Topic: SCAM - Boomchange.com / Boomchange.io / Boomchange.net - Fake Crypto Exchanges (Read 702 times)

The operator of "Boomchange.com", who also goes by the pseudonym "Jerayer" in the BitcoinTalk forum, has recently created a new GitHub account under the name "Boomchange" (https://github.com/Boomchange - Archive: https://archive.is/ba9Zr).

He is attempting to have his crypto phishing website unblocked from phishing detection platforms like MetaMask (https://github.com/MetaMask/eth-phishing-detect/issues/21455 - Archive: https://web.archive.org/web/20240220000527/https://github.com/MetaMask/eth-phishing-detect/issues/21455), but has been unsuccessful so far.

It is alarming to see the lengths to which scammers go these days. Despite this, he is unable to provide satisfactory answers to the concerns raised. Hilarious.

It seems like "Jerayer", the operator of Boomchange, has become very silent for over a month already when I clearly pointed out indicators and evidence that "Boomchange.com" and "Boomchange.io" are scam fake crypto exchanges.
There has been no explanation or response from Jerayer regarding these points.

Meanwhile, the operator of Boomchange, known as "Jerayer" on BitcoinTalk, has changed the Bitcoin deposit address on the phishing website "Boomchange.com" to "bc1qv4rnhlx4fr9zn2cdklawjx429wr9nqhf7yf9uv" (https://archive.is/BAtoR) and the Ethereum deposit address to "0x4d070f2380F60764E0f48725be03850afA3C0Ee2" (https://archive.is/TKVsD). This is an attempt to hide traces of scam reports, making it difficult for potential victims to research the addresses.
However, I will continue to expose and follow this case to protect people and reveal the fraudster.

The scam platform "Boomchange" presents risks to users which I have pointed out, as it can be malicious and worth noticing due to its allowance of direct URL access to specific pages, potentially bypassing security measures and checks; this makes users vulnerable to attacks and manipulation of content and parameters, leading to unintended actions and deceptive transactions.
Additionally, the scam site of Boomchange lacks proper context, increasing the risk of uninformed decisions and falling victim to this crypto scam website.
One should not forget about the other circumstances surrounding "Boomchange" and the additional evidence that collectively paints a clear picture of this fraud.
The information mentioned earlier is just one piece of the puzzle among many others, which I will address here.


I mentioned the cryptocurrency addresses associated with "Boomchange" in order to keep a record and potentially assist innocent victims of the scam in gathering more information. This, in turn, would make it easier for them to take legal action against this fraudulent activity by utilizing the information I have provided. I believe this should be self-evident to clear-thinking individuals.


"Registered On:" simply indicates the first registration of the domain, nothing more.
After your previous domain registrar suspended "Boomchange.com" you purchased another domain called "Boomchange.io" to continue running your fraudulent cryptocurrency exchange platform.
Once "Boomchange.com" domain expired on the previous registrar, you reacquired it through another registrar called NICENIC, which is known for engaging in malicious activities and inaction. (You can read about this on the fraud reports page: https://fraud-reports.fandom.com/wiki/NICENIC).
Subsequently, after the expiration of "Boomchange.com" on the previous domain registrar, you repurchased it when it became available on the NICENIC domain registrar. As of 1/5/2024, your original phishing domain, "Boomchange.com", is still active and you have set up a redirection from "Boomchange.io" to it.
This is a common tactic employed by cybercriminals when their websites are suspended, as was the case with you and Boomchange, which is why there are currently two domains associated with this scam platform.


I contradicted and explained your "3 examples" very clearly, demonstrating that any clear-thinking person with sense knows what is going on here. Your social engineering methods are futile. As I expose crypto scam platforms like "Boomchange", your inexplicable attempt to protect it, coupled with contradictory statements, proves that you are the real scammer with malicious intent. Also, you didn't address the other serious points that I pointed out previously, possibly because there is no answer for them - right? It's amusing to hear that those who expose scams are somehow the ones with malicious intent.
This is the first time I've come across such an nonsense.

Also, you have contradicted yourself in a reply on another thread, which significantly undermines your reliability and credibility, as there are clear indicators of lying and fabricating claims. This can be seen here: https://bitcointalksearch.org/topic/m.63449564


In this thread, the main focus revolves around the ongoing "Boomchange" fraud.
Moreover, you have failed to contradict any of the numerous evidential points I have presented. Here are some specific questions that need addressing:

1. Can you provide the official license from entities like FinCEN or MSB for "Boomchange.com" and "Boomchange.io" to operate as a cryptocurrency exchange?

2. What is the physical office or headquarters address of "Boomchange"?

3. Why is "Boomchange" blocked and flagged as a phishing website by extensions like MetaMask?

4. Is "Boomchange" compliant with anti-money laundering (AML) regulations, as required by law? If so, can you provide proof of this compliance?

5. Is there any reliable official business registration for "Boomchange"? Where can it be found?

6. Why do all positive reviews on platforms like Trustpilot come from newly created accounts with only 1-2 reviews, exhibiting similar patterns? Conversely, verified negative reviews claim that you, the operator of Boomchange, flag them to make them disappear. Why did Trustpilot suspend "Boomchange.com" review page due to breaking guidelines?

7. Why does the "Terms of Use" page on "Boomchange.com" generate terms using AI that have no apparent relevance to the website? Several links, such as the refund policy, are either missing or not included. You can view an archived version of the page here: (https://web.archive.org/web/20240106020937/https://boomchange.com/terms-of-use - Date: 1/5/2024)

8. Why have previous domain registrars and server hosting companies suspended "Boomchange.com" in the past? Also, why is there a second domain, "Boomchange.io", that now redirects to "Boomchange.com" as of 1/5/2024?

9. Why and how has "Scam-Alert.io" verified "Boomchange.com" as a scam? (https://scam-alert.io/scam/bc1qgwx3z59thekwcmp92arrvf4s2yg4ystsr9k2tt)

10. In your response, you mentioned presenting evidence and proofs to counter my claims of malicious tactics employed by the scam platform "Boomchange", which you, "Jerayer", operate. However, you have failed to provide any confirmation or supporting evidence for your statements. When can we expect you to provide evidence for your false claims?


Given your extensive experience and knowledge of "Boomchange" and your role as the operator of this website, it is evident that you go to great lengths to protect the fake crypto exchange phishing website "Boomchange" across multiple platforms. Your intention is to deceive unsuspecting victims into believing its legitimacy and trick them into sending their hard-earned crypto money to you using social engineering methods like pretending to be a customer of "Boomchange", even though you are the actual operator.

With that in mind, I believe you can provide answers and explanations to the questions above.

I will now give a couple of the points that confirm that you are lying and slandering.

You wrote in the topic:


Here's an example link from another website I use:
https://changenow.io/exchange/txs/96db7247b7c6e1

This is exactly the same as link that you provided as evidence. Based on your message, it turns out that changenow.io is also a scam?

I’m simply amazed at your logic, almost all the crypto exchange websites provide links that contain a hash similar to “96db7247b7c6e1”, which makes the links unique and which cannot be thought out from the outside.

I'll continue.


You just wrote a link to the wallet on etherscan.io, so what? Is this proof? When I click on this link, I don't see anything strange. And this is the maximum of your evidence base?

