In the latest wave of cyberattacks, cryptocurrency holders are being targeted by a new type of scam involving fraudulent QR codes. Blockchain analysis firm Bitrace has issued a warning after at least 27 wallet holders fell victim to the scam, losing over $120,000 in USDT between July 11 and July 17. The scam operates by tricking users into authorizing wallet access through a deceptive payment test.
The scam begins with a fraudster proposing an over-the-counter token swap at an attractive exchange rate, bypassing traditional exchanges. To gain trust, they offer a small payment in USDT and a fee in TRX tokens. The fraudster then asks the victim to perform a “small repayment test” using a QR code, which redirects them to a third-party website. After confirming the transaction, the scammer gains unauthorized access to the user’s wallet, draining it of funds.
Bitrace’s analysis reveals that the stolen funds were funneled through five intermediary addresses and laundered via the Cambodian crypto exchange Huione. The situation highlights the increasing risk faced by crypto holders in 2024, with Cyvers reporting nearly $1.4 billion in stolen crypto funds so far this year. Phishing attacks, including QR code scams, have been responsible for significant losses.
In addition to the QR code scam, a new cyberattack named “Dark Skippy” poses a threat to Bitcoin wallets. Researchers at Imperial College London have also identified circuit layer vulnerabilities as the biggest risk to systems based on SNARKs.
WazirX, another major player in the crypto space, recently announced plans to restore user balances after a $235 million hack, reversing trades conducted after the breach.
Conclusion:
As cybercriminals continue to target the crypto community with increasingly sophisticated attacks, users must stay vigilant and exercise caution. Always verify the legitimacy of any transaction requests and avoid scanning QR codes from unknown sources. Bitrace’s upcoming “one-click risk check tool” could be a valuable resource in helping users identify potential threats before they fall victim to scams.
Takeaways:
QR code scams are targeting crypto holders, with over $120,000 in USDT stolen between July 11 and July 17.
The scam tricks victims into authorizing wallet access through a fraudulent payment test.
“Dark Skippy” and SNARK-based system vulnerabilities are emerging threats to crypto wallets.
Users should remain cautious and verify the legitimacy of transaction requests.
Source: Bitrace, Coinpaper
Follow us to stay updated.
Disclaimer: This content is for informational purposes only and not financial advice.
