Bitrace warns of new crypto scam using QR codes
According to a social media post by blockchain analysis firm Bitrace, scanning the wrong QR code could drain users’ wallets.
Bitrace is warning of a new type of crypto scam “where theft is carried out through a payment QR code transfer test, essentially deceiving users into authorizing wallets.”
According to Bitrace, the scam follows a specific pattern. First, the scammer proposes that the user swap tokens over-the-counter (OTC) — through a wallet-to-wallet transfer rather than an exchange — and offers an exchange rate that beats the market.
They also offer a fee denominated in the Tron token, TRX, in exchange for long-term cooperation. To gain the user’s trust, they even make a small payment of Tether ( USDT ), a dollar-pegged stablecoin.
Related: Crypto exploits near $1.4B this year as hackers target CeFi: Report
That’s when the scammer asks the user to partake in a “small repayment test,” which purportedly involves returning the USDT by scanning a QR code. The QR code directs the user to a third-party website asking them to confirm the “test” transaction. Clicking “confirm” steals the user’s wallet authorization, Bitrace said.
According to Bitrace, at least 27 wallet holders appear to have been victimized, collectively losing around 120,000 in USDT. The attacks took place between July 11 and July 17 and the scammer used the same wallet in every instance.
According to Bittrace, the funds were then moved through five intermediary addresses and into three accounts with Cambodian crypto exchange Huione for laundering.
Cyberattacks are on the rise in 2024. According to cybersecurity firm Cyvers , the total volume of stolen crypto funds this year is approaching $1.4 billion.
Access control breaches — often in the form of phishing attacks — accounted for the overwhelming majority of stolen funds, around $490 million in the second quarter alone.
“A risk check on the counterparty’s address before the transaction is crucial,” Bitrace said, adding that the company is developing a “one-click risk check tool to help users identify potential risks associated with target addresses.”
Magazine: Crypto-Sec: Phishing scammer goes after Hedera users, address poisoner gets $70K
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
CryptoQuant CEO: Bitcoin has just entered the price discovery stage
Will the Rise in Bitcoin Continue After the Record? Analyst Said “Record Adjusted for Inflation Has Not Yet Come”, Shared His Expectation
Will the price increase continue after the recent records in Bitcoin? Analyst explained his views.
Controversial Company DWF Labs Buys This Altcoin, Price Increases More Than 90 Percent
Cryptocurrency company DWF Labs has made a large purchase of a surprise altcoin, according to onchain data.
Anticipated Cryptocurrency Project Finally Signals Altcoin Airdrop
The cryptocurrency platform with a trading volume of billions of dollars has finally signaled an altcoin airdrop.
Trending news
MoreCrypto prices
More