I'll continue.


I checked, the domain is working fine and there is nothing in your link to whois.com regarding blocking, and it clearly says that the domain is “Registered On: 2022-03-07”. Where's the proof?

You simply slander, write links, tell lies and think that no one will follow these links and understand that you are slandering. You also didn't think that someone would click on the links, write that you were lying and expose you.

What else is there to say? I gave 3 examples from your topic, which do not represent evidence in any way. This means that you are simply using malicious intent. And this is typical for you. I am writing this because I wasted time on your message and did not find any evidence.

You were unable to counter any of the evidence I presented, which clearly shows that Boomchange is a scam and fake cryptocurrency phishing exchange website.

Instead, you are resorting to malicious tactics by attempting to promote your fraudulent website "Boomchange" through social engineering, inserting it amongst 3 real and reliable websites in a "ranking" here.

It is evident to everyone that you have not addressed any of the points I raised and have resorted to blatant and ridiculous lies.

The evidence that the website belongs to you is clear, as you openly admit to using the fraudulent website successfully for months, which is proven to be a scam and fake. The only reason for doing this is to promote your own scam and deceive more victims into sending money.

This can be seen as an example in this link: https://github.com/MetaMask/eth-phishing-detect/issues/14661#issuecomment-1877514614
In the referenced GitHub case, it is evident that despite another user on GitHub pointing out "Boomchange.com" as a scam, you persist in attempting to defend and socially engineer individuals into believing that the site is not fraudulent, despite clear evidence proving otherwise.
indicating that you have no legitimate response and are resorting to embarrassingly copying my text here on this forum.

Haha, you can’t even respond normally on the forum, you’re just copying messages from one topic to another. Websites I use:

1. https://www.bestchange.com
2. https://mycoinchange.co
3. https://changenow.io
4. https://boomchange.com
5. https://www.binance.com

All of these sites are normal websites and I have never had any problems with them. They send money normally, unlike you. Perhaps sometimes the transaction is slowly, but this is not a reason to slander them. Have you ever thought about the fact that no one except you is complaining about these websites? Of course you thought about it, and you know that you achieved nothing with your slander. If I use these websites and leave reviews, this does not mean that I manage them. You are just used to spreading lies. But I wouldn't mind having such websites. But for now I’m limiting myself to just a simple exchange. Unlike you, I do not slander anyone or spread lies.

"Jerayer", the operator of the fraudulent crypto exchange phishing platform "Boomchange", continues to harass individuals who exposed the scam, as evident in this case, while persistently defending it with fabricated and baseless claims. It is of utmost importance to promptly protect individuals from crypto scam schemes like the one operating under the name "Boomchange".

By claiming that he sees me as a competitor, he inadvertently reveals his involvement in the cybercriminal crypto fraud scam scheme, operated by Jerayer, known as "Boomchange", while I have no personal association with any phishing or scam activities, but rather specialize in exposing and reporting them.

Most scammers, like Jerayer, falsely assume that everyone is involved in scamming because they themselves partake in fraudulent activities, but it's crucial to clarify that I am not personally involved in phishing or scams; my sole focus is exposing and reporting them.

This is despite the concrete evidence proving its fraudulent nature, such as being flagged by Microsoft and MetaMask as a phishing scam, the suspension of the "Boomchange" account on Trustpilot (https://www.trustpilot.com/review/boomchange.com), and the absence of any legitimate company license or credentials for Boomchange. It is unequivocally a total scam and fake.
In addition, substantial evidence within the main post further confirms that "Boomchange" is a cryptocurrency scam and fraudulent operation.

And for what reason are you worried right now? And why is there no hard and real evidence in your post? I will answer. Because you are simply writing the unsubstantiated messages without the real evidence to make it harder for your competitors to operate their services, that's all. But as you can see, nothing works out for you once again. This is ridiculous.

Hey BitcoinTalk community,
I have updated the main post about the "Boomchange" fraud with recent updates as I frequently track these scam networks, ensuring no trace is lost within the time I can spare between my work.

I do not have any association with the links, websites, or addresses mentioned by the malicious user "icryptofbi" who claims that the OP who uncovered his crypto scam scheme is somehow associated with them.

The user known as "cryptofbi007" & "icryptofbi" has been identified as a fraudulent individual from Russia. This person has created a network composed of fake cryptocurrency QR Code generators.

His malicious and fraudulent activities were exposed in a detailed discussion found at this link: https://bitcointalksearch.org/topic/scam-fake-crypto-qr-code-generator-phishing-beware-5475430

It is similar to the case of Boomchange, where individuals attempted to divert attention from their cybercriminal endeavors. In an effort to deflect from their own actions, "cryptofbi007" or known as "icryptofbi" wrongly assumes that the websites mentioned belong to those who discovered his illicit crypto activities.

The author of this post forgot that he himself has a phishing exchange:
https://coinchangers.net/
https://www.youtube.com/@CoinChanger.

He is just taking out the competition
OP also has phishing mixers and a QR code generator:
https://cryptocurrency-qr-code.com/
https://ethereummixer.live/
https://tornado-cash.io
https://btc-laundry.org
https://bitmixing.top
https://www.cryptomixer.ltd/
https://monero-mixer.net/
https://bitcoin-blender.top/

Thanks to these two profiles of his, he bans his competitors and throws complaints against his competitors:
https://github.com/Jackofusu80
https://bitcointalksearch.org/user/bitcoadvice-3535585

He advertises his scam sites through youtube, these are his accounts that he bought:
https://www.youtube.com/@egg333/videos
https://www.youtube.com/@BitXpress/videos
https://www.youtube.com/@BlockBrainiac/videos

And these are the scam wallets of our OP Bitcoadvice:
0xF9239D94Bf8B0173F626ebEFC1aE26C735201b78 (ETH)
DSJongTtmP39kNTSbBxcz66nREDk9t1YNs (DOGE)
LYwDxxx6kzBKfhBDrnj6m284MVJ9sTpGqab (LTC)
137vnTG1cRLqyTAUaD9Fh3okwDZe54A6wd (BTC)
12abmoYHRr2tMzowTDp67v84QVeyYmSsNn (BTC)
1EixFm25Vpsno81g8thpiK4Dy1zz8XkitR (BTC)
14kL8f8NA2QoLNFqhUNjwWvs25U3kZSygT (BTC)
1JQcJ4bM22eTA5S2WoC2wNQUbs7ULJyMfC (BTC)

Update as of 11/21/2023:

The bitcoin address "1Dgc3h8caaJKEBRyrLgovwQWudxmDXmKiK" has been identified as the new deposit wallet address for victims of a scam associated with the website "Boomchange.com". This wallet address is used by scammers to receive funds from unsuspecting individuals who have fallen victim to the fraudulent activities of Boomchange.

Boomchange.com is known for its involvement in various scam operations related to cryptocurrency transactions. They falsely claim to provide reliable exchange services and promise lucrative returns. However, numerous users have reported that Boomchange engages in deceptive practices, such as manipulating exchange rates, delaying or denying withdrawals, or even stealing funds altogether. These unethical activities have resulted in significant financial losses for individuals who have trusted Boomchange with their investments.

