A hacker collective calling itself Anonymous ZA has released explosive details about Mirror Trading International (MTI), stating that at least R4 billion in bitcoin has flowed through the scheme.
In response, MTI told MyBroadband the information stems from private member data that was illegally obtained and that it is “inaccurate at best”.
Mirror Trading International is a South African registered company offering Forex trading services by using an automated system to trade with the trading pool on behalf of its members.
Johann Steynberg is the CEO and founder of MTI, which focuses on Bitcoin trading and promising members a “truly passive income”.
According to MTI, it has over 90,000 active members in 177 countries, and its numbers are growing daily.
MTI made headlines recently after the Financial Sector Conduct Authority (FSCA) said it was investigating the company.
The FSCA said the current business model of MTI requires it to be in possession of a financial service provider licence.
“MTI has informed us that they accept clients’ funds in the form of Bitcoin, pool the funds into one trading account on a forex derivate trading platform, and conduct high-frequency trading through the utilisation of a bot,” the FSCA said.
If this is being done as described, then this amounts to financial services, hence the licence requirement.
However, the FSCA has a much greater concern about MTI’s activities.
The company claims to have more than R2.9 billion in clients’ funds in trading accounts, but the FSCA has not been able to conclusively confirm that the funds exist.
“Moreover, the returns on the investments claimed by MTI seems far-fetched and unrealistic,” the FSCA said.
At the time, MTI said that its bot-trading is able to generate consistent profits of an average of 10% per month. More recently it said it has seen an average return of 0.5% per day.
The FSCA recommended that MTI clients request refunds into their own accounts as soon as possible.
The Texas State Securities Board has also issued an emergency cease-and-desist order against MTI and accused it of perpetrating fraud through an illegal international multilevel marketing programme.
Canada’s Autorité des Marchés Financiers (AMF) has placed MTI on its list of illegal online platforms, issuing a warning that MTI illegally solicits investors.
Anonymous ZA publishes information about MTI
Anonymous ZA has published financial information about MTI online based on data collected through MTI’s members portal – mymticlub.com.
According to Anonymous ZA, it discovered glaring security vulnerabilities in the online systems of MTI, which it exploited to extract information about the inner workings of the scheme.
Anonymous ZA said the vulnerability that exposed MTI’s “back office” system was a lack of basic authentication.
Any registered member who is logged into the system could view the information of any other member’s account by simply changing a parameter in the URL.
“All data was acquired using simple enumeration and scraping techniques on the mymticlub.com site,” stated Anonymous ZA.
“No hacks were performed because the lack of basic security did not require it. Just incrementing an id=? parameter on various URLs provided all the data that you see here.”
Using this weakness, it was able to glean detailed information about MTI’s system and see the full names, usernames, e-mail addresses, bitcoin balances, and earnings linked to every account.
Anonymous ZA then published an anonymised copy of the data, which was current as of 14 September 2020, on a dark web site called MTILeaks.
It said the MTI database shows the company has handled over 22,984 bitcoin in member deposits, amounting to over R4 billion.
The data shows that members have withdrawn nearly 15,653 bitcoin (close to R2.9 billion), which means the scheme should still have at least 7,331 bitcoin (over R1.3 billion) of members’ capital in its accounts.
However, the data also shows that the scheme has allocated almost 9,916 bitcoin (over R1.8 billion) to members in interest and bonuses.
This means that MTI must have a minimum of 17,247 bitcoin (over R3.1 billion) to cover the remaining deposits and earnings of all members who have not yet been withdrawn from the scheme.
MyBroadband asked MTI CEO Johann Steynberg if the company has that much liquidity and if he could provide MTI’s bitcoin wallet addresses to prove that the company has the assets to cover its obligations.
Steynberg did not answer the question in his initial response to MyBroadband.
In a subsequent statement to MyBroadband, MTI said it declined to comment.
|MTI Balance Sheet (MTILeaks)||BTC||ZAR|
|Deposits / Capital||22984||R4,193,437,899|
|Bonuses/revenue allocated, i.e. “The hole”||9916||R1,809,170,779|
|Total money owed to members and founders||17247||R3,146,721,713|
|* ZAR/BTC exchange rate used in this article: R182,450|
Distribution of wealth at MTI
In addition to questioning the liquidity of the scheme, Anonymous ZA also raised questions regarding the way MTI distributes revenues to members.
The data from Anonymous ZA shows that a handful of MTI members receive a “Founders Pool” bonus.
Of the 163,892 profiles registered in the MTI system, only 63 are designated as “founders”. Expressed as a percentage, the founders make up 0.038% of the total userbase.
Over 469 bitcoin, or around R85.5 million, was disbursed to profiles with founder status as a “Founder Bonus”. This represents 4.7% of all bonus revenue allocated to members.
Another interesting statistic is to compare the deposits and withdrawals made by founder accounts, to those made by standard non-founder accounts.
According to the data published by Anonymous ZA, founder members made 2% of the deposits in MTI yet account for 6% of withdrawals made. Profiles with founder status have also received 18% of the overall bonus revenue disbursed by the scheme.
Subtracting total deposits from withdrawals reveals that MTI accounts with founder status have taken profit of over 527 bitcoin (R96 million), while non-founder accounts were running at a loss of 7,858 bitcoin (R1.4 billion).
