Hackers stole more than 4.3 million USD through fake cryptocurrency app

According to a report by cybersecurity company Trend Micro, 249 fake crypto wallet applications are stealing personal information and accounts of iPhone and Android users, causing losses of up to millions of dollars.

First, hackers will impersonate reputable companies to send emails informing them that the version of the digital wallet app that users currently have is outdated or the wallet has problems so it needs to be updated. Attached to the email is a malicious link that leads users to the fake app’s website. This way, bad guys can avoid the censorship systems of the App Store and Google Play.

To deceive users, the fake website will copy the entire logo and interface of the real website and only change the domain name by 1-2 characters. Scam apps include imToken, Bitpie, MetaMask, Trust Wallet, TokenPocket

networking platforms In addition, bad guys often spread malicious links on social, promising to give digital money to those who download the app, causing many people to fall into the trap.

The hacker’s main purpose is to steal the mnemonic phrase of the digital wallet. This is a string of unrelated words, 12 – 14 characters long, used to restore the wallet in case the wallet is lost or malfunctions.

Once the mnemonic phrase is obtained, the hacker will withdraw the victim’s money and transfer it to many different wallets. Trend Micro research team emphasized that the amount of money hackers dispersed could be more than 4.3 million USD because there are many undiscovered cases.

In addition, crooks also sell management systems of cryptocurrency apps and malicious websites on Telegram. They even claim to be able to provide fake versions of all digital wallet applications depending on the buyer’s request.

To avoid becoming a victim of this trick, users should only download apps from Google Play and the App Store. If you notice any suspicious behavior in the app, stop the update immediately and uninstall it.

Related posts

GTA 6 is guaranteed to launch on time, Take-Two quashes delay rumors

Be wary of SteelFox malware attacking Windows using a copyright-cracking tool

Apple chose Foxconn and Lenovo to develop an AI server based on Apple Silicon