FBI warns of fake cryptocurrency apps that steal millions from investors — The Hacker News


The US Federal Bureau of Investigation (FBI) has warned against cybercriminals building fraudulent cryptocurrency-themed apps to defraud investors in the virtual asset space.

“The FBI has observed cybercriminals contacting US investors, fraudulently claiming to offer legitimate cryptocurrency investment services, and convincing investors to download fraudulent mobile apps, which the cybercriminals have used with increasing success over time. to defraud the investors of their cryptocurrency,” the agency said [PDF].

The illegal scheme, which aims to capitalize on increased interest in the crypto sector, is expected to have cost 244 victims, with losses estimated at $42.7 million between October 4, 2021 and May 13, 2022.

According to the law enforcement authority, threat actors misuse the names, logos and other identifying information of legitimate companies to create fake websites in an attempt to lure potential investors.

In three cases highlighted by the FBI, the scammers disguised themselves as an American financial company and companies called YiBit and Supayos (aka Supay) to defraud 34 victims of approximately $10 million by tricking the individuals into downloading fake crypto wallet apps designed to loot the digital funds deposited in the accounts.

“Financial institutions should warn their customers about this activity and inform customers if they offer cryptocurrency services,” the FBI warned, urging investors to be on the lookout for unsolicited requests to download investment apps from untrusted sources.