Fake investment portal exploits crypto wallets for $1.2M heist
A new crypto scam has emerged
A new crypto scam has emerged, leaving victims $1.2 million poorer after falling prey to fake investment offers.
The operation, uncovered by analysts at Whitestream, uses elements of social engineering, including confidence-building tactics and fraudulent promises of high returns, according to the Cryptopolitan.
The scam directed users to a site masquerading as an investment portal for “Seed Crypto.” Designed to appear legitimate, the site lured victims by explaining cryptocurrency in beginner-friendly terms and offering a vague but enticing investment opportunity.
To proceed, users were required to connect their crypto wallets via WalletConnect or Coinbase Wallet. Once access was granted, the attackers drained funds, transferring them to a single wallet before dispersing them to exchanges like HTX, Binance, and OKX.
Pig Butchering Tactics Evolve With Crypto
The scam mirrors “pig butchering” models, a term for schemes that gain a victim's trust before stealing assets. Originally linked to romance scams, these tactics now exploit the rising interest in cryptocurrency. Targeting newcomers unfamiliar with the risks, the scammers exploit wallet permissions—a process not yet adequately filtered by current wallet security protocols.
While the attacker’s wallet movements remain partially tracked, the regional nature of the operation highlights Southeast Asia as the hub. Cash-outs were conducted locally, although some funds were laundered through global exchanges.
Confidence scams like this have surged in recent years, with preliminary 2024 reports from Cyvers estimating $3.6 billion in losses globally. The use of stablecoins such as Tether (USDT) and USD Coin (USDC) facilitates these schemes, offering a relatively anonymous method for transferring and laundering funds.
Authorities, including the SEC and Interpol, have called for greater awareness and regulatory measures to combat such schemes. Both Tether and Circle have collaborated with law enforcement to freeze suspicious wallets, though preventing initial thefts remains a challenge.
Confidence scams remain a growing threat, underscoring the need for enhanced public education and stricter wallet security protocols.
Blockchain security experts at Scam Sniffer have recently exposed a scam using Google Ads to target cryptocurrency users. The scheme redirects users to a fake Pudgy Penguins NFT site, using malicious JavaScript to detect wallets and deceive victims.
