Samfw.com Scam: Trojan/RAT Drains Crypto Wallets | Tungtata scam, Dang Thanh Tung scam

Theft and Malware Distribution via SamFW

Written by

admin

in

Overview On June 23, 2026, we experienced a significant loss of funds ($3,000,000 USD in Monero/XMR) following the installation of the “SamFW Tool” (version 5.4). Shortly after the software was executed, the victim’s local data was purged, and the funds were siphoned from their Feather Wallet. The developers subsequently removed the compromised version and replaced it with an updated build.


Scammee Name: Đặng Thanh Tùng (also known as “Tungtata”)

Short Description
This report documents a severe security incident involving the distribution of malicious software through the “SamFW Tool” website. Following the installation of version 5.4, a user suffered the theft of 10,000 XMR and complete data loss. We have compiled comprehensive evidence, including business entities, personal identifiers, and digital footprints, to assist the Vietnamese cybercrime authorities in investigating Đặng Thanh Tùng (Tungtata) for organized financial fraud and malware distribution.

Keywords
Đặng Thanh Tùng, Tungtata, SamFW scam, cryptocurrency theft, Monero theft, cybercrime investigation, malware distribution, SamFW malware, Vietnam cyber police, Quynh Chi Investment, financial fraud, computer security breach, illegal software, SamFW tool exploit
Tungtata scam, Tungtata fraud, Dang Thanh Tung scam, samfw scam, samfw malware, samfw trojan, samfw security risk, samfw suspicious software, Tungtata trojan virus, samfw warning, Đặng Thanh Tùng scammer, owner Đặng Thanh Tùng fraud, tungtata scam, DangThanhTung scammer, DangThanhTung fraud, DangThanhTung rat trojan
  • Location: Hanoi, Vietnam
  • Business Entities: SamFW Global LLC, Quynh Chi Investment and Technology Co., Ltd.
  • Associated Services: SamFW.com, MiFirm.net, Trạmsạc.app
    Summary of Events 1. Infection: The victim installed samfwtoolsetup_v5.4.zip from the official website.
  1. Theft: Immediate unauthorized transfer of 10,000 XMR occurred.
  2. Evidence Tampering: The developer replaced the malicious file with version 5.5.1 shortly after the incident was reported to them.
  3. Communication: Upon confrontation, the developer admitted no fault and engaged in mocking behavior before blocking the victim on Telegram.
    Evidence Repository * Tax ID: 0110492308 (Quynh Chi Investment and Technology Co., Ltd.)
  • Emails: tungvn48@gmail.com, dttung48@gmail.com
  • Phone: +84.1296.935.935 / +84.967.888.448
  • Digital Footprint: All associated profiles (GitHub, XDA, Facebook, PayPal) have been documented in the provided evidentiary links.

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

More posts

Powered by
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None
Powered by