Scammers Are Using Fake Wallet Apps To Steal Crypto Funds From Chinese

Don’t invest unless prepared to lose all the money you invest. This is a high-risk investment, you shouldn’t expect to be protected if something goes wrong.

Bitcoin Wallet British Crypto Exchange EXMO Loses $10 Million In Hack
Bitcoin Wallet British Crypto Exchange EXMO Loses $10 Million In Hack

Join Our Telegram channel to stay up to date on breaking news coverage

Cybersecurity researchers at ESET have uncovered a mobile wallet app scam that targets Chinese users. According to the researchers, the scammers created fake iOS and Android digital wallet apps to redirect cryptocurrency funds. The bogus apps are designed to look genuine, making it easier for users to fall prey to the scam. The hackers made sure that the fake apps they created function exactly like the originals to make them look more convincing.

The Scammers Are Impersonating Major Apps

The malicious apps impersonated companies like TokenPocket, MetaMask, imToken, Trust Wallet, and Coinbase to steal victims’ secret seed phrases.

The scammers recruited intermediaries through Facebook groups and Telegram to deceive their targets into downloading the app. These fake wallet services were promoted through counterfeit wallet websites targeting most Chinese users, according to the researchers.

The cybersecurity team revealed that its investigation about the scammers started in May 2021. It revealed that a single individual group is responsible for the campaign. The scammer created “trojan horse” wallet services that impersonated the functionality of genuine applications.

They incorporated malicious code used for redirecting crypto-assets into the fake app. However, the scammers place the malicious code in the app in an area where they will circumvent security software. As a result, they can stay hidden within the victim’s system for a long time without being discovered.

The Malicious App Also Poses A Secondary Threat

The malicious app is also dangerous in other aspects, as they are capable of sending seed phrases to the C2 server of the attacker using an unsecured HTTP connection. It means that apart from the primary threat, other cybercriminals could get hold of the code, which represents a secondary threat.

This means that users can suffer multiple attacks not only by the original scammer but by other different attackers eavesdropping on the same network. The researchers also said they discovered 13 malicious apps on the Google Play store that imitate the Jaxx Liberty wallet.

Your capital is at risk.

Read more:

Join Our Telegram channel to stay up to date on breaking news coverage

Read next

Please enter Coingecko & CoinMarketcap Api Key to get this plugin works