Fake Skype app scam targets cryptocurrency users

Investigation reveals over 120 transactions to fraudulent Tron and Ethereum addresses linked to a counterfeit communication tool

crypto.ro
crypto.ro
Share

Blockchain security firm SlowMist has uncovered a sophisticated phishing scam using a counterfeit Skype application. This malicious app, which meticulously mimics the popular communication tool, has been engineered to steal cryptocurrency from unsuspecting victims.

Fake Skype application for Android on a Chinese marketplace | Medium

The crypto scam was brought to light when a victim directly contacted SlowMist after losing funds through what appeared to be a legitimate Skype app downloaded from the internet. This incident is particularly alarming in regions like China, where direct downloads are common due to the unavailability of official app stores.

SlowMist's investigation revealed that the app's certificate was newly created in September, with signature information suggesting a Chinese origin. Further probing identified multiple sources of this fake app, consistent with the victim's experience. The app is designed to covertly monitor and upload files and images from users' devices, capturing sensitive data. It specifically targets cryptocurrency transactions, replacing Ethereum or Tron blockchain addresses in messages with malicious ones controlled by the attackers.

Alarmingly, one of the fraudulent Tron addresses linked to this scheme had received nearly 200,000 USDT (equivalent to $200,000) over 110 transactions. An Ethereum address involved in the scam also saw transactions totaling 7,800 USDT, which were transferred using BitKeep’s swap service.

A USDT wallet on TRON belonging to a malicious Chinese gang | Medium

According to reports, the scam has already led to hundreds of thousands of dollars being stolen from unsuspecting victims. The attackers have reportedly created over 100 fraudulent wallet addresses to facilitate the theft.

Notably, this phishing domain was initially designed to impersonate the crypto exchange Binance before pivoting to mimic Skype's backend in May. This shift indicates the scammers' adaptability and their focus on exploiting the lucrative web3 sector.

Share article
Ad image