The FBI warns that hackers use fake cryptocurrencies to defraud investors – TechCrunch
The FBI has issued a public warning about fake cryptocurrency investment apps after hackers claiming to be legitimate services stole tens of millions of dollars from US investors.
In a statement released on Monday, the law enforcement agency said hackers had posed as legitimate cryptocurrency investment organizations in an attempt to persuade investors to download fraudulent apps. After downloading the apps – which use names, logos and other identifying information about legitimate services – the victims were unable to withdraw money allegedly deposited in their accounts. When they tried to do so, they received notifications that they had to pay tax on their investments first. Even when they paid, the FBI said the funds remained locked.
The FBI says cybercriminals have used these apps with “increasing success” to defraud investors and estimates that approximately $ 42.7 million was stolen from 244 victims in an eight-month window between October 2021 and May 2022.
In one particular case, cybercriminals posed as employees of the company YiBit, a cryptocurrency exchange that went out of business in 2018. Using a fake app, criminals stole around $ 5.5 million from four different victims. In another, they posted as Supayos or Supay, the name of an Australian currency provider, to defraud two victims.
In another case, observed between December 2021 and May 2022, unidentified hackers took around $ 3.7 million from 28 people over six months by pretending to be representatives of a legitimate, unnamed financial entity.
The FBI advises investors to be cautious about installing investment apps from strangers, to verify that the company behind such apps is legitimate, and to treat apps with corrupted or limited functionality with skepticism.
Although the FBI did not name or attribute the hackers to a specific group or nation state, several US government agencies – including CISA and the FBI – have in recent months warned of North Korean hackers targeting cryptocurrency and blockchain companies with malicious crypto-app apps. . North Korea has long used operations that steal cryptocurrencies to fund its nuclear weapons program.
While cybercriminals have long relied on cryptocurrency as a means of economic recovery, they are increasingly turning their attention to cryptocurrencies and blockchain bridges, tools that enable users to transfer cryptocurrencies from one blockchain to another. Last month, hackers exploited a vulnerability to steal $ 100 million from Harmony’s Blockchain Bridge, an attack that has since been linked to the North Korean-backed Lazarus group.