SlowMist, a blockchain security company, recently revealed about a new phishing attack related to a fake Skype app that aimed to steal crypto funds from a victim.
SlowMist was contacted by the victim, who stated that his funds were stolen after downloading a supposed Skype app. “First, we analyzed the subscription information from the fake Skype app. Often, the signature information of a fake app contains anomalies and differs significantly from that of a genuine app,” he wrote in a report.
The text highlighted the falseness of the application reported by the victim:
“We noticed that the subscription information of this fake app is quite simple, almost empty, and both the owner and the publisher are labeled as ‘CN’. Based on this information, we preliminarily deduce that the phishing production gang is likely Chinese. Furthermore, from the certificate’s effective date of September 11, 2023, we infer that this application was not created very long ago. Further analysis revealed that the fake app uses version 22.214.171.1243, while the latest version of Skype is 126.96.36.199.
SlowMist used a Baidu search, where it found multiple sources of the same fake version of Skype, with consistent subscription information that was provided by the victim, according to the team.
Additionally, the platform also discovered that the phishing domain linked to the alleged app initially posed as the cryptocurrency exchange Binance.
Using asset mapping platform Weibu, the phishing backend domain ‘bn-download3.com’ was discovered to have impersonated the Binance exchange on November 23, 2022. Only on May 23, 2023 did it begin impersonating via a Skype backend domain.”
The views and opinions expressed by the author, or anyone mentioned in this article, are for informational purposes only and do not constitute financial, investment or other advice. Investing or trading cryptocurrencies carries a risk of financial loss.