Blockchain security firm SlowMist has revealed a new phishing attack involving a fake Skype app that aims to steal cryptocurrencies from victims.
The company disclosed that it received contact from one of the victims of the scam, a resident of China, who reported that his funds were stolen after downloading an application that appeared to be Skype. According to the company, in China, people are more vulnerable to this type of scam because they download apps directly from the web and not from an app store, which are unavailable in the region.
“Due to the inaccessibility of Google Play in China, many users often resort to searching and downloading apps directly from the Internet,” wrote SlowMist. “However, the types of fake apps available online are not just limited to wallets and exchanges. Social media apps like Telegram, WhatsApp and Skype are also heavily targeted.”
Fake Skype app steals cryptocurrencies
The fake Skype app is camouflaged as a legitimate video chat tool, but contains malicious code. This code monitors and uploads files and images from users’ devices in an attempt to capture sensitive information.
According to SlowMist, because people use Skype to transfer files and make calls, they are generally unaware of malicious activity. Thus, they allow attackers access to functions such as file uploads. Additionally, hackers can gain access to device information, user IDs, and phone numbers.
In practice, the fake Skype app scans incoming and outgoing messages to see if they contain Ethereum or Tron blockchain addresses. If they detect the presence of these addresses, hackers replace them with malicious addresses to siphon off cryptocurrencies.
According to the SlowMist team, one of the malicious Tron addresses received almost 200,000 USDT on November 8th alone. The team also identified an Ethereum address that received 7,800 USDT.
Lastly, the SlowMist team advised users to only use official app download channels and increase their security awareness to mitigate the risk of falling victim to such phishing attacks.