At Crypto Snapshot, we empower you to navigate the dynamic world of cryptocurrency with confidence and precision. Whether you’re a seasoned trader or a crypto novice, our comprehensive suite of tools and resources is designed to help you make informed decisions and maximize your investment potential.

Explore the full potential of your crypto investments with Crypto Snapshot. Our tools are designed to provide you with the knowledge, insights, and strategies you need to succeed in the dynamic world of cryptocurrency. Start using our tools today and take control of your financial future.

 

 

SlowMist Exposes Scam Using Malicious RPC Node Modifications

SlowMist, in collaboration with imToken, has uncovered a new breed of cryptocurrency scam that targets users in physical offline transactions, utilizing USDT as the mode of payment.

This fraudulent scheme operates by tampering with Ethereum node Remote Procedure Calls (RPC) to defraud unsuspecting victims.

Scammer’s Strategy

Initially, the scammer persuades the target to download the legitimate imToken wallet and fosters trust by transferring 1 USDT and a small amount of ETH as bait.

Subsequently, the scammer instructs the user to redirect their ETH RPC URL to a node controlled by the former, particularly using the modified node. Through this manipulation, the bad actor then falsifies the user’s USDT balance to make it seem as though funds have been deposited.

However, when the user attempts to transfer out the USDT, they discover they’ve already been deceived. But, by then, the scammer has disappeared without a trace, according to SlowMist’s findings.

The blockchain security firm also revealed that Tenderly’s Fork feature is not only capable of modifying balances but also contract information thereby posing an even graver threat to users.

As such, understanding RPC is crucial in comprehending the mechanism of such scams, SlowMist observed. RPC serves as a medium to interact with blockchain networks, enabling users to perform various actions such as checking balances and creating transactions. Typically, wallets connect to secure nodes by default, but connecting to untrusted nodes can lead to malicious modifications, resulting in financial losses.

Suspect Address Flagged for Pig Butchering Scam

Further analysis by MistTrack revealed the depth of the scam’s operations. Investigation into a known victim’s wallet address (0x9a7…Ce4) shows that they received 1 USDT and 0.002 ETH from another address (0x4df…54b).

This address, in turn, has transferred 1 USDT to multiple addresses, indicating repeated fraudulent activities. These addresses are flagged as “Pig Butchering Scammers” by MistTrack, and are associated with various trading platforms, and implicated in multiple scam incidents.

The post SlowMist Exposes Scam Using Malicious RPC Node Modifications appeared first on CryptoPotato.

Powered by WPeMatico