A scammer has stolen $15 million worth of cryptocurrency after cloning the user interface of HitBTC, a popular Hong Kong-based crypto exchange.
Scammers make $15 million
According to SlowMist, a crypto-compliance expert, this scam has been in operation for nearly a year, successfully tricking users into activating a phishing contract.
The fraudster executed an elaborate scheme that netted over $15 million in bitcoin (BTC), ethereum (ETH), tether (USDT) and shiba inu (SHIB).
The scheme included a smart contract that required users to connect their wallets. Victims make deposit transactions as on any exchange while the malicious smart contract tracks their transactions.
Once the transaction is signed and confirmed, the scammer gains access to the user’s wallet and immediately drains the rest of the user’s assets. The scam mainly worked on the Bitcoin, Tron, and Ethereum networks.
(embed) https://www.youtube.com/watch?v=iB7hJA1Eo2I (/embed)
SlowMist’s investigation revealed that the culprit behind the scam was not limited to HitBTC alone.
In fact, they have impersonated other notable platforms, including South Korea’s Coinone and LedgerX, a former subsidiary of FTX.
These fraudulent sites mimic prominent web3 tools, decentralized applications (dapps) and exchanges, confusing victims and expanding the scammer’s reach.
Increase in phishing attacks
Kaspersky cyber security report scores 40% He increases in the number of phishing attacks between 2021 and 2022.
This alarming trend indicates that scammers continue to exploit the allure of cryptocurrency, which is often seen as a shortcut to financial success with minimal effort.
It is essential to understand that a phishing scam works by obtaining suspiciously sensitive information, such as the private key to their wallet.
To achieve this, phishing scams use various baits to attract their targets, such as promising free cryptocurrency.
Fake crypto sites usually act as phishing pages, where all the details a user enters, including the password and recovery phrase for their crypto wallet, end up in the hands of scammers.
Earlier on May 15, the National Cryptocurrency Enforcement Team (NCET), under the US Department of Justice (DoJ), said it would go after exchanges that, despite their compliance, enable criminals to launder money.
