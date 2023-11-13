A sophisticated phishing scam involving a fake Skype application has resulted in the theft of a large amount of cryptocurrency, according to leading blockchain security firm Slomist.

The investigation also revealed a connection to a previous phishing incident that involved the same domain that previously posed as Binance.

Phishing app mimics Skype in security breach

A recent discovery by leading blockchain security company Slomist has revealed a sophisticated phishing scam that revolves around a fraudulent Skype application. The investigation was prompted by a victim’s report of having money stolen after downloading a fake Skype app from the Internet.

New Slomist Investigation Report: Fake Skype App Phishing Analysis Our latest report exposes how a fake Skype app led to a wealth of money being stolen from the Web3 sector. Dive into our investigation for more on this scam and how you can stay safe!… – SlowMist (@SlowMist_Team) 12 November 2023

The fake app, which displayed a signature pointing to possible Chinese origins, was found to be inconsistent with the official Skype release. It was engineered to perform malicious operations by altering the commonly used Android network framework, okhttp3.

Upon further analysis, the team discovered that once the fake Skype app was executed, the modified Okhttp3 began requesting permission to access files, photo albums, and other data that users typically access without suspicion. Let’s give. However, once these permissions are granted, the app immediately starts uploading sensitive data like images, device information, user ID, and phone numbers to the phishing backend.

Connection to previous fake Binance app

The investigation revealed a link to a previous phishing attempt: the backend domain ‘bn-download3.com’ had previously impersonated the Binance exchange. This similarity suggests that the same criminal group is behind both the fake Skype and Binance apps.

By manipulating network traffic, these apps replace legitimate cryptocurrency wallet addresses with ones controlled by attackers.

Slomist’s analysis also revealed significant financial losses. One of the malicious addresses linked to the TRON chain had obtained approximately 192,856 USDT through 110 transactions.

Although there are still balances at this address, most of these funds have been transferred out. Another ETH chain address saw the theft of approximately 7,800 USDT in 10 transactions. Most of these funds were transferred using BitKeep’s swap service, with transaction fees charged to OKEx.

Slomist has issued an urgent call for increased vigilance in response to these worrying findings. They advise users to exercise extreme caution when downloading apps, especially from unverified sources. The company emphasizes the importance of trusting official app sources to reduce the risk of falling victim to such fraudulent schemes.

Special Offer (Sponsored)

Binance Free $100 (Exclusive): Use this link to register and get $100 free and 10% off fees on Binance Futures your first month. (terms).

source: cryptopotato.com