Fraudsters Target Cryptocurrency Scam Sites To Hijack Their Target Audience – Security Bitcoin News

Cryptocurrency scam sites are being targeted by other scammers to hijack their traffic and their potential earnings. A recently discovered threat actor, called Water Labbu, manipulates the users drawn to these pages as a source of income, and injects a malicious script as a tool to interact with the wallet which, depending on the funds, will be attacked.

Crypto scammers attack crypto scammers

The rise of the cryptocurrency ecosystem has led to interest in targeting investors through scam sites that use various resources that include Youtube streams to do so, as a recent report showed. Now scammers are taking advantage of other scammers through sophisticated scripting tools. A new type of threat actor, called Water Labbu, targets third-party crypto scam sites to use attracted users as targets for the attack as well.

The attack inserts a script on the cryptocurrency scam website, which is usually some kind of lending-liquidity supply site, which sends an authorization message to the user’s cryptocurrency wallet if he has more than a certain amount of cryptocurrency in his wallet. If the user approves the request, which is designed to look like a valid token allowance request from a Web3 site, the affected wallet will be drained of all USDT present.

This amounts to a twofold scam attack: Water Labbu steals the cryptocurrency from the targeted users and also uses the resources of the scam site, which has previously invested in multiple channels to attract the attention of these users.

Income and warnings to avoid this scam

Water Labbu has managed to infect 45 cryptocurrency scam websites according to a recent article from Trend Micro, a cybersecurity and antivirus firm. The company also determined that at least 9 addresses were victims of this scam, which allowed the attack to raise more than $300,000 in funds.

To avoid falling victim to this type of attack, users should follow the same best practice rules to avoid other similar cryptocurrency scams. Trend Micro explains that “users should be wary of invitations to invest from untrustworthy parties. Furthermore, they should not trade cryptocurrency funds on any unknown platform without thoroughly investigating its legitimacy, understanding what it does and how it works.”

Another way to avoid this type of fraud is to be very aware of the token approval limits and review each transaction to be signed by the cryptocurrency wallet being used.

What do you think about the cryptocurrency scam attack using other scam sites? Tell us in the comments section below.

Sergio Goschenko

Sergio is a cryptocurrency journalist based in Venezuela. He describes himself as late to the game, entering the cryptosphere when the price spike occurred during December 2017. He has a computer engineering background, lives in Venezuela and is influenced by the cryptocurrency boom on a social level, offering a different point of view on crypto success and how it helps the unbanked and underserved.

Image credit: Shutterstock, Pixabay, Wiki Commons