Attackers stole more than $15 million in Bitcoin, Ethereum, USDT and other cryptocurrencies through a fake website of the HitBTC exchange, SlowMist experts found out.
The company's specialists noted that the phishing site uses three methods of stealing cryptocurrencies from users:
- if the wallet connection is approved, scammers get unlimited access to USDT assets;
- similar to a real exchange, the site offers to make a deposit to the address of fraudsters (the function supports BTC, ETH and TRON);
- as in many similar cases, the digital signature field appears automatically, and when the "Confirm" button is pressed, the victim loses all assets in Ethereum.
The last method was used by unknown people who launched a phishing advertising campaign of crypto projects like Lido, DeFi Llama and Zapper on the Google search engine, with which stole more than $6 million.
We will remind, according to CertiK analysts, in April users lost more than $100 million due to the actions of criminals.
To always be aware of the most important things, read us at Telegram
