Subscribe to our Telegram channel

Hackers from China have developed a fake Skype app to steal cryptocurrency

4:34 pm, November 14, 2023

Cybercriminals from China are taking advantage of the country’s ban on international apps. It is this ban that forces many users to download foreign messengers, including Telegram, WhatsApp, and Skype, through unofficial platforms.

The version of the fake Skype found by SlowMist analysts is 8.87.0.403. The latest official version of the app is actually 8.107.0.215. It is noteworthy that until November 23, 2022, the phishing internal domain «bn-download3.com», where the attackers hosted a fake video chat, impersonated the largest cryptocurrency exchange Binance.

The report states that the hackers introduced malware that modified a popular Android networking framework called okhttp3. With the help of the malicious framework, the attackers gained access to internal files and images of the user, device data, phone number, and other information. This allowed fraudsters to track messages with address strings similar to TRON (TRX) and Ethereum (ETH). When detected, the malware would replace them with hackers' wallets, where users' funds were transferred.

The SlowMist team found that about 200 thousand USDT were transferred to one of the malicious addresses in the TRON network. The last of 110 transactions was made on November 8.

Experts also came across an address in the Ethereum network. In 10 transactions, the crypto wallet received 7.8 thousand USDT. The funds were transferred using the BitKeep swap service, and the transfer fee was received from the OKX cryptocurrency exchange.

SlowMist noted that the phishing app is no longer working.

Subscribe to our Telegram channel

BTC

$95,900.68

-0.35%

ETH

$3,313.06

-0.49%

BNB

$673.90

1.88%

XRP

$2.21

-0.84%

SOL

$186.08

1.22%

All courses
Subscribe to our
Telegram channel!
The latest news and reviews of the cryptocurrency markets of the last
day right in your messenger. We are waiting for you!
GO TO
Show more