Kaspersky Lab experts have identified a new online cryptocurrency fraud scheme. Attackers use real seed phrases from crypto wallets with Tether USD (USDT) tokens, posting them in comments under YouTube videos. The scammers hope that unscrupulous users will try to use this to withdraw other people's funds.
Seed phrases are published in comments under YouTube videos dedicated to financial topics. The comments are published on behalf of a supposedly naive user who, unaware of basic security measures, has posted confidential data from their crypto wallet in the public domain to receive advice. The crypto wallet, the seed phrase for which is publicly available, contains USDT (Tether) tokens. As a rule, the seed phrase is enough to gain access to the funds in the wallet, and unscrupulous users, attracted by the prospect of easy money, may try to empty someone else's wallet. Additionally, people are tempted by the fact that the seed phrase is real, and they can see the USDT balance and transaction history. When a user tries to access the wallet using the seed phrase, they are faced with the need to pay a fee in TRX (Tron) tokens, which are not in the wallet. If the user transfers TRX from their personal wallet to pay this “fee”, the funds are immediately redirected to another wallet controlled by scammers. The decoy wallet is set up as a multi-signature account (multisig), which requires additional permissions to perform any transactions. Therefore, even after paying the fee, it becomes impossible to transfer funds. Experts point out that such schemes are based on people's desire to make money quickly. As a result, users themselves become victims of scammers. To avoid such traps, experts recommend a critical and ethical approach to any opportunities to obtain cryptocurrency, using only trusted crypto wallets and exchange sites, and installing reliable security software. This helps prevent the transition to phishing sites and the launch of malware, which is especially important in the context of the growth of such threats. @ SecurityLab
Seed phrases are published in comments under YouTube videos dedicated to financial topics. The comments are published on behalf of a supposedly naive user who, unaware of basic security measures, has posted confidential data from their crypto wallet in the public domain to receive advice. The crypto wallet, the seed phrase for which is publicly available, contains USDT (Tether) tokens. As a rule, the seed phrase is enough to gain access to the funds in the wallet, and unscrupulous users, attracted by the prospect of easy money, may try to empty someone else's wallet. Additionally, people are tempted by the fact that the seed phrase is real, and they can see the USDT balance and transaction history. When a user tries to access the wallet using the seed phrase, they are faced with the need to pay a fee in TRX (Tron) tokens, which are not in the wallet. If the user transfers TRX from their personal wallet to pay this “fee”, the funds are immediately redirected to another wallet controlled by scammers. The decoy wallet is set up as a multi-signature account (multisig), which requires additional permissions to perform any transactions. Therefore, even after paying the fee, it becomes impossible to transfer funds. Experts point out that such schemes are based on people's desire to make money quickly. As a result, users themselves become victims of scammers. To avoid such traps, experts recommend a critical and ethical approach to any opportunities to obtain cryptocurrency, using only trusted crypto wallets and exchange sites, and installing reliable security software. This helps prevent the transition to phishing sites and the launch of malware, which is especially important in the context of the growth of such threats. @ SecurityLab