Home / News / Chinese Hackers Fake Skype App Drains User’s Crypto

Chinese Hackers Fake Skype App Drains User’s Crypto

SlowMist exposes a major crypto phishing Skype scam with 100 fraudulent wallet addresses siphoning off hundreds of thousands of dollars.
By Kelvin Munene Murithi
Pink Drainer Shuts Down After $75M Crypto Theft, Attacking 20K Victims

SlowMist, a firm in crypto security analytics, has recently unveiled a new phishing scam targeting cryptocurrency enthusiasts. This scheme, masterminded by a group of Chinese hackers, ingeniously leverages China’s ban on several international applications. This prohibition has led many in mainland China to search for these apps on third-party platforms, presenting a perfect opportunity for scammers.

The hackers’ strategy focused on popular social media apps like Telegram, WhatsApp, and Skype, which are highly sought after by Chinese internet users. They devised a counterfeit version of Skype, skillfully designed to trap victims and steal their cryptocurrency holdings.

Advertisement
Advertisement

Fake Skype App’s Mechanics

The counterfeit Skype app, falsely claiming to be version 8.87.0.403, stood in contrast to the latest version, 8.107.0.215. The first report of its malicious nature came from a user who lost significant money. Further analysis revealed that the app’s signature had been altered to include malware targeting cryptocurrency wallets.

Central to the scam was manipulating okhttp3, an Android network framework commonly used. The hackers modified this framework to covertly monitor and upload various data types from the victim’s device, including images, user IDs, and phone numbers. More importantly, it targeted information related to cryptocurrency wallets.

The app was programmed to identify and replace crypto wallet addresses found in images and messages with addresses owned by the scammers. This move enabled them to redirect funds for legitimate transactions to their wallets.

Advertisement
Advertisement

Countermeasures and User Safety

The investigation led by SlowMist uncovered over 100 wallet addresses linked to this phishing operation. These addresses were involved in transactions amounting to around 192,856 USDT on the TRON chain and 7,800 USDT on the ETH chain. These addresses have now been blacklisted to prevent further fraudulent activities.

Read Also: Singapore Police Warn of Rising WhatsApp Phishing Scams

Advertisement
Kelvin Munene Murithi
Kelvin Munene is a crypto and finance journalist with over 5 years of experience, offering in-depth market analysis and expert commentary . With a Bachelor's degree in Journalism and Actuarial Science from Mount Kenya University, Kelvin is known for his meticulous research and strong writing skills, particularly in cryptocurrency, blockchain, and financial markets. His work has been featured across top industry publications such as Coingape, Cryptobasic, MetaNews, Cryptotimes, Coinedition, TheCoinrepublic, Cryptotale, and Analytics Insight among others, where he consistently provides timely updates and insightful content. Kelvin’s focus lies in uncovering emerging trends in the crypto space, delivering factual and data-driven analyses that help readers make informed decisions. His expertise extends across market cycles, technological innovations, and regulatory shifts that shape the crypto landscape. Beyond his professional achievements, Kelvin has a passion for chess, traveling, and exploring new adventures.
Why trust CoinGape: CoinGape has covered the cryptocurrency industry since 2017, aiming to provide informative insights to our readers. Our journalists and analysts bring years of experience in market analysis and blockchain technology to ensure factual accuracy and balanced reporting. By following our Editorial Policy, our writers verify every source, fact-check each story, rely on reputable sources, and attribute quotes and media correctly. We also follow a rigorous Review Methodology when evaluating exchanges and tools. From emerging blockchain projects and coin launches to industry events and technical developments, we cover all facets of the digital asset space with unwavering commitment to timely, relevant information.
Investment disclaimer: The content reflects the author’s personal views and current market conditions. Please conduct your own research before investing in cryptocurrencies, as neither the author nor the publication is responsible for any financial losses.
Ad Disclosure: This site may feature sponsored content and affiliate links. All advertisements are clearly labeled, and ad partners have no influence over our editorial content.

Premium Partners

image
Bitget

Sign Up
image
Mexc

Sign Up
image
PepeDollar

Join Presale

image
WinnerMining

Sign Up
image
Tapzi

Join Presale

  • LATEST
  • TRENDING
BlackRock Dumps Ethereum, Buys $366M in Bitcoin
GEMI Stock Rises Over 20% Following Gemini’s Debut on Nasdaq
Shiba Inu DEX ShibaSwap Releases New Upgrade To Strengthen SHIB Ecosystem
REX-Osprey Solana Staking ETF’s AUM Hits New High Amid SOL Rally
Breaking: Tether To Launch US-Based Stablecoin USAT With Bo Hines As CEO
Tether Co-Founder’s STBL Token to List on Binance Alpha in DeFi-RWA Fusion: Details
Crypto Market Update: Why is SOL, BNB, DOGE Price Soaring High Today?
Why Arthur Hayes Is Doubling Down on ENA $1M Surge
Airdrop Sell-Off Sends Linea Token Crashing Nearly 85% in 24 Hours: What to Know?
Who Are the Biggest Crypto Whales? Arkham’s $1.6 Trillion Rich List Revealed