- Cybercriminals are targeting concurrency investors with fake applications.
- Users have reported losses of substantial amounts.
- Blockchain security firm SlowMist has revealed the hackers’ mode of operation.
The cryptocurrency industry has long grappled with an unrelenting wave of hacks and phishing scams, resulting in substantial losses for investors. As the industry tightens security measures to fortify against these cyberattacks, threat actors are devising new tactics to target more investors and entities.
Following reports of phishing attacks and asset losses from a user, blockchain security firm SlowMist has uncovered the newly-employed strategy by malicious actors to execute crypto theft.
Modus Operandi Unveiled
On November 12, SlowMist published its recent findings on a Chinese-linked group of cyber criminals, which orchestrated the creation of a deceptive Skype application to siphon off crypto assets from unsuspecting victims.
The fraudulent application monitors victims’ messages for crypto-related keywords such as TRX, ETH, and USDT, and employs pre-set malicious crypto wallet addresses to compromise transactions and redirect assets.
Further investigation revealed that the signature phishing backend domain is linked to the same application that impersonated prominent cryptocurrency exchange Binance in November 2022, revealing its recurring threat to the cryptocurrency industry.
Several wallet addresses linked to the phishing scam have been blacklisted, amounting to over 100. One of the TRON chain addresses was identified to have received approximately 192,856 USDT, with 110 deposit transactions.
The address’ withdrawal records revealed that most of the received funds had been transferred out in batches. However, the address still holds a significant balance, with the most recent transaction occurring on November 8, 2023.
Another ETH chain address received over 7,800 USDT in 10 deposit transactions. The funds on the address have been transferred, with the latest transaction occurring on July 11.
SlowMist cautions users to enhance their security awareness, advising against random application downloads to prevent potential financial losses from malicious apps.
Bankrupt crypto ATM firm Coin Cloud loses sensitive user data to hacker-raid. Find out more:
Coin Cloud Breach Doxxes Platform Users As Security Fails
Crypto criminals are not backing down on attacks and Poloniex centralized exchange is the latest to feel the burn. Read more:
Justin Sun’s Poloniex Disables Wallets to Tackle $100M Attack