Security experts have recently unearthed a fraudulent Skype app designed to siphon Tether (USDT) from unsuspecting victims and redirect it to Ethereum and Tron wallets.
This nefarious application is believed to be linked to a Chinese phishing gang that had previously exploited a fake Binance app. Slow Mist, a prominent blockchain security firm, was the first to identify the rogue app after receiving reports from a victim who fell prey to the scam.
Upon closer inspection, Slow Mist uncovered the app’s insidious capabilities, which include the detection of Tron and Ethereum addresses in both incoming and outgoing messages. The app then replaces these addresses with alternatives predetermined by the phishing gang, effectively diverting funds to their control. Shockingly, the perpetrators also gain control of the victim’s phone, facilitating the upload of files, photos, and even personal identification credentials to their domain.
![Chinese hackers target crypto users with Fake Skype app phishing scam image 69](https://i0.wp.com/nosisnews.com/wp-content/uploads/2023/11/image-69.png?resize=735%2C720&ssl=1)
![Chinese hackers target crypto users with Fake Skype app phishing scam image 69](https://i0.wp.com/nosisnews.com/wp-content/uploads/2023/11/image-69.png?resize=735%2C720&ssl=1)
The extent of the damage caused by this fraudulent activity is exemplified by a Tron address associated with the phishing gang, which has reportedly amassed 192,856 USDT through 110 separate transactions. Similarly, a distinct Ethereum address received 7,800 USDT across 10 different transactions. Slow Mist’s investigation also led to the revelation that the same Chinese gang had previously impersonated the Binance exchange using a similar modus operandi.
The geographical origin of the perpetrators was deduced by Slow Mist, pointing to Chinese involvement based on distinctive signature information. Furthermore, the utilization of the app to impersonate Binance in previous scams further solidifies this connection. Notably, these phishing scams exploit the inaccessibility of Google Play in China, compelling victims to download apps directly from the web.
![Chinese hackers target crypto users with Fake Skype app phishing scam image 70](https://i0.wp.com/nosisnews.com/wp-content/uploads/2023/11/image-70.png?resize=772%2C720&ssl=1)
![Chinese hackers target crypto users with Fake Skype app phishing scam image 70](https://i0.wp.com/nosisnews.com/wp-content/uploads/2023/11/image-70.png?resize=772%2C720&ssl=1)
Compounding the challenge for authorities, the stolen cryptocurrency has been systematically withdrawn in batches and laundered through BitGet, formerly known as BitKeep. BitGet operates as a coin swap service with minimal to zero anti-money laundering (AML) or know your customer (KYC) requirements. Elliptic, a blockchain analytics firm, highlighted the attractiveness of such coin swap services for criminals seeking to launder funds, given the lax AML/KYC procedures.
In response to this threat, Slow Mist has identified and flagged 100 addresses associated with the fraudulent app, assigning them a risk score of 100—indicating a severe level of risk. This comprehensive approach aims to mitigate the impact of the scam and serves as a warning to the broader cryptocurrency community to remain vigilant against evolving threats in the digital landscape.
ALSO READ
- Data breach exposes Bitfinex users to phishing attacks
- Crypto Wallet Trezor Investigates Phishing Campaign
- FBI Issues Warning About Phishing Scams and Social Media Account Hijackers