The fraudulent operator of Boomchange always takes immediate action by manually changing the crypto addresses associated with their platform, as soon as they become aware of any reports or complaints in forums. They ensure that any crypto addresses mentioned during the time of the report are promptly replaced with new ones to hide the scam and fraud and deceive potential victims.

I clicked "I have paid" about 4 hours ago closed the tab with the last status "confirming", recently I opened the link again and it's still in the same status. It's a little creepy if someone has to wait that long to know the status of the payment.

Anyway, is there anyone's objective report with a chronology of the scam that included this crypto address prior to this post? When I google it, it only leads to this thread.

My guy, by that logic that would mean that people in this forum would've heard about this and this account wouldn't be created this month or year but last year or probably last month because you probably have encountered some problem using the site even if you're saying that the exchange is good, you catching my drift? Now I'm not inclined to believe when someone accuses someone of doing scams online unless there's damning evidence to prove that they do definitely scam people online. For your defense though, OP's word has more weight compared to yours because he's got the evidences to back it up, now it's your turn or you're one of the many accounts used by boomchange.

Nice catch OP, even if you didn't follow the typical reporting format, I'm impressed by how you organize your evidences, I'm not so sure I agree with leaking the IP address though, I'm not the authority here but I believe that's doxxing right?

🚨 Important: Scam Exchange Boomchange Bought BitcoinTalk accounts to promote their SCAM Exchange 🚨

I would like to bring your attention to a shocking revelation regarding the scam exchange Boomchange.com/Boomchange.io. Recent findings indicate that the owner of this fraudulent platform has resorted to unethical tactics in an attempt to deceive potential investors and manipulate public perception.

It has come to light that the owner of Boomchange has purchased several Bitcointalk accounts in cybercriminal forums, which have been artificially boosted with merit or increased post counts. This alarming discovery raises serious concerns about the integrity and legitimacy of the exchange again and even more.

Furthermore, evidence suggests that the owner of Boomchange has created a topic on the Bitcointalk forum, accessible at ( https://bitcointalksearch.org/topic/m.62634596 ) . This topic is flooded with spam, mass fake feedback, all written in a suspiciously similar style. It is worth noting that no credible proof of legitimacy has been provided by anyone participating in the discussion.

Even more disturbing is the indication that the owner of Boomchange.com / Boomchange.io has reinvested the ill-gotten cryptocurrency funds from unsuspecting victims into promoting their fraudulent crypto website, Boomchange. This blatant misuse of funds further emphasizes the malicious intent behind this scam operation.

I strongly advise all potential investors to exercise extreme caution when considering any dealings with Boomchange. The evidence suggests a high likelihood of fraudulent practices and a complete lack of transparency. It is crucial to protect yourself and your hard-earned money from falling victim to such deceptive schemes.

I urge everyone to spread awareness about this scam exchange and report any suspicious activities related to Boomchange to the appropriate authorities. By working together, we can help safeguard the cryptocurrency community and prevent others from becoming victims of fraud.

There are also new Crypto addresses they use now, they change them now almost every 2 weeks after this case of fraud got reported:

bc1qgwx3z59thekwcmp92arrvf4s2yg4ystsr9k2tt - Bitcoin Address where the fraudsters of Boomchange receive BTC. Archive Link: https://web.archive.org/web/20230802133330/https://boomchange.com/order/6cef0d0fa8
They sended the stolen Funds to Binance which can be followed on the Blockchain here: https://www.blockchain.com/en/explorer/addresses/btc/bc1qgwx3z59thekwcmp92arrvf4s2yg4ystsr9k2tt
It is possible that they bought verified Binance accounts to withdraw their illegal obtained crypto funds without giving personal data out.

0x4c2acc0580765d04d555a791bcb0b3661af67b8d - Ethereum Address where the fraudsters of Boomchange receive ETH. Archive Link: https://web.archive.org/web/20230802133324/https://boomchange.com/order/5bdda7e1a9
LKLCaCVM2aZu4CiTCVv9GnbhCt3X7pQtWb - Litecoin Address where the fraudsters of Boomchange receive LTC. Archive Link: https://web.archive.org/web/20230802133155/https://boomchange.com/order/942f669bda

Remember, diligence and thorough research are key when navigating the crypto space. Stay informed, stay vigilant, and protect yourself from scams like Boomchange.

Hi there,

Numerous forum members, including myself, have gathered concrete evidence suggesting that boomchange.io/boomchange.com may be operating as a scam.

The website owner/domain holder, through deceptive tactics, has attempted to convince users on the forum that the reported issues were merely a result of competition or rivals trying to discredit their service. However, this is far from the truth.
The evidence presented in the aforementioned Bitcointalk topic sheds light on various instances of fraudulent behavior.

To further support the claims made by forum members, I would like to draw your attention to a review on SiteJabber that highlights Koddos.net's lack of action against this scam accusation. The review can be accessed using the following link: https://www.sitejabber.com/reviews/koddos.net#113 .

Given the severity of the situation and the growing number of individuals affected by this scam, I kindly request Bitcointalk members attention to report the activities of boomchange.io/boomchange.com to Koddos ( [email protected] ) which is their server hosting provider.

Try to explain the scam of the fake crypto exchange Boomchange to them in a comprehensible and logical way, as they are probably laymen when it comes to crypto.

Thank you.

Nice catch OP, and you also got the trace to a Binance address, I suppose you can contact Binance support and ask them to ban the account that owns the address, I think that possible.



And you both two newbies account just coming out of thin air defending the exchange without any proof is just raising the red flag higher for this exchange, at least if you actually want to defend the site, you need to also post some proof of your transactions.

So are you and Jerayer part of that exchange team and both of you are paid to shill and give fake reviews on this exchange, this is your first post and you openly defended it, and so is Jerayer both of you sign up here just to shill Boomchange.com

If you're really a client just be a client a real client is open-minded because when it comes to exchange we can never be sure of its status, especially for a new exchange like Boomchange.com

It’s legit and normal working platform. I have been using this website more than a year and I don’t understand why there were posted misleading reports. You can use boomchange free and its legit well working swapping service

I never said you did either, my dude


Reviews should be spread out and weigh down so I'd say in as many place as possible.


My stance on this is I give them the benefit of the doubt mainly because there isn't any fool proof way of completely preventing fake reviews, we could only mitigate it. In addition, Trust Pilot is pretty popular hence is a frequent target.


Perhaps because their .io domain was just made couple of months ago so there's not much attention. Their .com domain meanwhile which has been here for a lot longer is full of negative reviews, see: https://www.trustpilot.com/review/boomchange.com

It also helped that Trust Pilot removed fake reviews on there

All i have to say concerning this is just a little suggestion or maybe we can termed it a subtle reminder of the dangers of using centralized exchanges, which means when you registered with them, you're giving a consent that you've read through their rules and regulations and they are ok by you, that you also understand the risk in using a centralized exchange whereby none of your private informations is secured or protected at maximum, try check the possible causes of your challenges with them before accusing them for scam.

The user Jerayer seems to be a multi account of Craigorders, I also found the user with the same name on another platform Github that also tries to talk well against the obvious and proven fraudulent scam site Boomchange, despite a clear burden of proof.
This can be seen here: https://github.com/MetaMask/eth-phishing-detect/issues/12729#issuecomment-1581245694

In addition, as here, several new accounts have also been created on Github in recent times and have also tried to talk up the fraudulent site Boomchange in short intervals on the link above.

