SlowMist Exposes Crypto Fund Theft Linked to Fake Skype App Security Breach

Share this article

• 
• 
• 
• 
• 

by Nik Asti

Published: November 12, 2023 at 11:06 pm Updated: November 12, 2023 at 11:06 pm

by Victor Dey

Edited and fact-checked: November 12, 2023 at 11:06 pm

To improve your local-language experience, sometimes we employ an auto-translation plugin. Please note auto-translation may not be accurate, so read original article for precise information.

SlowMist, a blockchain security firm, has disclosed a sophisticated phishing scam involving a fake Skype app that led to the theft of significant crypto funds.

The incident highlights the increasing frequency and complexity of phishing attacks in the Web3 world, particularly targeting popular social media applications like Skype, Telegram, and WhatsApp.

The SlowMist Security Team began investigating after a victim reported funds stolen via a counterfeit Skype app downloaded from the internet. Upon analysis, the team found that the app’s simple signature indicated a likely Chinese origin.

The phishing app, using a version inconsistent with the official Skype release, was designed to perform malicious operations by modifying a common Android network framework, okhttp3.

New SlowMist Investigation Report:

Fake Skype App Phishing Analysis

Our latest report exposes how a fake Skype app led to the theft of stolen funds in the Web3 sphere.

Dive into our investigation for more insights on this scam and how you can stay protected!…

— SlowMist (@SlowMist_Team) November 12, 2023

Modus Operandi of the Phishing Attack

The malicious app initially collected images from the device and kept an eye out for new ones. It then uploaded these images to a phishing backend. Significantly, the backend domain ‘bn-download3.com’ had once impersonated the Binance exchange.

This suggests that the same group was responsible for this and previous phishing attempts.This fake Skype app manipulated network traffic to replace legitimate crypto wallet addresses with malicious ones controlled by the attackers.

SlowMist’s investigation linked the phishing operation to a prior fake Binance app. This connection suggests a pattern of repeated offenses by the same group. The analysis revealed that the scam’s addresses had received substantial USDT amounts. Most of these funds had already been transferred out.

About SlowMist

The incident underscores the importance of downloading apps only from official channels to avoid such scams. SlowMist’s revelation of this phishing technique emphasizes the need for heightened security awareness in the blockchain community.

Established in January 2018, SlowMist is a renowned blockchain security firm with a decade of network security experience. They offer a range of services, including security audits, threat information, and defense deployment. With partnerships across the globe, SlowMist aims to bolster blockchain ecosystem security.

About The Author

Nik is an accomplished analyst and writer at Metaverse Post, specializing in delivering cutting-edge insights into the fast-paced world of technology, with a particular emphasis on AI/ML, XR, VR, on-chain analytics, and blockchain development. His articles engage and inform a diverse audience, helping them stay ahead of the technological curve. Possessing a Master's degree in Economics and Management, Nik has a solid grasp of the nuances of the business world and its intersection with emergent technologies.

More articles

Nik Asti

• 

Nik Asti

Nik is an accomplished analyst and writer at Metaverse Post, specializing in delivering cutting-edge insights into the fast-paced world of technology, with a particular emphasis on AI/ML, XR, VR, on-chain analytics, and blockchain development. His articles engage and inform a diverse audience, helping them stay ahead of the technological curve. Possessing a Master's degree in Economics and Management, Nik has a solid grasp of the nuances of the business world and its intersection with emergent technologies.

• 

More articles