scam domains privacy

SecurityTrails Blog · May 08 · SecurityTrails team

Pincoin.io: The $660 Million Scam ICO Business

Pincoin was one of the most promising Vietnamese cryptocurrencies business models for investors — up until a few days ago.

Backed by cryptocurrency company Modern Tech, it was built behind an ICO investment program, that allowed around 32k people to invest almost $660 million dollars.

Earlier investors started receiving the first earnings in cash. Then, Pincoin suddenly started to share the earnings using digital coins in iFans tokens (another social network token launched by the same company).

Once they raised around $660 million, the team disappeared from their offices, and only social networks are live right now, even their website stopped responding and is currently down.

What is an ICO?

ICO stands for Initial Coin Offering, and it's a non-standard unregulated way to raise money for the emerging cryptocurrency alternative coins.

Unlike the traditional way to raise money for any new startup, founders will not go and request money from a bank or venture company; in this case, most entrepreneurs will lose part of their company that will be falling in the hands of banks or external investors.

ICOs work differently. Instead of going to request money from a bank, they ask for money from people. This way they can still have the full ownership of the company and lose way less money than with traditional funding methods. In return, they will send you some of the new crypto-coins they created.

In order to collect funds, they will create a pretty website, along with a white paper on how everything works, social networks presence, mobile apps, and a very well executed documentation for all general users and investors. This is also what Pincoin did.

Pincoin Website

We started digging a little bit around this website, and what we could find using our cybersecurity platform.

These guys were pretty much blinded from every single point, domain names and web hosting provider.

The website right now seems to be totally down, and the preview provided by Cloudflare allow us to see some information on what the page used to look like, with main information about the project, benefit for members, along with Pin project documentation:

Pincoin documentation

This is what we found so far:

  1. The domain was registered at Godaddy.
  2. Using WHOIS guard service.
  3. It is a really new domain, only 5 months old.

Pincoin data

Current DNS records show little to no information. It's pretty clear they were using Cloudflare since the beginning to hide their tracks, as there is no historical DNS records pointing elsewhere out of the Cloudflare network. MX records also pointed to Google Apps since day one:

Pincoin data

At this point, it is possible to get more information using SecurityTrails along with other OSINT Tools, especially Spiderfoot, one of the best intel reconnaissance apps around.

What lesson did we learn today? Right now, ICOs are still a very new method to raise money, everyone wants his part, but not everyone knows the risks of this kind of investments.

Before investing in new emerging ICOs, make sure to have a background full investigation of who's behind the company, how many time they have been live, company legal background, among other things.

We all know cryptocurrencies are highly risky, they offer great rewards in short time, but we must never forget that they also carry big risks for investors.


What about you? Are you inside the cryptocurrency market? Explore your competition and other companies using SecurityTrails.

And if you are interested about getting deep information about any other IT company, grab a free API account and integrate your apps with our powerful and intelligent historical Domain, WHOIS, IP and DNS records platform.