I never conclude that Boomchange is a trusted site to scam site ? I just tried to investigate, check the reviews at Trustpilot and found this. By the way, which site would you recommend to get the reviews feedback of the site.

Also if trustpilot reviews are fake, then we should declare Trustpilot site to be a fake and scam giving wrong projection of the sites. I know there are paid reviews and all this stuff, but then all the reviews at Trustpilot are paid ones and those who were scammed at Boomchange never gave any reviews at Trustpilot 

I have been using the boomchange.com website for over a year. Made several exchanges to Paypal and ETH side. Always received all transfers. The time it takes to receive a transfer depends on when you send it yourself. If you send immediately after the exchange, you will quickly receive a return transfer. If I do the translation after a few hours, then it can take about an hour, depending on what time, night and day.

As for the author of the topic, I can only say that it is not entirely clear what evidence is contained in terms of the fact that there are problems on this site?

If there is a problem with a particular order, post a link to a valid order or send a message to the website's tech support describing the problem.
I had 1 case about the commission, I wrote to them with the order number, and received a satisfactory answer.

What is the problem if they are from Armenia?
Are you promoting nationalism or racism?

This is why I typically exclude trustpilot reviews because of how rampant the fake reviews are.

I just checked OP claims for myself and there's no way this exchange can be legit if they work as describe by OP - same address for each crypto.

See this two same trades I made:

https://archive.is/GVygS
https://archive.ph/aHLfU

I tried to exchange '100 USDT (ERC-20) to Paypal' but with different email addresses and yet I was given the same deposit address. So if only one of these trades ended up getting funded, how exactly are they gonna differentiate which trader did the deposit came from?

This is why legit instant exchange use different address for each active trade/order.

It seems like that the User Craigorders is the owner of the Scam Exchange Boomchange and is now trying to defend his fraudulent platform, despite clear evidence that this is a case of fraud. He also tries to steer the issue to other sites without any evidence or anything else to possibly distract from himself.


Trustpilot Reviews can be bought around the internet, especially with scammers like Boomchange, this is used to deceive potential victims and steal their hard-earned cryptocurrency money.

I really don't understand this charge sheet against boomchange. Since i never used this exchange so i can't conclude anything but by checking of trust pilot, you will find the review of 4.0    So now whom do we believe? Should we believe that whatever OP is saying is right or should we trust the 32 users who gave feedback at trust pilot ?

https://www.trustpilot.com/review/boomchange.io

Sometimes it is good to commend people who take out time to do such investigation so as to further forestall any occurrences in the future. OP took out time to conduct such a proper investigation to expose the nefarious activities of these scammers and should be applauded for that.

I wonder  how many innocent people that might have fallen for these scammers repeatedly

Their bait was the low amount that can transact on their platform to attract unsuspecting participants so they could rip them oof their hard resources but this time, the have been exposed and would not be game as usual. I think the police should swing into action by arresting them as reported so as to forestall Amy future occurrence of scamming people.

Sorry but your argument is not entirely convincing, Boomchange.io is not a popular site until someone imitates it or fakes a report on it. Why choose this particular site when there are dozens of sites offering the same service?

Regardless, the OP provided strong evidence with links to each accusation that you should refute these accusations with stronger evidence, not just go public with saying that the report is fake. Submit your evidence.

Its fake reports . Owner of fake report is coin-changer.net . ( competitor of Boomchange.io )
Coin-hanger.net made a copy design of the boomchange website .
We have reported to Police to find owner of Coin-changer.net . in
They fooled a lot of people. this is not their first project they have many other websites.

Github accounts 

https://coinpal.eu/

https://coin-changer.net/

https://bitmixing.net/

Github accounts

https://github.com/Yandex41

https://github.com/AlexHerman1



Interpol can find them .

Thank you, OP, for posting this thread, I have never heard of the Boomchange platform before, and I searched and did not find they have an ANN on the forum; the fake features of their scam exchange platform that attract customers is that they can start using Boomchange service in less than 5 dollars and the other feature is that anyone can make an exchange of cryptocurrencies to receive his cash on Paypal, Pioneer, or Skrill at the lowest prices and the lowest cost as they claim. There are a lot of people that I've seen commenting on Boomchange YouTube videos that they lost their crypto, and that's true because the proofs mentioned by the OP show that their platform was launched to deceive people only, and after where the domain of their platform is suspended, they quickly create another domain to continue their fraudulent movements; in addition to that, the domain that ends with .io has not completed 100 days since its creation, and there are no updates on their social sites other than videos created with robots’ voices about how the exchange works on their platform.

I see you have prepared a full report regarding these domains scam. It's a good job, but as you mentioned, there are many complaints about them and reports that condemn them. But it's nice to have a detailed report here on the forum since I didn't find any discussions about them on the forum after doing a quick search.
What really surprised me was that the thieves dealt with the Binance platform without any problem. Therefore, I advise you to contact Binance support and provide them with these evidences, and they will certainly act on the issue with the required firmness and speed, especially if the account contains assets.

Dear Bitcoin Talk community,

There is a fraudulent cryptocurrency exchange operating under the name of Boomchange or Boom Change, which can be found at "Boomchange.com", "Boomchange.io" and "Boomchange.net". This fraudulent platform, operated by an individual from Armenia (🇦🇲) in Asia, who may be using Ucom as an internet provider, claims to offer cryptocurrency swapping and withdrawal to fiat currencies, with methods such as PayPal. However, this exchange is fraudulent in nature and seeks to scam its users through cryptocurrency theft.

Numerous reports have been filed regarding the fraudulent activities of Boomchange around the internet.

Their fraudulent websites, boomchange.com and boomchange.io, are promoted through various means, including social media platforms like YouTube (https://www.youtube.com/@boomchange_com & https://www.youtube.com/@boomchangeespanol), as well as search engine optimization (SEO) tactics. They employ these strategies to attract unsuspecting victims, and lure them into their fraudulent schemes.

The website "Boomchange.com" is a static site built on a .php script. This script generates crypto addresses that belong to the domain holders of "Boomchange.com", who were previously associated with "Boomchange.io". The old domain owned by the fraudsters was suspended by the Namecheap registrar, but they have now brought "Boomchange.com" back online.

The fraudulent scheme operates in such a way that if users send cryptocurrency to "Boomchange.com", their funds will end up in the wallet of the fraudsters, and these funds will be lost forever. The scam is designed to deceive users into thinking that boomchange.com and boomchange.io are legitimate cryptocurrency exchange platforms, but in reality, they are fraudulent websites that should be avoided at all costs.

The Armenian company, Smartweb.am, is believed to have developed a fraudulent website for the Armenian Boomchange Operator. The suspicion arises from the fact that the operator of Boomchange specifically ordered their programming service to create their scam platform, "Boomchange". This assertion can be further verified by visiting the portfolio page on: https://smartweb.am/#portfolio , providing evidence that Smartweb.am could have been responsible for designing the fraudulent website.

