A deceptive Skype application circulating in China has led to a phishing scam, resulting in cryptocurrency theft, warns SlowMist, a leading blockchain security firm.
Pictures taken from SlowMist:
The scheme, discovered after a victim reported funds being stolen post downloading the fake Skype app, has been linked to a previous phishing incident impersonating Binance.
The counterfeit Skype app, displaying a likely Chinese origin, differs from the official release.
Upon decompiling the app, the security team uncovered a modification to the widely used Android network framework, "okhttp3," designed to target cryptocurrency users.
While the default okhttp3 framework typically manages Android traffic requests, the adapted version goes beyond, retrieving images from diverse directories on the phone and actively monitoring for any newly added images in real-time.ata.
Once granted permissions, the application uploads sensitive information like images, device details, user ID, and phone numbers to a phishing backend.
The investigation uncovers a connection to a prior phishing attempt involving the same criminal group.
The backend domain, 'bn-download3.com,' originally posed as Binance on 23 November 2022.
These apps tamper with network traffic to replace legitimate cryptocurrency wallet addresses with those controlled by the attackers.
SlowMist's analysis reveals substantial financial losses, with a TRON chain address receiving 192,856 USDT through 110 transactions.
Another ETH chain address saw approximately 7,800 USDT stolen in 10 transactions, mainly through BitKeep's Swap service, using OKX for transaction fees.
Urging increased vigilance, SlowMist advises users to exercise caution, especially when downloading apps from unverified sources.
Relying on official app sources reduces the risk of falling victim to such fraudulent schemes.
Litigation and rebuttal often lag in correcting mistakes, and the best way to change negative impressions is to grow positive value. In the field of crypto assets, this is true for Bitcoin, and so must Binance.
JinseFinanceBinance unveils "Inscriptions Marketplace" for seamless trading and minting of BRC-20 and EVM tokens. Integration with Binance Web3 Wallet enhances user experience, reinforcing Binance's position in the cryptocurrency ecosystem.
EdmundBinance discontinues BUSD support, prompting users to take immediate action. This strategic move aligns with the exchange's commitment to adaptability in the dynamic crypto landscape.
Huang BoThis is not the first time Huobi has been the subject of acquisition rumors.
BeincryptoAn errant Google Forms account and an early trading launch were among the missteps that concerned team members at Binance.
decryptAccording to a CoinDesk source, Binance is organizing a consortium of crypto firms to help rebuild trust in the industry.
BeincryptoBinance plans to increase employees by up to 30% in 2023. It has over 687 job openings presently.
BeincryptoThe bulk of the top 200 ERC-721-compliant collections on OpenSea will be included in Binance NFT during the first stage of the marketplace's upgrading.
CryptoknowmicsGlobal travel using crypto seems very close to mass adoption.
BeincryptoMavatrix, the first reward-based Non-Fungible Token collection on BNB Chain, has been listed on Binance NFT, the NFT marketplace of ...
Bitcoinist