New Cryptocurrency Scam Targets Offline Transactions Using USDT

According to CryptoPotato, SlowMist, in partnership with imToken, has uncovered a new cryptocurrency scam targeting users in physical offline transactions, with USDT as the preferred payment method. The scam involves manipulating Ethereum node Remote Procedure Calls (RPC) to deceive unsuspecting victims.

Here's how the scam works: Initially, the scammer convinces the target to download the legitimate imToken wallet, building trust by transferring 1 USDT and a small amount of ETH as bait. Then, the scammer instructs the user to redirect their ETH RPC URL to a node under their control, specifically using the modified node. Through this manipulation, the scammer falsifies the user's USDT balance to make it appear as if funds have been deposited. However, when the user attempts to transfer the USDT, they realize they've been duped. By this point, the scammer has disappeared, according to SlowMist's findings.

Additionally, the blockchain security firm disclosed that Tenderly's Fork feature can not only alter balances but also contract information, posing a more significant threat to users. Understanding RPC is crucial in comprehending the workings of such scams, SlowMist noted. RPC serves as a conduit to interact with blockchain networks, enabling users to perform various actions like checking balances and creating transactions. While wallets typically connect to secure nodes by default, linking to untrusted nodes can result in malicious modifications, leading to financial losses.

Further analysis by MistTrack revealed the extent of the scam's operations. An investigation into a known victim's wallet address shows that they received 1 USDT and 0.002 ETH from another address. This address has transferred 1 USDT to multiple addresses, indicating repeated fraudulent activities. These addresses are flagged as 'Pig Butchering Scammers' by MistTrack and are linked to various trading platforms, implicating them in multiple scam incidents.