Key takeaways:
- The blockchain analysis company Bitrace said on social media that if you scan the incorrect QR code, it might empty your wallet.ย
- The fraudster then requests the user to participate in a โsmall repayment test,โ which supposedly entails scanning a QR code to refund the USDT.
The blockchain analysis company Bitrace said on social media that if you scan the incorrect QR code, it might empty your wallet.
Bitrace has issued a warning about a new kind of crypto scam in which users are tricked into authorizing wallets by using a payment QR code transfer test.
Bitrace claims that the scam adheres to a particular pattern. Initially, the con artist suggests that the customer exchange tokens directly between wallets instead of using an exchange, and they even offer a better exchange rate than the competition.
Additionally, they provide a remuneration in Tron’s TRX token in return for extended collaboration. They even provide the consumer a tiny reward in USDT, a stablecoin based on the dollar, in an effort to win their trust.
The fraudster then requests the user to participate in a โsmall repayment test,โ which supposedly entails scanning a QR code to refund the USDT. The user is directed to a third-party website by the QR code, where they are requested to confirm the “test” transaction. Bitrace said that by selecting “confirm,” the user’s wallet authorization is stolen.
At least 27 wallet owners appear to have been victims, losing almost $120,000 in USDT in total, according to Bitrace. The con artist utilized the same wallet for each attack, which happened between July 11 and July 17.
According to Bitrace, the funds were subsequently transferred through five intermediate addresses and into three accounts with the Huione crypto exchange in Cambodia to be laundered.
By 2024, cyberattacks will have increased. Cybersecurity company Cyvers estimates that this year’s total amount of crypto funds stolen is close to $1.4 billion.
The vast bulk of money that were taken, around $490 million in the second quarter alone, were the result of access control breaches, which frequently took the form of phishing attempts. Bitrace stated:
โA risk check on the counterpartyโs address before the transaction is crucial,โ
WazirX, an Indian crypto exchange, intends to reimburse all platform users for their balances after a startling $235 million heist on July 18. The site announced on August 8 that all trades made after withdrawals were stopped on July 18 will be undone, guaranteeing that user portfolios go back to how they were before the incident.