Cryptocurrency fraud sites are targeted by other fraudsters to hijack their traffic and possible revenue. A recently detected threat actor named Water Labbu manipulates users drawn to these sites as a source of revenue and, depending on their funds, injects malicious scripts as tools to interact with the wallets being attacked.
Crypto Scammers are attacking Crypto Scammers
The rise of the cryptocurrency ecosystem has resulted in interest in targeting investors through scam sites using various resources including Youtube streams to do so, as a recent report showed. Now, fraudsters are using sophisticated scripting tools to take advantage of other fraudsters; a new breed of threat actor called Water Labbu is targeting third-party crypto scam sites and using the users they attract as targets for attacks as well.
The attack involves inserting a script into a cryptocurrency scam web page, typically a type of lending or liquidity page, that sends an authorization prompt to the user’s cryptocurrency wallet if the user has more than a certain amount of cryptocurrency in their wallet.Web3 Designed to look like a valid token supply request from the site, user approval of this request drains allfrom the affected wallet. USDTis present.
This is a double fraud attack; Water Labbu steals cryptocurrency from target users while also using the resources of a fraudulent site that has invested in several channels to attract the attention of these users.
Revenue and warnings to avoid this scam
According to a recentarticleby cybersecurity and antivirus firm Trend Micro, Water Labbu has successfully infected 45 cryptocurrency scam websites. The company also determined that at least nine addresses were victims of this scam, allowing the attack to siphon off more than $300,000.
To avoid becoming a victim of this type of attack, users should follow the same best practice rules to avoid other similar cryptocurrency scams. Trend Micro explains that “users should be wary of investment offers originating from untrustworthy parties. Furthermore, they should not trade cryptocurrency funds on unknown platforms without fully vetting their legitimacy and understanding what they do and how they operate,” it explains.
Another way to avoid this type of fraud is to be fully aware of token authorization restrictions and to verify all transactions signed by the cryptocurrency wallet being used.
Image credits: Shutterstock, Pixabay, Wiki Commons