In a concerning development for the cryptocurrency community, a sophisticated phishing scam has emerged, targeting users through a fake version of the popular communication platform Skype. Blockchain security firm SlowMist uncovered details of this malicious scheme, revealing a group of Chinese hackers with a history of targeting Web3 transactions as the likely culprits.
The attackers employed a well-known phishing strategy, tricking users into granting permission for the fake Skype app to access personal information. Unaware of the impending danger, users treated the app like any other social platform, unwittingly providing access to sensitive data, including images, device information, and phone numbers, all uploaded to the hackers’ backend interface.
What sets this scam apart is the next level of intrusion, as the fake app began tracking users’ message history. Specifically scanning for terms like “Ethereum” and “Tron,” the hackers aimed to identify crypto wallet transfers. Upon detection, the destination address was surreptitiously replaced with one controlled by the attackers, leading to the unauthorized transfer of funds.
This modus operandi bears a striking resemblance to a previous fake Binance phishing case reported last year, indicating the persistence and adaptability of cybercriminals in the cryptocurrency space.
The repercussions of this scam were significant, with a malicious Tron address receiving almost 192,856 Tether (USDT) across 1,110 deposit transactions. Similarly, the Ethereum chain experienced inflows of 7,800 USDT through 10 deposit transactions.
To mitigate the impact of this threat, SlowMist promptly blacklisted the identified addresses involved in the scam. However, the incident serves as a stark reminder for cryptocurrency users to exercise caution and adhere to official download channels rather than obtaining apps directly from the internet.
This type of scam is particularly prevalent in regions like China, where Google Play is inaccessible, leading users to explore alternative, riskier sources for app downloads.
To safeguard against such threats, users are urged to follow best practices for online security. Here are some essential tips:
As the cryptocurrency market continues to attract widespread attention and investment, the need for heightened security measures becomes paramount. By staying vigilant and adopting secure practices, users can navigate the crypto landscape with confidence and minimize the risk of falling prey to malicious actors.
Get the latest Crypto & Blockchain News in your inbox.