Xiao A recently received a text message that the exchange is about to clear mainland users, and he is going to bring the cryptocurrency from the exchange to the wallet. So Little A enters “xx Wallet Official” in the browser, clicks on the top link, and downloads the App-Create Wallet-Transfer to Assets, all in one go. Within a few days, Xiao A received a notification that the transfer was successful, and the balance in his wallet App-ERC20-USDT worth 10 million U.S. dollars-was reduced to zero. Little A later realized that this App was fake, and he downloaded the phishing App in the advertising space. Little A found us under the introduction of a friend.
Focus on the victim
Little A is not the first victim to find us.
As the cryptocurrency continues to be hyped by the media, many passers-by have rushed into the cryptocurrency world without any foundation, and a series of fraudulent and stolen incidents have spawned. When more and more victims find us, we begin to pay attention to and collect information about related incidents.
According to the statistics collected by the victims contacted by SlowMist MistTrack, 61% of them were stolen by downloading fake wallet apps.
There are several ways to download the fake wallet App:
- Scammers send posters or links to users to induce users to download fake apps;
- Scammers can trick users into visiting fake official websites by buying advertising space and natural traffic from search engines;
- After obtaining the trust of the victim, the scammer sends a link to the victim to download the App, and encourages the victim to purchase cryptocurrency and transfer it to their wallet. The scammer keeps finding excuses to ask the victim to deposit more funds to withdraw the funds.
In the end, these victims never got their money back.
According to a victim’s report, the scammer first added as a friend through group chat, then became friends with the victim, and after gaining trust, he sent the so-called download link to the victim’s official website. Let’s compare the difference between official and phishing websites.
Swipe left and right to see more
Judging from the information provided by the victim, although the fake official website looks very realistic, there are always some flaws. For example, the name of the fake official website is actually called “im wallet”, and the downloading QR code can be seen everywhere on the fake official website. When the victim decides to download the App, scanning the QR code will take them to a webpage that imitates the app store. The page even has false comments to make the victim believe that the wallet App is legitimate.
The SlowMist AML team analyzed and studied the information provided by our victims. According to incomplete statistics, there are currently tens of thousands of victims whose assets have been stolen due to downloading fake apps, and the stolen amount is as high as 1.3 billion US dollars. This is only the statistics for the victims who found us, and only includes ETH , BTC , ERC20-USDT, TRX, TRC20-USDT.
The picture below shows information about the stolen wallet of the victim who found us in November and hoped that we could help.
One of the victims shared the TRON address (TDH…wrn) to which his stolen funds were transferred. The scammer’s address has currently received more than 258,571 TRC20-USDT.
SlowMist MistTrack tracked and analyzed the scammer’s address, and the results showed that a total of 14 people transferred funds to the address. It can be considered that 14 people are victims. At the same time, the transaction volume of each layer of the funds flowing into the address is very large, and the funds are split. After distribution, different Binance user addresses were flowed.
One Binance user address (TXJ…G8u) has received more than 609,969.299 TRC20-USDT, valued at more than 610,000 US dollars.
This is just one of the addresses. One can imagine the scale of this scam and how much money the scammer made from the victim.
There is another interesting point. When we were analyzing some scammer addresses (such as BTC address 32q…fia), we discovered that the funds of this address were transferred to malicious addresses associated with the extortion activities, through some channels. The query results show that such scams seem not only to commit crimes by gangs, but even show the characteristics of trans-provincial and transnational.
In addition, our analysis also shows that scammers usually transfer part of the funds to the trading platform after they succeed, and transfer another small amount of funds to a hacker address with a particularly large transaction volume to confuse the analysis.
At present, this kind of scam activity is not only active, but even has a trend of expanding its scope. Every day, new victims are deceived. As the weakest link in the security system, users should always be skeptical, enhance security awareness and risk awareness, and verify through official verification channels when necessary.
At the same time, if you need to use a wallet, please be sure to look for the official website of the following mainstream wallet apps:
Posted by:CoinYuppie，Reprinted with attribution to:https://coinyuppie.com/slowmist-fake-wallet-app-has-caused-tens-of-thousands-of-people-to-be-stolen-and-lose-up-to-1-3-billion-u-s-dollars/
Coinyuppie is an open information publishing platform, all information provided is not related to the views and positions of coinyuppie, and does not constitute any investment and financial advice. Users are expected to carefully screen and prevent risks.