Vote for Cryptopolitan on Binance Square Creator Awards 2024. Click here to support our content!

Cybersecurity firm SlowMist exposes fake Skype app in latest crypto phishing scam

Cybersecurity firm SlowMist exposes fake Skype app in latest crypto phishing scam
402559

In this post:

  • Cybersecurity firm SlowMist uncovered a sophisticated phishing scheme involving a fake Skype app, leading to significant crypto fund thefts.
  • The counterfeit app, downloaded from an unofficial source, was engineered to replace user-entered crypto wallet addresses with those controlled by the phishing gang, and also uploaded personal data to a remote server.
  • This phishing operation is linked to a previous fake Binance app, highlighting a pattern of targeted attacks against Web3 platforms and underscoring the need for heightened cybersecurity awareness and practices.

Cybersecurity firm SlowMist has disclosed a sophisticated phishing operation involving a counterfeit Skype application, leading to significant losses of cryptocurrency funds. This incident highlights the escalating challenge of cyber fraud in the digital age, particularly in the crypto industry.

Uncovering the deceptive scheme

The investigation by SlowMist began after a victim reported a loss of funds through a Skype application downloaded from an unofficial source on the internet. The counterfeit app, disguised as a legitimate Skype application, was found to be part of a broader trend of phishing attacks in the Web3 world, where users often download applications from non-official sources due to the inaccessibility of Google Play in regions like China.

SlowMist’s analysis revealed critical anomalies in the app’s signature information, suggesting a likely Chinese origin. The app used an outdated version of Skype, differing significantly from the genuine app’s latest version. This discrepancy was a clear indicator of the app’s illegitimacy. Further investigation showed that the app utilized a modified version of the Android network framework okhttp3, enabling it to carry out various malicious operations. This tampering enabled the app to access and upload personal data, including images and user information, to a phishing backend. The same phishing domain, ‘bn-download3.com’, impersonated Binance exchange in late 2022 before shifting to mimic a Skype backend in mid-2023. This connection led to the discovery that the same phishing gang was responsible for a previous counterfeit Binance app, indicating a targeted attack pattern against Web3 platforms.

Read Also  Hacker exploits vulnerability, drains $455,000 from DeFi protocol Arcadia Finance

Recommendations for users

In the report, SlowMist also made some proactive measures by blacklisting these malicious addresses. These addresses had accumulated large amounts of cryptocurrency, underscoring the severity of the threat. 

The firm’s proactive measures in exposing and mitigating the threat are crucial in the ongoing battle against such sophisticated cyber threats.To reduce the risk of falling prey to phishing attacks, SlowMist has recommended that users rely solely on official app download channels. Additionally, users are advised to improve their security awareness to prevent such attacks from occurring.

Land a High-Paying Web3 Job in 90 Days: The Ultimate Roadmap

Share link:

Disclaimer. The information provided is not trading advice. Cryptopolitan.com holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decisions.

Editor's choice

Loading Editor's Choice articles...

Stay on top of crypto news, get daily updates in your inbox

Most read

Loading Most Read articles...
Subscribe to CryptoPolitan