Red Flags of Boomchange: Unlicensed, Unregistered, and Verified as a Scam
Boomchange lacks an official license from entities like FinCEN or MSB, proving it to be a fraudulent cryptocurrency exchange.
The absence of a physical office or headquarters, coupled with the lack of a company address, further confirms that Boomchange is a deceptive crypto scam phishing website.
Another concerning aspect is the complete absence of official business registration or any similar documentation, underscoring the illegitimate nature of Boomchange.
A significant cause for alarm is Boomchange's failure to comply with Anti-Money Laundering (AML) regulations, solidifying its reputation as a malicious scam crypto exchange.
In addition to these red flags, Boomchange's website features a fabricated Terms of Use page, incorporating AI-generated texts, while crucial sections such as the refund policy and privacy policies are intentionally missing.
You can view the page here: (https://web.archive.org/web/20240106020937/https://boomchange.com/terms-of-use).
The most damning evidence against Boomchange lies in its verification as a scam by reputable platforms like MetaMask and Scam-Alert, further reinforcing the prevailing concerns regarding its lack of trustworthiness.
You can view the pages here: https://metamask.github.io/phishing-warning/v3.0.0/#hostname=boomchange.com&href=https%3A%2F%2Fboomchange.com%2F , https://scam-alert.io/scam/bc1qgwx3z59thekwcmp92arrvf4s2yg4ystsr9k2tt
Below in this text, you can find additional evidence and indicators of the fraudulent and malicious activities associated with the fake crypto exchange scam phishing website known as "Boomchange".

The SCAM Domains are:
boomchange.com
boomchange.io
boomchange.net

This page can be accessed through a direct URL and serves as proof that the scam operation is in place:
https://boomchange.com/order/5bdda7e1a9 (Backup from 10/30/2023: https://web.archive.org/web/20231030133554/https://boomchange.com/order/5bdda7e1a9)
https://boomchange.com/order/c7dda2e520 (Backup from 10/30/2023: https://web.archive.org/web/20231030133703/https://boomchange.com/order/c7dda2e520)
https://boomchange.io/order/5bdda7e1a9
https://boomchange.io/order/c7dda2e520

The scammers behind the fraudulent "Boomchange" operation utilize a static end-order page, which persistently presents the same cryptocurrency address to all visitors, irrespective of their affiliation with the fake exchange. Furthermore, the end order pages of the Boomchange scam do not impose any specific information or credential requirements, thereby allowing unauthorized users unhindered access.

In addition, the final order pages of the "Boomchange" fraudulent scheme consistently exhibit identical fraudulent cryptocurrency addresses to all visitors, each of which is controlled by the operator of the scam.

Visitors to the order page do not need to provide any information or login credentials, making it easily accessible to anyone. However, the displayed Ethereum address "0x4c2acc0580765d04d555a791bcb0b3661af67b8d" and Bitcoin addresses "bc1qmxkj49ujzednhnzkr3wqpkeh4kfslr9zqume72" and "bc1qgwx3z59thekwcmp92arrvf4s2yg4ystsr9k2tt" are actually being used to deceive users by pretending to be a legitimate cryptocurrency exchange.

Blockchain scan of "0x4c2acc0580765d04d555a791bcb0b3661af67b8d", "bc1qmxkj49ujzednhnzkr3wqpkeh4kfslr9zqume72" & "bc1qgwx3z59thekwcmp92arrvf4s2yg4ystsr9k2tt":
https://www.blockchain.com/en/explorer/addresses/btc/bc1qmxkj49ujzednhnzkr3wqpkeh4kfslr9zqume72 (Over $50.000 stolen as of 10/30/2023)
https://www.blockchain.com/en/explorer/addresses/btc/bc1qgwx3z59thekwcmp92arrvf4s2yg4ystsr9k2tt (Over $58.600 stolen as of 10/30/2023)
https://www.blockchain.com/explorer/addresses/eth/0x4c2acc0580765d04d555a791bcb0b3661af67b8d (Over $14.700 stolen as of 10/30/2023)

On these transactions stolen Bitcoin got transferred to Binance:
https://www.blockchain.com/explorer/transactions/btc/39b3941da4aff56ccf55d307065034a87bb7c7629d3cf7c03db0129f5bf76a0e (Date 12/30/2023) - (Send from their main BTC address "18vpuWeMMFEZhm5tgxjuTs7aHtwotchPkr" to Binance)
https://www.blockchain.com/explorer/transactions/btc/88cd37cc36aa16a3e0963c3a18b0cf0ded0ecd4074ed9813875ddd041df9ea37 (Date: 11/19/2023) - (Send from their main BTC address "18vpuWeMMFEZhm5tgxjuTs7aHtwotchPkr" to Binance)
https://www.blockchain.com/explorer/transactions/btc/23647cd8c00823a8357e909dc747fef811c2b6404105e9c5677ca27072604260 (Date: 04/13/2023)
https://www.blockchain.com/explorer/transactions/btc/1793e0ccd25137a5d0d182ea9970f2156d01353f17408a2aff036f65aeb93959 (Date: 04/13/2023)

On these transactions stolen Ethereum got transferred to Binance:
https://etherscan.io/tx/0x359d3c4b2aee4b2b191a294c84c471764b0261c2203dc84a35db9fc87ced5720 (Date: 12/27/2023)
https://etherscan.io/tx/0xd7843b410728ca37629c441dab98242086b5c959e8199d12dba5360ad4a8e695 (Date: 12/27/2023)
https://etherscan.io/tx/0x2782028af54d394d4b3d696e61d8c1ede9a492fcac89edc373bc930af8a42a28 (Date: 12/25/2023)
https://etherscan.io/tx/0x60474eca656a3181b65d02bfb81eaddd334671a9c27d1c4d0f47c49b9979eded (Date: 12/23/2023)
https://etherscan.io/tx/0x0642e03eba70ffb421a6158e90cb02168f95e6a137304e939ac9b3465c270512 (Date: 11/09/2023)
https://www.blockchain.com/explorer/transactions/eth/0xf2d55ededda318a19783b3fe27f5862c7421ef9d2c53a5f1f25871a9dc9a3687 (Date: 10/29/2023)
https://www.blockchain.com/explorer/transactions/eth/0x5301ae7030ff97f3f5d8d5f746ef70ff1d69da18ec10bde8105d56e2c359335e (Date 10/24/2023)
https://www.blockchain.com/explorer/transactions/eth/0xac3eda2a292978fb28cf5f5fb95362da38cc6ec894192d261264df722a858b73 (Date 10/18/2023)
https://etherscan.io/tx/0x89be54e7669f3da8b41f1b018761be9b598801d91244068178aad5a4349531e9 (Date: 04/14/2023)

Etherscan of "0x4c2acc0580765d04d555a791bcb0b3661af67b8d":
https://etherscan.io/address/0x4c2acc0580765d04d555a791bcb0b3661af67b8d

