Bitrace warns of new crypto scam using QR codes
According to a social media post by blockchain analysis firm Bitrace, scanning the wrong QR code could drain your wallet.
Bitrace is warning of a new type of crypto scam “where theft is carried out through a payment QR code transfer test, essentially deceiving users into authorizing wallets.”
According to Bitrace, the scam follows a specific pattern . First, the scammer proposes that the user swap tokens over-the-counter — through a wallet-to-wallet transfer rather than an exchange — and offers an exchange rate that beats the market.
They also offer a fee denominated in Tron’s TRX ( TRX ) token in exchange for long-term cooperation. To gain the user’s trust, they even make a small payment of USDT ( USDT ), a dollar-pegged stablecoin.
Related: Crypto exploits near $1.4B this year as hackers target CeFi: Report
That’s when the scammer asks the user to partake in a “small repayment test,” which purportedly involves returning the USDT by scanning a QR code. The QR code directs the user to a third-party website asking them to confirm the “test” transaction. Clicking “confirm” steals the user’s wallet authorization, Bitrace said.
According to Bitrace, at least 27 wallet holders appear to have been victimized, collectively losing around $120,000 in USDT. The attacks took place between July 11 and July 17, and the scammer used the same wallet in every instance.
According to Bittrace, the funds were then moved through five intermediary addresses and into three accounts with Cambodian crypto exchange Huione for laundering.
Cyberattacks are on the rise in 2024. According to cybersecurity firm Cyvers , the total volume of stolen crypto funds this year is approaching $1.4 billion.
Access control breaches — often in the form of phishing attacks — accounted for the overwhelming majority of stolen funds, around $490 million in the second quarter alone.
“A risk check on the counterparty’s address before the transaction is crucial,” Bitrace said, adding that the company is developing a “one-click risk check tool to help users identify potential risks associated with target addresses.”
Magazine: Crypto-Sec: Phishing scammer goes after Hedera users, address poisoner gets $70K
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
Strive Pushes Intuit to Add Bitcoin to Treasury
Strive urges Intuit to hold Bitcoin in its treasury to hedge against AI-driven disruption risks.Bitcoin as a Hedge Against AI Disruption?Why Bitcoin, and Why Now?BTC in the Boardroom
JP Morgan Predicts Imminent Interest Rate Cuts
JP Morgan forecasts upcoming rate cuts, signaling a major shift in U.S. economic policy that could impact markets and crypto alike.JP Morgan Signals Upcoming Interest Rate CutsWhy Rate Cuts Matter for MarketsCrypto Could See Renewed Interest
Raydium launches Launch Lab, a token issuance platform
Mobee Partners with ATT Global to Launch Exclusive IEO Platform
Trending news
MoreCrypto prices
More
