A crypto scammer has stolen more than $15 million in bitcoin, ether, tether, and SHIB by cloning the user interface of popular Hong Kong-based crypto exchange HitBTC.
According to crypto compliance expert SlowMist, the scam, which has been running for nearly a year, tricks users into activating a phishing contract (“unlimited authorization for your $USDT”) before instructing them to deposit assets as normal.
Then, once the transaction is confirmed, the scammer drains the rest of the user’s wallet. The ruse operates exclusively on the Bitcoin, Tron, and Ethereum networks.
SlowMist also discovered that the perpetrator was impersonating more than HitBTC. Indeed, according to the firm’s research, they run similar sites that mirror numerous web3 tools, Dapps, and exchanges such as South Korean Coinone and former FTX subsidiary LedgerX.
Phishing attacks up 40% in a year
Sadly, phishing attacks like this show no sign of slowing. In fact, according to cybersecurity firm Kaspersky, their number grew by 40% between 2021 and 2022.
According to Kaspersky experts: “Despite some problems that have occurred in the cryptocurrency market over the past six months, in the minds of many people, crypto still remains a symbol of getting rich quick with minimal effort.
“Therefore, the flow of scammers parasitizing in this field does not dry out. In order to lure victims into their networks, these scammers continue to come up with new and more interesting stories.”