On these transactions the stolen Solana got transferred to Binance:
https://solana.fm/tx/3eQpCf5ZqHzXp73JFi8oipH2LKToAQwbrkcW3WBJdhjgsAapZre7Z8qHTaqGumUwCmb5pJvUtvATQb7p6xU7tSA9?cluster=mainnet-solanafmbeta (Date: 10/28/2022)
https://solana.fm/tx/4XwmxztUJVteBRPXxVtU8Pvns8bFrtbWuEZavXwbKAvqyL7vhat56da6sDx1SFb8xC5tW55Z7ehfX1gKeKUfYrvC?cluster=mainnet-solanafmbeta (Date: 09/09/2022)
https://solana.fm/tx/4oM4AXm5mkupj1FPnfbg1hjwrxDxr5TmcXnsuubNJNJZNeAevD8jtKjC63RrenS9CXFNW2rdaFJu6LZ2sUFhfvf9?cluster=mainnet-solanafmbeta (Date 07/19/2022)
https://solana.fm/tx/3Ehg7CiBYw3QdrkSRe4N6KEtUgFJ8TscgWpuujEGpdTiVHtxvnT9DTLHgeq5xnXhM6gf3YNRogyXidaBt4dTkwFm?cluster=mainnet-solanafmbeta (Date: 06/18/2022)

Solana transactions of "72jXsoiK9UZdwdGpA3TYyAGAnVBGggQ9YvEjFS2CW5UE":
https://solana.fm/address/72jXsoiK9UZdwdGpA3TYyAGAnVBGggQ9YvEjFS2CW5UE?cluster=mainnet-solanafmbeta

On these transactions stolen Litecoin got transferred to Binance:
https://blockchair.com/litecoin/transaction/58fac1b1e87b193de67217ac38aa82c986fe2004a7d04222fd1caa75b03ada57 (Date 11/24/2023)
https://blockchair.com/litecoin/transaction/fd31a44fc010bffba99194aaac34fd088447d1014436231095e790cf8dceb65c (Date: 11/09/2023)
https://blockchair.com/litecoin/transaction/60d346dbca52955b8dd3d69991076e8f64b8dacdddb625833ed3e34604f810a1 (Date: 10/30/2023)
https://blockchair.com/litecoin/transaction/d0e507c605a23230b1c6afacd6c6dff87880ffe64dedf2b3790307db4f34742f (Date: 10/28/2023)
https://blockchair.com/litecoin/transaction/e8d2a5029bba9775f46647d0cbfd668fe804e90d99b7d6399d67cb01f78ccd8b (Date: 10/26/2023)

Litecoin transactions of "LKLCaCVM2aZu4CiTCVv9GnbhCt3X7pQtWb":
https://blockchair.com/litecoin/address/LKLCaCVM2aZu4CiTCVv9GnbhCt3X7pQtWb

It seems like they transfer their stolen Bitcoin to their main wallet address: 18vpuWeMMFEZhm5tgxjuTs7aHtwotchPkr (https://www.blockchain.com/explorer/addresses/btc/18vpuWeMMFEZhm5tgxjuTs7aHtwotchPkr)
From there, they launder/withdraw the stolen Bitcoin on Binance which can be seen here:
https://www.blockchain.com/explorer/transactions/btc/ec650ca4af3bea979ded41826cb21050023e576d8b5de633a99b06211710eaf2 (Date: 10/29/2023)
https://www.blockchain.com/explorer/transactions/btc/8d957595451c9f71609739c93dc2f863610bd7b0880a941eed408d60dcb11f1c (Date: 10/29/2023)
https://www.blockchain.com/explorer/transactions/btc/772debb4680e452a5202ab3d83f26998efd24e896c8060265b571ff910a98f30 (Date: 10/24/2023)
https://www.blockchain.com/explorer/transactions/btc/3505be6daa3b71cb76c0bb01ca8b38cec6b5ae80aa6e699b7f6b2e17d63d8253 (Date: 10/23/2023)
https://www.blockchain.com/explorer/transactions/btc/c006ef5184f49afc519824cd1ab8fe1bb8ccbbbfb69ac9de3a6672eaeecb0ff3 (Date: 10/21/2023)
And the list goes on as it can be tracked on the Blockchain page of Boomchange operators bitcoin address "18vpuWeMMFEZhm5tgxjuTs7aHtwotchPkr" (https://www.blockchain.com/explorer/addresses/btc/18vpuWeMMFEZhm5tgxjuTs7aHtwotchPkr).
Blockchain scan of "18vpuWeMMFEZhm5tgxjuTs7aHtwotchPkr ":
https://www.blockchain.com/explorer/addresses/btc/18vpuWeMMFEZhm5tgxjuTs7aHtwotchPkr (Over $196.000 stolen as of 10/30/2023)
After adding this, they began to use a new bitcoin wallet address (bc1qr0avgajde8y37qadrtjd4vt6sdvl9dgq7j6ckj) to which they transferred the stolen bitcoin from the victims of Boomchange. Their new wallet address can be found here: https://www.blockchain.com/explorer/addresses/btc/bc1qr0avgajde8y37qadrtjd4vt6sdvl9dgq7j6ckj (Over $70,00 stolen as of 11/2/2023)

The new Bitcoin address of "Boomchange.com" is: 1Dgc3h8caaJKEBRyrLgovwQWudxmDXmKiK (https://www.blockchain.com/en/explorer/addresses/btc/1Dgc3h8caaJKEBRyrLgovwQWudxmDXmKiK) (Already over $590,00 in Bitcoin stolen as of 11/21/2023)

The Bitcoin address of "Boomchange.com" as of 1/03/2024 is: 18vpuWeMMFEZhm5tgxjuTs7aHtwotchPkr
As of 1/3/2024, the operator of the malicious scam platform "Boomchange.com" continues to utilize their deposit bitcoin address "18vpuWeMMFEZhm5tgxjuTs7aHtwotchPkr" to deceive unsuspecting victims into sending their hard-earned bitcoin, resulting in irreversible loss of funds.

The current Bitcoin address of "Boomchange.com" as of 2/09/2024 is: bc1qv4rnhlx4fr9zn2cdklawjx429wr9nqhf7yf9uv
As of 2/9/2024, the operator of the malicious scam platform "Boomchange.com" utilize his deposit bitcoin address "bc1qv4rnhlx4fr9zn2cdklawjx429wr9nqhf7yf9uv" to deceive unsuspecting victims into sending their hard-earned bitcoin, resulting in irreversible loss of funds.

The current Ethereum address of "Boomchange.com" as of 2/09/2024 is: 0x4d070f2380F60764E0f48725be03850afA3C0Ee2
As of 2/9/2024, the operator of the malicious scam platform "Boomchange.com" utilize his deposit ethereum address "0x4d070f2380F60764E0f48725be03850afA3C0Ee2" to deceive unsuspecting victims into sending their hard-earned ethereum, resulting in irreversible loss of funds.

