Chinese Hackers Fake Skype App Drains User’s Crypto

SlowMist, a firm in crypto security analytics, has recently unveiled a new phishing scam targeting cryptocurrency enthusiasts. This scheme, masterminded by a group of Chinese hackers, ingeniously leverages China’s ban on several international applications. This prohibition has led many in mainland China to search for these apps on third-party platforms, presenting a perfect opportunity for scammers.
The hackers’ strategy focused on popular social media apps like Telegram, WhatsApp, and Skype, which are highly sought after by Chinese internet users. They devised a counterfeit version of Skype, skillfully designed to trap victims and steal their cryptocurrency holdings.
Fake Skype App’s Mechanics
The counterfeit Skype app, falsely claiming to be version 8.87.0.403, stood in contrast to the latest version, 8.107.0.215. The first report of its malicious nature came from a user who lost significant money. Further analysis revealed that the app’s signature had been altered to include malware targeting cryptocurrency wallets.
Central to the scam was manipulating okhttp3, an Android network framework commonly used. The hackers modified this framework to covertly monitor and upload various data types from the victim’s device, including images, user IDs, and phone numbers. More importantly, it targeted information related to cryptocurrency wallets.
The app was programmed to identify and replace crypto wallet addresses found in images and messages with addresses owned by the scammers. This move enabled them to redirect funds for legitimate transactions to their wallets.
Countermeasures and User Safety
The investigation led by SlowMist uncovered over 100 wallet addresses linked to this phishing operation. These addresses were involved in transactions amounting to around 192,856 USDT on the TRON chain and 7,800 USDT on the ETH chain. These addresses have now been blacklisted to prevent further fraudulent activities.
Read Also: Singapore Police Warn of Rising WhatsApp Phishing Scams
- Canary Litecoin ETF Delayed Due to Government Shutdown, What’s Next?
- VanEck Registers Lido Staked Ethereum Trust in Delaware, LDO Up 7%
- Fed’s Lorie Logan Urges Caution on Further Rate Cuts Citing Inflation Risks
- Nasdaq-Listed Fitell Adds Pump.fun’s PUMP To Supplement Solana Treasury
- FG Nexus to Tokenize Stock on Ethereum as SEC Weighs 24/7 Onchain Stock Trading
- Pi Network Price at Risk of Another Crash as Mysterious Whale Stops Buying
- Solana Price Eyes $360 After Bullish Retest As VisionSys AI Deploys $2B Treasury Strategy
- Cardano Price Forecast As Hashdex Listing Fuels Optimism For $1.27 Breakout
- BONK Price Rally Ahead? Open Interest Jumps as TD Buy Signal Flashes
- Shiba Inu Price to Surge as Whales Buy and Team Commits to Shibarium Growth
- XRP Price Prediction After Ripple CTO David Schwartz Resigns