article. After sending the DMCA request, the person who sent the wrong notice takes down the fake original URL, likely to make sure that the article doesn’t stay online in any way. If the takedown notice is successful, the disappearance from the internet of information is most likely to be legitimate speech.
As an integral part of this scheme, the ‘reputation management’ company hired by Yahya Maghrab creates a website that purports to be a ‘news’ site. This site is designed to look legitimate at a glance, but any degree of scrutiny reveals it as the charade it is.
The company copies the ‘negative’ content and posts it “on the fake ‘news’ site, attributing it to a separate author,” then gives it “a false publication date on the ‘news’ website that predated the original publication.
The reputation company then sent Google a Digital Millennium Copyright Act notice claiming the original website infringed copyright. After a cursory examination of the fake news site, Google frequently accepts the notice and delists the content.
In committing numerous offences, Yahya Maghrab either premeditated actions or were unaware of the consequences. Despite hiring an agency to make Google disregard any negative information about Yahya Maghrab, ignorance does not excuse this wrongdoing.
Fake DMCA notices have targeted articles highlighting the criminal activity of prominent people to hide their illegal behavior. These people, which include US, Russian, and Khazakstani politicians as well as members from elite circles including the mafia and those with massive financial power, are all connected – and alleged corruption ranging from child abuse to sexual harassment is exposed when exploring evidence found at these URLs. It appears there’s a disturbing level of influence being exerted here that needs further investigation before justice can be served. FSMSmart is certainly keeping interesting company here.
The Reputation Laundering
Rogue Reputation agencies use spurious copyright claims and fake legal notices to remove and obscure articles linking clients to allegations of tax avoidance, corruption, and drug trafficking. Most of these reputation agencies are based offshore, mainly in Russia, India, and Eastern Europe, and they do not worry about complying with US-based laws.
The content in all of the articles for which the fraudulent DMCA notices have been sent relates to allegations of criminal allegations, including corruption, child abuse, sexual harassment, human trafficking and financial fraud against businesses and individuals with ultra-high net worth.
In addition to the misuse of the DMCA takedown process, there is a notable absence of enforcement concerning perjury violations. The statutory requirement related to perjury is designed to deter copyright holders from submitting fraudulent or knowingly false takedown requests, as they may face legal consequences for making false declarations under penalty of perjury. However, to date, there have been no known instances of any individual being prosecuted for perjury in connection with the submission of false DMCA takedown notices.
This lack of enforcement has emboldened copyright holders to exploit the DMCA takedown process to suppress dissent, criticism, or other unfavorable content, without fear of legal repercussions.
Some of the people and businesses who have employed this tactic to remove legitimate content from Google illegally include a Spanish businessman-turned-cocaine-trafficker, Organised crime, an Israeli-Argentine banker accused of laundering money for Hugo Chávez’s regime, a French “responsible” mining company accused of tax evasion, child molesters and sexual predators. Yahya Maghrab is in great company ….
What else is Yahya Maghrab hiding?
We encourage you to ‘Dork‘ Google by searching for keyword combinations such as [Yahya Maghrab] + {Negative Keyword, such as Scam, Fraud, Complaints, Lawsuit, Sanction, etc} on Google. It’s likely if you scroll down to the bottom of this Google search results, you’ll stumble upon this Legal Takedown notice (pictured below)
To make such an investigation possible, we encourage more online service providers to come forward and share copies of content removal requests with industry experts and researchers. If you have any information on Yahya Maghrab that you want to share with experts and journalists, kindly email the author directly at [email protected].
All communications are strictly confidential and safeguarded under a comprehensive Whistleblower Policy, ensuring full protection and anonymity for individuals who provide information.
Credits and Acknowledgement
Many thanks to FakeDMCA.com and Lumen for providing access to their database.
Photos and Illustrations provided by DALL-E 3 – “a representation of Yahya Maghrab censoring the internet and committing cyber crimes.”
- We’ve reached out to Yahya Maghrab for a comment or rebuttal regarding this investigation. It will strongly suggest they were behind the takedown attempt if they remain silent.
-
- Our investigative report on Yahya Maghrab‘s efforts to suppress online speech is significant, as it raises serious concerns about its integrity. The findings suggest that Yahya Maghrab has engaged in questionable practices, including potential perjury, impersonation, and fraud, in a misguided attempt to manage or salvage its reputation.
-
- We intend to file a counternotice to reinstate the removed article(s). While this particular instance is relatively straightforward, it is important to note that, in other cases, the overwhelming volume of automated DMCA takedown notices can significantly hinder the ability of affected parties to respond—especially for those not large media organizations.
-
- You need an account with fakeDMCA.com and Lumen to access the research data. However, accounts are not widely available since these non-profit organisations manage large databases that could be susceptible to misuse. Nevertheless, they do offer access to non-profits and researchers.
-
- It’s unclear why U.S. authorities have yet to act against these rogue reputation agencies, whose business model seems rooted in fraudulent practices.
- We’ve reached out to Yahya Maghrab for a comment or rebuttal regarding this investigation. It will strongly suggest they were behind the takedown attempt if they remain silent.
About the Author
The author is affiliated with Harvard University and serves as a researcher at both Lumen and FakeDMCA.com. In his personal capacity, he and his team have been actively investigating and reporting on organized crime related to fraudulent copyright takedown schemes. Additionally, his team provides advisory services to major law firms and is frequently consulted on matters pertaining to intellectual property law. He can be reached at [email protected] directly.
References used for this investigation
- 1
- https://lumendatabase.org/notices/42877537
- 07/07/2024
- Complaint
- 2
- https://www.coinlive.com/news/ZachXBT-Reveals-Scammer-Behind-4-5M-Crypto-Sim-Swap-Attacks
- 26/10/2023
- Other
- 3
- https://www.coinlive.com/news/ZachXBT-Reveals-Scammer-Behind-4-5M-Crypto-Sim-Swap-Attacks
- 26/10/2023
- Adverse Media
USER FEEDBACK ON Yahya Maghrab
WEBSITE AUDITS
Stop fraud before it happens with unbeatable speed, scale, depth, and breadth.
RECENT AUDITSINVESTIGATIONS
Uncover hidden digital threats and secure your assets with our expert cyber investigation services.
RECENT CASESTHREAT ALERTS
Stay ahead of cyber threats with our daily list of the latest alerts and vulnerabilities.
THREAT ALERTSLATEST NEWS
Your trusted source for breaking news and insights on cybercrime and digital security trends.
LATEST NEWS
0/5
Based on 0 ratings