Kaspersky Lab spoke about a new online cryptocurrency fraud scheme based on the greed of users who want to “earn money” from someone else’s ignorance.
In the comments under a YouTube video dedicated to financial topics, attackers post a request for advice on completing a transaction under the guise of an inexperienced user, who, seemingly unknowingly, publishes a real seed phrase for access to a crypto-wallet with Tether USD (USDT) tokens. The bet is that an unscrupulous user will try to take advantage of the newcomer’s mistake and “steal” someone else’s currency using a seed phrase.
It seems that everything is simple: there is a seed phrase and there is a crypto wallet with tokens. And the trap is that after gaining access to the wallet using a seed phrase, it turns out that in order to withdraw USDT, you need to pay a commission in TRX (Tron) tokens, which are not in the wallet.
And if the user decides to pay the commission from his personal wallet, these funds are instantly redirected to another wallet controlled by scammers. The decoy wallet is configured as a multisig account and requires additional permissions to authorize transactions. Therefore, even if the user gains access to the wallet after paying the “fee,” attempts to transfer tokens from it to their wallet are doomed to failure.
“In this scheme, scammers rely on people’s desire to make quick money.” As a result, the users themselves fall into the trap,” noted Olga Svistunova, senior content analyst at Kaspersky Lab. In this regard, the company urges users to be vigilant and adhere to ethical principles when working with cryptocurrencies, as well as when conducting any financial transactions on the Internet.
If you notice an error, select it with the mouse and press CTRL+ENTER.