SlowMist divulged about an unfortunate incident where a victim lost his cryptos after using the fake version of a popular app.
The attackers used a tried-and-tested phishing strategy to steal funds.
The preliminary investigation suggested that the masterminds behind the crime were a group of Chinese hackers.
With all the promises of quick money that it offers, the world of cryptocurrencies is also fraught with dangers. As the market expands and more funds flow in, it attracts the unwanted attention of malicious hackers.
Fake Skype app steals crypto
Blockchain security firm SlowMist divulged information about an unfortunate incident wherein the victim lost his funds after using a fake version of popular social platform Skype.
The preliminary investigation suggested that the masterminds behind the crime were a group of Chinese hackers with a track record of targeting Web3 transactions.
Slowmist stated that the attackers used a tried-and-tested phishing strategy to steal funds. The fake Skype app asked for permission to access personal information of the users.
Treating it like any other social app, users didn’t suspect foul play. However, they had no idea what they were getting themselves into.
After getting the access, the app started to upload the data, including images, device information, and phone number to the phishing gang’s backend interface. But hold on! This isn’t even the worst part.
The fake app then started tracking users’ message history. Words like Ethereum [ETH] and Tron [TRX] would be specifically checked to detect a crypto wallet transfer. Upon finding one, the destination address would be replaced with the one set by the attackers.
Slowmist mentioned that the modus operandi was similar to the one employed during a fake Binance [BNB] phishing case last year.
Moreover, the malicious Tron address received nearly 192, 856 Tether [USDT] across 1110 deposit transactions. Similarly, the ETH chain saw inflows of 7,800 USDT in 10 deposit transactions.
While SlowMist blacklisted the addresses, it issued a word of caution for those downloading these apps. It asked them to stick to official download channels rather than getting them directly on the Internet.
Generally, such cases are more common in China where Google Play is blocked and people end up getting lured to fake app on the internet.