Renowned cryptocurrency exchange platform from Hong Kong, HitBTC, was attacked by phishing scammers, resulting in a con worth over $15 million. SlowMist, a blockchain security firm investigated the happening to find out that the scammers are widespread and impersonating sites like Coinone and LedgerX.
Key Highlights:
- For almost a year, a phishing site of HitBTC scammed users of $15 million worth of BTC, SHIB, ETH and USDT.
- The scam consists of users connecting wallets, adding funds and trading them which might seem normal but in reality, they were only giving access to their wallet.
- Apart from HitBTC, the scammer is found to be running other platforms too like Coinone and LedgerX.
- According to Kaspersky reports, such phishing attacks are on the rise, almost 40% higher than the 2021 to 2022 numbers.
- Fake trading sites like this use similar domain names and tools that replicate the looks of the original platform.
Phishing Attacker Replicates HitBTC to Scam Users
The scammers are believed to be experts at phishing and used four wallets to operate. After the wallets were identified, it was revealed that it has been under use since June 2023, a little less than a year. Some of the cryptos generally stolen by the scammer consist of Bitcoin (BTC), Shiba Inu (SHIB), Ethereum (ETH), Tether (USDT), and many more.
According to the investigations of SlowMist, users were lured onto these phishing sites via advertisements. Once they hit “Approve” to connect their wallets for trading, doing so might seem unharming as it is a common practice for cryptocurrency traders. However, here, users are actually approving an undisclosed contract authorizing unlimited transactions of Tether (USDT).
Once the first attack is made, users are taken to the next step of depositing assets; again, a common step for crypto trading. Finding the difference is quite challenging even for an informed individual but even though it looks exactly the same, not all assets are available for deposit. You can only use BTC, ETH, and Tron (TRX), which can be a giveaway if you are familiar with cryptocurrency trading platforms.
The scam comes to an end when users attempt to trade, and while they do so in hopes of some gain, the scammer is emptying their wallet. In this case, HitBTC was cloned, and if you tried to trade here, your funds will start vanishing right after you click “Approve.”
Identifying a phishing scam is quite challenging, but recently, HitBTC themselves published an article talking about how to know and avoid such scams.
Phishing Attacks on a 40% Rise
Compared to the numbers from 2021-2022, phishing scams have made a staggering increase in less than a year. Kaspersky reports suggest so, and even stated:
“… in the minds of many people, crypto still remains a symbol of getting rich quick with minimal effort. Therefore, the flow of scammers… does not dry out.”
Fraudulent websites such as the recent finding use replicated versions of popular Web3 tools and decentralized apps (dApps) making it harder for you to identify. Moreover, they target users who are fairly new and do not have much experience trading cryptocurrencies.