Below are the cryptocurrency addresses associated with the "Boomchange" fraud:
1. Binance USD (BSC): 0x4c2acc0580765d04d555a791bcb0b3661af67b8d
2. BNB Beacon Chain (BEP2): bnb1ajdl4npzsuwtfvwy9a5lq6wd2ufm60cag69nde
3. BNB Smart Chain (BEP20): 0x4c2acc0580765d04d555a791bcb0b3661af67b8d
4. Bitcoin (BTC): bc1qgwx3z59thekwcmp92arrvf4s2yg4ystsr9k2tt
5. Bitcoin (BTC): bc1qmxkj49ujzednhnzkr3wqpkeh4kfslr9zqume72
6. Bitcoin (BTC): 18vpuWeMMFEZhm5tgxjuTs7aHtwotchPkr
7. Bitcoin (BTC): 1Dgc3h8caaJKEBRyrLgovwQWudxmDXmKiK
9. Bitcoin (BTC): bc1qv4rnhlx4fr9zn2cdklawjx429wr9nqhf7yf9uv
10. Cardano (ADA): DdzFFzCqrht8aXTncbxFkD9pkv73TNHfN2cYe59xUye6zh93cCMU6aYcheNpmwNrunJdxJ5vPLYGxmm 37i89ESnR9Bh3PZHUPmUTYhy6
11. Ethereum (ETH): 0x4c2acc0580765d04d555a791bcb0b3661af67b8d
12. Ethereum (ETH): 0x4d070f2380F60764E0f48725be03850afA3C0Ee2
13. Litecoin (LTC): LKLCaCVM2aZu4CiTCVv9GnbhCt3X7pQtWb
14. MANA Decentraland (ETH): 0x4c2acc0580765d04d555a791bcb0b3661af67b8d
15. Monero (XMR): 846qqAML6S5aLVAxbfb7bzZQEjznGoJDNEm3coutRZEuK6rXZxTaRPhZqcYHHYVqfEcZK1rksvr8xXe UY2pymuXmHAHu3uD
16. Perfect Money (USD): U37414135
17. Polkadot (DOT): 16kATcRPnQRDJXNZmUq21gk83edHnkaoPzmrwtmkp4qbsUo4
18. Ripple (XRP): rEb8TK3gBgk5auZkwc6sHnwrGVJH8DuaLh
19. Shiba Inu (ETH): 0x4c2acc0580765d04d555a791bcb0b3661af67b8d
20. Solana (SOL): 72jXsoiK9UZdwdGpA3TYyAGAnVBGggQ9YvEjFS2CW5UE
21. STEPN GMT (SOL): 72jXsoiK9UZdwdGpA3TYyAGAnVBGggQ9YvEjFS2CW5UE
22. Tether (ERC20): 0x4c2acc0580765d04d555a791bcb0b3661af67b8d
23. Tether (TRC20): TK72J7YwNqkeqEsbbhcSZTG6QXWTQgX7dA
24. Tron (TRX): TK72J7YwNqkeqEsbbhcSZTG6QXWTQgX7dA
25. Trust Wallet TWT (BEP20): 0x4c2acc0580765d04d555a791bcb0b3661af67b8d
26. USD Coin (SOL): 72jXsoiK9UZdwdGpA3TYyAGAnVBGggQ9YvEjFS2CW5UE
27. Polygon (MATIC): 0x4c2acc0580765d04d555a791bcb0b3661af67b8d

The above cryptocurrency addresses, associated with the "Boomchange" fraud, were discovered on their domains, "Boomchange.com" and "Boomchange.io".

The "Boomchange" fraudsters change the static crypto addresses on their end order pages whenever they detect reports or complaints about their phishing website. They use this tactic in an effort to trick victims and evade detection, thus allowing them to continue their scamming activities. In addition, there have been reports from victims across the globe who have fallen victim to the scam. These reports can be found on various online platforms which are linked below.

The operator suspected to be in charge of Boomchange (Boomchange.com & Boomchange.io) resides in Yerevan, Armenia (Asia).

Suspended History of the Domain "Boomchange.com":
The history of the "Boomchange.com" domain is marked by suspensions and changes of ownership. Initially registered with NameCheap, the domain was suspended by the registrar. After expiring, it became available again and was repurchased by the Armenian operator of "Boomchange" through another domain registrar called NICENIC. It is noteworthy that NICENIC is considered the most abused domain registrar according to Spamhaus.org (https://www.spamhaus.org/statistics/registrars/).

"Boomchange.com" was also suspended on NICENIC. Unfortunately, the domain is currently back online as the operators have employed psychological operations and social engineering techniques to persuade the NICENIC abuse support teams to unblock their abused domain. As of 1/19/2024, the domain is still accessible.

As of February 16, 2024, the operator of "Boomchange.com" changed the domain registrar from "Nicenic" to "Internet Domain Service BS Corp" to continue his fraud and abuse of their domain services (https://web.archive.org/web/20240306101848/https://www.whois.com/whois/boomchange.com).

Here is the evidence to support these claims:
https://web.archive.org/web/20230510133318/https://www.whois.com/whois/boomchange.com
https://web.archive.org/web/20240119200752/https://www.whois.com/whois/boomchange.com

Their previous domain, "Boomchange.com", was already suspended for fraudulent activities and an archived version of the site from 2022 at https://web.archive.org/web/20220701070044/https://boomchange.com/ before suspension.
Currently, the domain has expired on the old registrar, Namecheap where it was blocked, and the fraudsters have switched to the NICENIC chinese registrar and later to Internet Domain Service BS Corp registrar.
Despite the domain's checkered past, it is back online, and people continue to fall victim to its scams.

As of April 10, 2023, the operator of "Boomchange.com" is now using a new domain, "Boomchange.net" again on NICENIC chinese registrar, as the previous one was flagged as a phishing website by MetaMask and some other crypto cybersecurity companies.

These are the email addresses of the "Boomchange" operator:
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
A newer email address that has been identified is: [email protected]

These might are the fraudsters IP addresses:
37.252.89.7 - Armenia, Yerevan - Internet Provider: Ucom.am (This might be his computer IP)
46.130.8.54 - Armenia, Yerevan - Internet Provider: Telecom AM (This might be his mobile phone IP)
Another IP address of the Armenian living in Yerevan cyber criminal: 37.252.93.99 - his iPhone IP address (Mozilla/5.0 (iPhone; CPU iPhone OS 16_0_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.0 Mobile/15E148 Safari/604.1)

Update as of 11/2/2023:
46.162.253.8  - Armenia, City: Yerevan, State/Region: Erevan - Internet Provider: Ucom.am (New IP of "Boomchange" operator as of 11/2/2023)

Possible VPN or Proxy IP Addresses of the Armenian Operator of "Boomchange":
41.160.35.133 - South Africa, Gauteng/Johannesburg/Western Cape - Internet Provider: Liquid Telecommunications Operations Limited (New IP of "Boomchange" operator, might be a Proxy or VPN as of 11/2/2023)
217.182.175.162 - France, Hauts-de-France - Internet Provider: OVH SAS (New IP of "Boomchange" operator, might be a Proxy or VPN as of 11/2/2023)

The Hosting provider of the scam website "Boomchange.com" is: Amarutu Technology - Koddos.net
Boomchange can be reported to [email protected] or through a ticket on their site under "Abuse": https://koddos.net/clients/submitticket.php
The Domain provider of the scam website "Boomchange.com" is: NICENIC INTERNATIONAL GROUP CO., LIMITED - Nicenic.net
Boomchange can be reported to [email protected] through email.

"Boomchange" has been scamming people for years, utilizing search engine optimization (SEO) and purchasing positive online reviews on platforms like Trustpilot and Sitejabber to promote their fraudulent services.
The "Boomchange" Operator systematically deletes negative reviews by flagging them as not genuine, abusing the report system of these platforms, and making it difficult for scammed victims to provide the necessary evidence to keep their reviews visible, resulting in only verified negative reviews remaining on Trustpilot and Sitejabber.