The following table and charts show how deposits, withdrawals, and profit is distributed among MTI members with and without founder status.
MTI was asked whether it has disclosed the existence of the founder pool bonus to its general membership, and about the apparent disproportionate allocation of revenue to members with founder status.
The company declined to answer questions about the Founders Pool, stating that the information Anonymous ZA obtained is “inaccurate at best”.
However MTI’s head of communications Cheri Ward posted on Facebook that the founder’s bonus is no secret.
“Founding members get profit share. This is not illegal and is hardly a state secret.”
|63 (0.04%)||163829 (99.96%)|
|Profit Taken (Withdrawals – Deposits)||527||R96,212,954||-7858||-R1,433,763,888|
|Withdrawals : Deposits||2.51||0.65|
|* ZAR/BTC exchange rate used in this article: R182,450|
Concerns over claims of constant, daily returns
MTI states on its website that it uses “advanced digital software and artificial intelligence” to trade on international foreign exchange markets.
It is the profits on these returns which MTI says it pays out to members in the form of “bonuses”.
MTI also says that it has seen an average daily profit from its automated trading software of 0.5% per day. This amounts to average growth of over 180% per year if they trade every day, or around 130% p.a. if they trade five days a week.
Many of the accounts contained in Anonymous ZA’s data have seen growth far exceeding this thanks to a combination of multi-level marketing or “binary tree” bonuses, the founder’s pool, and direct referral bonuses.
Several accounts have seen growth of well over 1,000% — and some even up to 10,000% — in the year the scheme has been active.
Anonymous ZA said they do not believe there is an automated trading system that can generate these kinds of returns in the amount of time MTI has existed.
“If we had such a fantastic bot, we wouldn’t share it with anyone,” Anonymous ZA argued.
For this reason, Anonymous ZA concluded that MTI’s claims of using a bitcoin-based forex trading bot to generate these kinds of returns for members are a smokescreen.
“This smokescreen approach is very similar to how other multi-level marketing schemes use a ‘product’ to attract more members into the scheme, in order to provide returns to those higher up in the pyramid. When the new members dry up, the scheme will collapse,” the group warned.
MTI’s former forex broker, FX Choice has also raised concerns about the fact that MTI is constantly paying out profits to its members.
“We would like everybody involved in MTI to understand the risks,” FX Choice stated in response to questions about MTI.
“Paying out such a consistent stream of profits, which is nearly a 100% return on investment in one year, to investors by trading Forex is hard to believe. Forex is not the same as owning a bond where you receive a percentage. It is about risk-reward where the larger the reward you received, the larger the risk you took. We note that there is no single proof of the efficiency of MTI’s operations.”
FX Choice also confirmed that it closed MTI’s forex trading account after the company failed to produce the necessary documentation and following warnings from various regulators. It also disputed MTI’s claim that it uses an artificial intelligence trading program.
“Before the account was blocked, they [MTI] executed just a few trading operations, which were performed manually, large, and incurred substantial losses.”
In response to FX Choice’s statement, MTI said it is no longer with a single forex broker.
“The MTI trading pool… is being carefully spread across a portfolio of carefully selected brokers who can consistently provide the regulated security and performance track record that MTI requires.”
MTI declined to answer MyBroadband’s questions regarding the scepticism around its profits, except to say that the information obtained by Anonymous ZA was inaccurate.
Response from MTI CEO Johann Steynberg
MyBroadband contacted CEO Johann Steynberg for comment, who questioned the motives of Anonymous ZA and expressed doubt regarding whether there was a security vulnerability at all.
“I find it strange that a ‘party’ would contact you anonymously with such a matter. What I can tell you is that there are a few online income building options (factions) available within South Africa,” Steynberg told MyBroadband.
“We believe that this has caused certain animosities amongst competitors who are no longer doing as well as they were and we further believe that they are doing their level best to discredit and create controversy around the MTI brand. In fact, we instituted a legal proceeding earlier this year for exactly this reason.”
Steynberg said MTI needed to investigate the matter, validate the claims of Anonymous ZA, and “where appropriate rectify, if indeed there is anything that we need to rectify”.
He also said that they will “of course” communicate appropriately with members if necessary.
“We cannot simply jump to respond to a range of unvalidated accusations or insinuations from some anonymous party.”
Steynberg assured that, as CEO, he has personal executive oversight of all technology and programming matters at MTI.
Within hours of MyBroadband contacting Steynberg, Anonymous ZA sent another message to inform us that the script containing the security vulnerability was no longer accessible on MTI’s server.
Shortly thereafter, Anonymous ZA published the link to the MTILeaks website on various public forums.
In response to questions by MyBroadband, MTI and its management said they will “not be commenting on the matter at hand”.
“The questions raised by yourself stems from private member information that was illegally obtained,” MTI said.
It said that furthermore, the information obtained is inaccurate at best.
“You are thus formally notified that the information you have is incorrect and publishing of such information would be illegal and a gross violation of our members’ privacy.”
MTI said its members are satisfied and serviced as per our brand promise. “MTI and members’ bitcoin is safe and secure and the partial information breach has been rectified”.