Bitrace warns of new crypto scam using QR codes
According to a social media post by blockchain analysis firm Bitrace, scanning the wrong QR code could drain users’ wallets.
Bitrace is warning of a new type of crypto scam “where theft is carried out through a payment QR code transfer test, essentially deceiving users into authorizing wallets.”
According to Bitrace, the scam follows a specific pattern. First, the scammer proposes that the user swap tokens over-the-counter (OTC) — through a wallet-to-wallet transfer rather than an exchange — and offers an exchange rate that beats the market.
The USDT was funneled through five addresses and into accounts with the crypto exchange Huione. Source: BitraceThey also offer a fee denominated in the Tron token, TRX, in exchange for long-term cooperation. To gain the user’s trust, they even make a small payment of Tether ( USDT ), a dollar-pegged stablecoin.
Related: Crypto exploits near $1.4B this year as hackers target CeFi: Report
That’s when the scammer asks the user to partake in a “small repayment test,” which purportedly involves returning the USDT by scanning a QR code. The QR code directs the user to a third-party website asking them to confirm the “test” transaction. Clicking “confirm” steals the user’s wallet authorization, Bitrace said.
According to Bitrace, at least 27 wallet holders appear to have been victimized, collectively losing around 120,000 in USDT. The attacks took place between July 11 and July 17 and the scammer used the same wallet in every instance.
According to Bittrace, the funds were then moved through five intermediary addresses and into three accounts with Cambodian crypto exchange Huione for laundering.
Cyberattacks are on the rise in 2024. According to cybersecurity firm Cyvers , the total volume of stolen crypto funds this year is approaching $1.4 billion.
Access control breaches — often in the form of phishing attacks — accounted for the overwhelming majority of stolen funds, around $490 million in the second quarter alone.
“A risk check on the counterparty’s address before the transaction is crucial,” Bitrace said, adding that the company is developing a “one-click risk check tool to help users identify potential risks associated with target addresses.”
Magazine: Crypto-Sec: Phishing scammer goes after Hedera users, address poisoner gets $70K
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
Bitget has completed the mainnet integration of World Chain
Bitget has now completed the mainnet integration of World Chain and opened the WLD-World Chain deposit service. Please find your assigned token deposit address here. Please note: • Any translation into other languages shall be deemed as reference and the English version shall prevail in any case. D
Dialogue with Mysten Labs Co-founder: From technological innovation to ecological layout, how did we become the first public chain of MOVE?
Attracting outstanding developers to build successful projects on SUI will be an important factor in promoting the development of SUI.
Musk posted a picture with a Shiba Inu image and the word DOGE