These are the social media accounts of the criminal operator of "Boomchange", which he uses to promote this fraud:
https://www.youtube.com/@boomchange_com
https://www.youtube.com/@boomchangeespanol
https://www.youtube.com/@boomchange_io
https://www.facebook.com/people/Boom-Change/100084132785601/
https://www.tiktok.com/@boomchange
https://www.reddit.com/user/boomchange
https://www.twitter.com/BoomChange1
https://www.instagram.com/boomchange_com

When the domain "Boomchange.com" was blocked by the former domain registrar Namecheap, the scammers switched to using "Boomchange.io" for their fraudulent activities. During that time, they also changed their YouTube handle to "@boomchange_io" to match their new domain name.

Now, after buying back the "Boomchange.com" domain name following its expiration on another domain registrar, the scammers have resumed using the domain name for their deceptive activities. As a result, they have reverted back to their old YouTube handle, "@boomchange_com".

The operator of "Boomchange" uses the Telegram and WhatsApp number (+18502800803) to engage in social engineering and manipulate victims into sending cryptocurrency to the fraudulent platform.

GitHub accounts of the operator of "Boomchange":
https://github.com/Boomchange
https://github.com/adminchanger
https://github.com/Uscompanylaw
https://github.com/Jerayer
https://github.com/Rodriguez3234
https://github.com/CarsWell87
https://github.com/Kurtel-liot0808 (banned)
https://github.com/User-Jack22 (banned)
https://github.com/Gagi77788 (banned)

The operator of the "Boomchange" scam has created multiple spam accounts on GitHub, including "adminchanger" and "Uscompanylaw". These accounts use words in their username such as "lawyer" and "admin" to suggest authenticity, but they are fake and part of a malicious manipulation tactic.

As of 1/3/2024, the operator of the malicious scam platform "Boomchange" was recently active on GitHub under the account username "@Jerayer" (https://github.com/Jerayer).

Possibly "Boomchange" operator accounts on BitcoinTalk:
https://bitcointalksearch.org/user/craigorders-3559734 (Username: Craigorders)
https://bitcointalksearch.org/user/jerayer-3551462 (Username: Jerayer)
https://bitcointalksearch.org/user/james77887799-3561707 (Username: James77887799)
https://bitcointalksearch.org/user/tobi4255-828900 (Username: tobi4255)
It seems that the account with the username "tobi4255" on https://bitcointalksearch.org/user/tobi4255-828900 may have been purchased on the black market, given its suspicious activity promoting the fraudulent website "Boomchange" found here: https://bitcointalksearch.org/topic/withdraw-crypto-to-paypal-with-boomchange-100-safe-and-legit-crypto-exchange-5457875
It is worth noting that during the same time period, many questionable accounts - some of which with a Trust rating of -1 - posted almost identical positive comments about the website, which appears suspicious.

The Connection Between "Boomchange.com" and "IPTVleopard.com": Uncovering the Association with Other Illegal Activities:
I researched and discovered that the website "iptvleopard.com" may be associated with the "Boomchange.com" Operator, who also owns the website. The website "iptvleopard.com" is being promoted on the same Medium account as "Boomchange.com" through fake articles.
You can view these articles at the following archived links:
1. https://web.archive.org/web/20240120180921/https://medium.com/@WBD-Vlad
2. https://web.archive.org/web/20240120181225/https://medium.com/@WBD-Vlad/best-canada-iptv-service-provider-for-tv-channels-iptvleopard-2b4e4a896e74
3. https://web.archive.org/web/20240120181609/https://medium.com/@WBD-Vlad/the-best-reliable-crypto-exchange-boomchange-a9220839b228

In one of their YouTube videos, where they advertise the "Boomchange" scam platform, I discovered that the operator also researched becoming an "IPTV Reseller".
You can see this in the following video: https://www.youtube.com/watch?v=h4KrPTeNCCA&ab_channel=BoomChange (archived: https://web.archive.org/web/20240120181903/https://www.youtube.com/watch?v=h4KrPTeNCCA).
At 0:08 minute mark, it is evident that they searched on Google to become an IPTV reseller, making it the second clear connection I found.

Additionally, they promote the "IPTV" stuff on a YouTube channel.
The videos on this channel are similar to the ones on the "Boomchange" YouTube channel, both in terms of creation and voiceovers.
This further suggests that the Armenian operator of "Boomchange" also operates the "IPTVleopard.com" website.
You can find their YouTube channel here: https://www.youtube.com/@ShortMovies2024 (Channel-ID: UC6IM2FP9we9E5A3IGGl1fgQ)

For their other platform, "iptvleopard.com", they use the WhatsApp number "+37433890790" and attempt to promote this website on Reddit, just like they do with "Boomchange".
You can see the attempted promotion here: https://www.reddit.com/r/Internet/comments/17vsev8/best_iptv_service_providers_in_2023_trusted/
However, the post has already been removed by Reddit fortunately.

It seems that "iptvleopard.com" belongs to the Armenian operator of the "boomchange.com" crypto scam phishing website. The utilization of illegal IPTV services directly violates copyright laws that are in place to protect the intellectual property of content creators and providers.

More information about the "Boomchange" scam can be found on Chainabuse and other Bitcoin abuse sites, such as:
-
https://www.chainabuse.com/domain/boomchange.com
https://www.chainabuse.com/domain/boomchange.io
https://www.chainabuse.com/report/2281bb1d-cc6a-4023-a57a-a09504d258a8?context=search-domain&d=
https://www.chainabuse.com/report/2d277c00-5a1d-4544-941c-66a784c47d39?context=search-address&a=bc1qr0avgajde8y37qadrtjd4vt6sdvl9dgq7j6ckj&chain=
https://www.chainabuse.com/report/dc9abf1d-264f-4420-ba2a-b475809e0411?context=search-address&a=1Dgc3h8caaJKEBRyrLgovwQWudxmDXmKiK&chain=
-
https://scam-alert.io/scam/bc1qgwx3z59thekwcmp92arrvf4s2yg4ystsr9k2tt - Confirmed Scam (boomchange.com) by Scam-Alert
https://scam-alert.io/scam/bc1q6a5gket0qhzks42k6v94uwshrse5t0njtpy3gr
https://scam-alert.io/scam/18vpuWeMMFEZhm5tgxjuTs7aHtwotchPkr
https://scam-alert.io/scam/bc1qr0avgajde8y37qadrtjd4vt6sdvl9dgq7j6ckj
https://scam-alert.io/scam/1Dgc3h8caaJKEBRyrLgovwQWudxmDXmKiK
-
https://cryptscam.com/en/detail/bc1qgwx3z59thekwcmp92arrvf4s2yg4ystsr9k2tt
https://cryptscam.com/en/detail/bc1q6a5gket0qhzks42k6v94uwshrse5t0njtpy3gr
https://cryptscam.com/en/detail/18vpuWeMMFEZhm5tgxjuTs7aHtwotchPkr
https://cryptscam.com/en/detail/bc1qr0avgajde8y37qadrtjd4vt6sdvl9dgq7j6ckj
https://cryptscam.com/en/detail/1Dgc3h8caaJKEBRyrLgovwQWudxmDXmKiK
-
https://www.bitcoinabuse.com/reports/18vpuWeMMFEZhm5tgxjuTs7aHtwotchPkr
-

Be cautious of the scam known as "Boomchange" which operates under the domains "Boomchange.com" and "Boomchange.io", and thank you for your attention.

Kind regards.